Google Git
Sign in
apache/servicecomb-fence/2f68b2e415485434c56e9b2249828d63e2b248c4^!/.
commit
2f68b2e415485434c56e9b2249828d63e2b248c4
[log]
author
liubao <bismy@qq.com>
Wed Jul 10 09:45:51 2019 +0800
committer
bao liu <bismy@qq.com>
Fri Jul 12 09:35:24 2019 +0800
tree
e688b37719db62c01f4f87888f09d96be1258615
parent
0ca8990c7c28c5eac8adc9247629874f067b20ea [diff]
[SCB-1365]add database implementations for OpenIDStore

diff --git a/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/GithubTokenGranter.java b/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/GithubTokenGranter.java
index 2840840..d8ed4ac 100644
--- a/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/GithubTokenGranter.java
+++ b/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/GithubTokenGranter.java

@@ -73,7 +73,7 @@
   }
 
   @Override
-  public TokenResponse grant(String code, String state, String login) {
+  public OpenIDToken grant(String code, String state, String login) {
     GithubAccessTokenResponse response = null;
     try {
       HttpHeaders headers = new HttpHeaders();
@@ -107,7 +107,7 @@
           response);
 
       openIDTokenStore.saveToken(openIDToken);
-      return TokenResponse.fromOpenIDToken(openIDToken);
+      return openIDToken;
     } catch (UsernameNotFoundException e) {
       return null;
     }

diff --git a/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/PasswordTokenGranter.java b/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/PasswordTokenGranter.java
index bb32d48..5740bc0 100644
--- a/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/PasswordTokenGranter.java
+++ b/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/PasswordTokenGranter.java

@@ -48,7 +48,7 @@
   private AbstractOpenIDTokenStore openIDTokenStore;
 
   @Override
-  public TokenResponse grant(Map<String, String> parameters) {
+  public OpenIDToken grant(Map<String, String> parameters) {
     String username = parameters.get(AuthenticationServerConstants.PARAM_USERNAME);
     String password = parameters.get(AuthenticationServerConstants.PARAM_PASSWORD);
 
@@ -61,7 +61,7 @@
       if (passwordEncoder.matches(password, userDetails.getPassword())) {
         OpenIDToken openIDToken = openIDTokenStore.createToken(userDetails);
         openIDTokenStore.saveToken(openIDToken);
-        return TokenResponse.fromOpenIDToken(openIDToken);
+        return openIDToken;
       } else {
         return null;
       }

diff --git a/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/RefreshTokenTokenGranter.java b/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/RefreshTokenTokenGranter.java
index a18bd2d..9204dc3 100644
--- a/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/RefreshTokenTokenGranter.java
+++ b/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/RefreshTokenTokenGranter.java

@@ -55,7 +55,7 @@
   }
 
   @Override
-  public TokenResponse grant(Map<String, String> parameters) {
+  public OpenIDToken grant(Map<String, String> parameters) {
     String refreshTokenValue = parameters.get(AuthenticationServerConstants.PARAM_REFRESH_TOKEN);
 
     if (StringUtils.isEmpty(refreshTokenValue)) {
@@ -65,10 +65,10 @@
     Token refreshToken = openIDTokenStore.readTokenByRefreshTokenValue(refreshTokenValue);
 
     if (refreshToken != null && !refreshToken.isExpired()) {
-      UserDetails userDetails = userDetailsService.loadUserByUsername(refreshToken.username());
+      UserDetails userDetails = userDetailsService.loadUserByUsername(refreshToken.getUsername());
       OpenIDToken openIDToken = openIDTokenStore.createToken(userDetails);
       openIDTokenStore.saveToken(openIDToken);
-      return TokenResponse.fromOpenIDToken(openIDToken);
+      return openIDToken;
     }
     return null;
   }

diff --git a/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/ThirdPartyTokenGranter.java b/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/ThirdPartyTokenGranter.java
index 1ef4fc8..788d31b 100644
--- a/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/ThirdPartyTokenGranter.java
+++ b/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/ThirdPartyTokenGranter.java

@@ -20,6 +20,7 @@
 import java.util.Map;
 
 import org.apache.commons.lang3.StringUtils;
+import org.apache.servicecomb.authentication.token.OpenIDToken;
 
 public interface ThirdPartyTokenGranter extends TokenGranter {
 
@@ -29,7 +30,7 @@
   }
 
   @Override
-  default TokenResponse grant(Map<String, String> parameters) {
+  default OpenIDToken grant(Map<String, String> parameters) {
     String provider = parameters.get(AuthenticationServerConstants.PARAM_PROVIDER);
     String code = parameters.get(AuthenticationServerConstants.PARAM_CODE);
     String state = parameters.get(AuthenticationServerConstants.PARAM_STATE);
@@ -49,7 +50,7 @@
 
   String name();
 
-  TokenResponse grant(String code, String state, String login);
+  OpenIDToken grant(String code, String state, String login);
   
   /**
    * In authorization code mode, need to get authentication provider information first.

diff --git a/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/TokenEndpoint.java b/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/TokenEndpoint.java
index fb849c1..bd7f8d8 100644
--- a/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/TokenEndpoint.java
+++ b/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/TokenEndpoint.java

@@ -22,6 +22,7 @@
 
 import javax.ws.rs.core.MediaType;
 
+import org.apache.servicecomb.authentication.token.OpenIDToken;
 import org.apache.servicecomb.provider.rest.common.RestSchema;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -36,12 +37,12 @@
 
   @Override
   @PostMapping(path = "/", consumes = MediaType.APPLICATION_FORM_URLENCODED)
-  public TokenResponse getToken(@RequestBody Map<String, String> parameters) {
+  public OpenIDToken getToken(@RequestBody Map<String, String> parameters) {
     String grantType = parameters.get(AuthenticationServerConstants.PARAM_GRANT_TYPE);
 
     for (TokenGranter granter : granters) {
       if (granter.enabled()) {
-        TokenResponse token = granter.grant(grantType, parameters);
+        OpenIDToken token = granter.grant(grantType, parameters);
         if (token != null) {
           return token;
         }

diff --git a/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/TokenGranter.java b/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/TokenGranter.java
index e5f600b..701958c 100644
--- a/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/TokenGranter.java
+++ b/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/TokenGranter.java

@@ -19,6 +19,8 @@
 
 import java.util.Map;
 
+import org.apache.servicecomb.authentication.token.OpenIDToken;
+
 /**
  * Token granter is used to grant access tokens. 
  * @author Administrator
@@ -29,12 +31,12 @@
 
   String grantType();
 
-  default TokenResponse grant(String grantType, Map<String, String> parameters) {
+  default OpenIDToken grant(String grantType, Map<String, String> parameters) {
     if (grantType().equals(grantType)) {
       return grant(parameters);
     }
     return null;
   }
 
-  TokenResponse grant(Map<String, String> parameters);
+  OpenIDToken grant(Map<String, String> parameters);
 }

diff --git a/api/authentication-server/service/src/main/java/org/apache/servicecomb/authentication/server/TokenService.java b/api/authentication-server/service/src/main/java/org/apache/servicecomb/authentication/server/TokenService.java
index 8dbd197..140ef61 100644
--- a/api/authentication-server/service/src/main/java/org/apache/servicecomb/authentication/server/TokenService.java
+++ b/api/authentication-server/service/src/main/java/org/apache/servicecomb/authentication/server/TokenService.java

@@ -19,6 +19,8 @@
 
 import java.util.Map;
 
+import org.apache.servicecomb.authentication.token.OpenIDToken;
+
 public interface TokenService {
-  TokenResponse getToken(Map<String, String> parameters);
+  OpenIDToken getToken(Map<String, String> parameters);
 }

diff --git a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/InMemoryOpenIDTokenStore.java b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/InMemoryOpenIDTokenStore.java
index 1a09f58..341f8fd 100644
--- a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/InMemoryOpenIDTokenStore.java
+++ b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/InMemoryOpenIDTokenStore.java

@@ -41,11 +41,6 @@
   }
 
   @Override
-  public OpenIDToken readTokenByIDTokenValue(String idTokenValue) {
-    return TOKENS_BY_ID_TOKEN_VALUE.get(idTokenValue);
-  }
-
-  @Override
   public void saveToken(OpenIDToken token) {
     TOKENS.put(token.getValue(), token);
     TOKENS_BY_REFRESH_TOKEN_VALUE.put(token.getRefreshToken().getValue(), token);

diff --git a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/JWTToken.java b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/JWTToken.java
index a4c6750..2ab1183 100644
--- a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/JWTToken.java
+++ b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/JWTToken.java

@@ -17,8 +17,78 @@
 
 package org.apache.servicecomb.authentication.token;
 
-import org.apache.servicecomb.authentication.jwt.JWTClaims;
+import java.util.Map;
 
-public interface JWTToken extends Token {
-  public JWTClaims getClaims();
+import org.apache.servicecomb.authentication.jwt.JWTClaims;
+import org.apache.servicecomb.authentication.jwt.JsonParser;
+import org.springframework.security.jwt.Jwt;
+import org.springframework.security.jwt.JwtHelper;
+import org.springframework.security.jwt.crypto.sign.Signer;
+
+import com.fasterxml.jackson.annotation.JsonIgnore;
+
+
+public class JWTToken implements Token {
+  /**
+   * 
+   */
+  private static final long serialVersionUID = 8234764050908891544L;
+
+  private JWTClaims claims;
+
+  private String value;
+
+  public JWTToken() {
+
+  }
+
+  public JWTToken(JWTClaims claims, Signer signer) {
+    this.claims = claims;
+    String content = JsonParser.unparse(claims);
+    Jwt jwtToken = JwtHelper.encode(content, signer);
+    this.value = jwtToken.getEncoded();
+  }
+
+  @Override
+  @JsonIgnore
+  public long getIssueAt() {
+    return this.claims.getIat();
+  }
+
+  @Override
+  @JsonIgnore
+  public long getExpiresIn() {
+    return this.claims.getExp();
+  }
+
+  @Override
+  @JsonIgnore
+  public long getNotBefore() {
+    return this.claims.getNbf();
+  }
+
+  @Override
+  public String getValue() {
+    return this.value;
+  }
+
+  @Override
+  public Map<String, Object> getAdditionalInformation() {
+    return this.claims.getAdditionalInformation();
+  }
+
+  @Override
+  @JsonIgnore
+  public String getUsername() {
+    return this.claims.getSub();
+  }
+
+  public JWTClaims getClaims() {
+    return this.claims;
+  }
+
+  @Override
+  public void addAdditionalInformation(String key, Object value) {
+    this.claims.addAdditionalInformation(key, value);
+  }
 }

diff --git a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/JWTTokenImpl.java b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/JWTTokenImpl.java
deleted file mode 100644
index 1c8c133..0000000
--- a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/JWTTokenImpl.java
+++ /dev/null

@@ -1,85 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.servicecomb.authentication.token;
-
-import java.util.Map;
-
-import org.apache.servicecomb.authentication.jwt.JWTClaims;
-import org.apache.servicecomb.authentication.jwt.JsonParser;
-import org.springframework.security.jwt.Jwt;
-import org.springframework.security.jwt.JwtHelper;
-import org.springframework.security.jwt.crypto.sign.Signer;
-
-public class JWTTokenImpl implements JWTToken {
-  private JWTClaims claims;
-
-  private boolean valueCalculated = false;
-
-  private String value;
-
-  private Signer signer;
-
-  public JWTTokenImpl(JWTClaims claims, Signer signer) {
-    this.claims = claims;
-    this.signer = signer;
-  }
-
-  @Override
-  public long getIssueAt() {
-    return this.claims.getIat();
-  }
-
-  @Override
-  public long getExpiresIn() {
-    return this.claims.getExp();
-  }
-
-  @Override
-  public long getNotBefore() {
-    return this.claims.getNbf();
-  }
-
-  @Override
-  public String getValue() {
-    if (!this.valueCalculated) {
-      String content = JsonParser.unparse(claims);
-      Jwt jwtToken = JwtHelper.encode(content, signer);
-      this.value = jwtToken.getEncoded();
-    }
-    return this.value;
-  }
-
-  @Override
-  public Map<String, Object> getAdditionalInformation() {
-    return this.claims.getAdditionalInformation();
-  }
-
-  @Override
-  public String username() {
-    return this.claims.getSub();
-  }
-
-  public JWTClaims getClaims() {
-    return this.claims;
-  }
-
-  @Override
-  public void addAdditionalInformation(String key, Object value) {
-    this.claims.addAdditionalInformation(key, value);
-  }
-}

diff --git a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/JWTTokenStoreImpl.java b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/JWTTokenStoreImpl.java
index 5b74496..59dd6c7 100644
--- a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/JWTTokenStoreImpl.java
+++ b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/JWTTokenStoreImpl.java

@@ -52,7 +52,7 @@
     claims.setNbf(config.notBefore);
     // Maybe some other properties in future
 
-    return new JWTTokenImpl(claims, signer);
+    return new JWTToken(claims, signer);
   }
 
   public JWTToken createTokenByValue(String value) {
@@ -64,6 +64,6 @@
     } catch (Exception e) {
       return null;
     }
-    return new JWTTokenImpl(claims, signer);
+    return new JWTToken(claims, signer);
   }
 }

diff --git a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/OpenIDToken.java b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/OpenIDToken.java
index d82b663..c6fc36f 100644
--- a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/OpenIDToken.java
+++ b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/OpenIDToken.java

@@ -20,7 +20,14 @@
 import java.util.Map;
 import java.util.Set;
 
+import com.fasterxml.jackson.annotation.JsonIgnore;
+
 public class OpenIDToken implements Token {
+  /**
+   * 
+   */
+  private static final long serialVersionUID = 6252768307298115467L;
+
   private String tokenType;
 
   private SessionToken accessToken;
@@ -72,41 +79,49 @@
   }
 
   @Override
-  public String username() {
-    return accessToken.username();
+  @JsonIgnore
+  public String getUsername() {
+    return accessToken.getUsername();
   }
 
   @Override
+  @JsonIgnore
   public boolean isExpired() {
     return accessToken.isExpired();
   }
 
   @Override
+  @JsonIgnore
   public long getIssueAt() {
     return accessToken.getIssueAt();
   }
 
   @Override
+  @JsonIgnore
   public long getExpiresIn() {
     return accessToken.getExpiresIn();
   }
 
   @Override
+  @JsonIgnore
   public long getNotBefore() {
     return accessToken.getNotBefore();
   }
 
   @Override
+  @JsonIgnore
   public String getValue() {
     return accessToken.getValue();
   }
 
   @Override
+  @JsonIgnore
   public Map<String, Object> getAdditionalInformation() {
     return accessToken.getAdditionalInformation();
   }
 
   @Override
+  @JsonIgnore
   public void addAdditionalInformation(String key, Object value) {
     accessToken.addAdditionalInformation(key, value);
   }

diff --git a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/OpenIDTokenStore.java b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/OpenIDTokenStore.java
index cd65ead..4fdf6a2 100644
--- a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/OpenIDTokenStore.java
+++ b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/OpenIDTokenStore.java

@@ -23,8 +23,6 @@
 
   OpenIDToken readTokenByRefreshTokenValue(String refreshTokenValue);
 
-  OpenIDToken readTokenByIDTokenValue(String idTokenValue);
-  
   JWTToken createIDTokenByValue(String jwtTokenValue);
 
   void saveToken(OpenIDToken token);

diff --git a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/SessionToken.java b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/SessionToken.java
index c39cec4..7050843 100644
--- a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/SessionToken.java
+++ b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/SessionToken.java

@@ -17,5 +17,73 @@
 
 package org.apache.servicecomb.authentication.token;
 
-public interface SessionToken extends Token {
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
+public class SessionToken implements Token {
+  private static final long serialVersionUID = -7783398248936167939L;
+
+  private String value;
+
+  private long issueAt;
+  
+  private long expiresIn;
+  
+  private long notBefore;
+
+  private String username;
+
+  private Map<String, Object> additionalInformation;
+
+  public SessionToken() {
+    
+  }
+  
+  public SessionToken(String username) {
+    this.value = UUID.randomUUID().toString();
+    this.issueAt = System.currentTimeMillis();
+    this.username = username;
+    TokenDynamicProperties config = TokenDynamicPropertiesManager.getTokenConfiguration(username);
+    this.expiresIn = config.expiresIn;
+    this.notBefore = config.notBefore;
+  }
+
+  @Override
+  public long getIssueAt() {
+    return this.issueAt;
+  }
+
+  @Override
+  public long getExpiresIn() {
+    return this.expiresIn;
+  }
+
+  @Override
+  public long getNotBefore() {
+    return this.notBefore;
+  }
+
+  @Override
+  public String getValue() {
+    return this.value;
+  }
+
+  @Override
+  public Map<String, Object> getAdditionalInformation() {
+    return additionalInformation;
+  }
+
+  @Override
+  public String getUsername() {
+    return this.username;
+  }
+
+  @Override
+  public void addAdditionalInformation(String key, Object value) {
+    if (additionalInformation == null) {
+      additionalInformation = new HashMap<>();
+    }
+    additionalInformation.put(key, value);
+  }
 }

diff --git a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/SessionTokenImpl.java b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/SessionTokenImpl.java
deleted file mode 100644
index d409ee9..0000000
--- a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/SessionTokenImpl.java
+++ /dev/null

@@ -1,79 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.servicecomb.authentication.token;
-
-import java.util.HashMap;
-import java.util.Map;
-import java.util.UUID;
-
-public class SessionTokenImpl implements SessionToken {
-  private String value;
-
-  private long issueAt;
-
-  private String username;
-
-  private TokenDynamicProperties config;
-
-  private Map<String, Object> additionalInformation;
-
-  public SessionTokenImpl(String username) {
-    this.value = UUID.randomUUID().toString();
-    this.issueAt = System.currentTimeMillis();
-    this.username = username;
-    this.config = TokenDynamicPropertiesManager.getTokenConfiguration(username);
-  }
-
-  @Override
-  public long getIssueAt() {
-    return this.issueAt;
-  }
-
-  @Override
-  public long getExpiresIn() {
-    return this.config.expiresIn;
-  }
-
-  @Override
-  public long getNotBefore() {
-    return this.config.notBefore;
-  }
-
-  @Override
-  public String getValue() {
-    return this.value;
-  }
-
-  @Override
-  public Map<String, Object> getAdditionalInformation() {
-    return additionalInformation;
-  }
-
-  @Override
-  public String username() {
-    return this.username;
-  }
-
-  @Override
-  public void addAdditionalInformation(String key, Object value) {
-    if (additionalInformation == null) {
-      additionalInformation = new HashMap<>();
-    }
-    additionalInformation.put(key, value);
-  }
-}

diff --git a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/SessionTokenStore.java b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/SessionTokenStore.java
index 59b23aa..631f3d7 100644
--- a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/SessionTokenStore.java
+++ b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/SessionTokenStore.java

@@ -23,7 +23,7 @@
 
   @Override
   public SessionToken createToken(UserDetails userDetails) {
-    return new SessionTokenImpl(userDetails.getUsername());
+    return new SessionToken(userDetails.getUsername());
   }
 
 }

diff --git a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/Token.java b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/Token.java
index ca51f89..55b1423 100644
--- a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/Token.java
+++ b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/Token.java

@@ -17,11 +17,15 @@
 
 package org.apache.servicecomb.authentication.token;
 
+import java.io.Serializable;
 import java.util.Map;
 
-public interface Token {
-  String username();
+import com.fasterxml.jackson.annotation.JsonIgnore;
 
+public interface Token extends Serializable {
+  String getUsername();
+
+  @JsonIgnore
   default boolean isExpired() {
     return (System.currentTimeMillis() < getNotBefore()) ||
         (System.currentTimeMillis() - getIssueAt() > getExpiresIn() * 1000);
@@ -36,6 +40,6 @@
   String getValue();
 
   Map<String, Object> getAdditionalInformation();
-  
+
   void addAdditionalInformation(String key, Object value);
 }

diff --git a/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/AuthenticationServerTokenEndpoint.java b/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/AuthenticationServerTokenEndpoint.java
index 50c29d3..18ad3af 100644
--- a/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/AuthenticationServerTokenEndpoint.java
+++ b/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/AuthenticationServerTokenEndpoint.java

@@ -20,12 +20,12 @@
 import java.util.Map;
 import java.util.concurrent.CompletableFuture;
 
-import org.apache.servicecomb.authentication.server.TokenResponse;
+import org.apache.servicecomb.authentication.token.OpenIDToken;
 import org.springframework.http.MediaType;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 
 public interface AuthenticationServerTokenEndpoint {
   @PostMapping(path = "/", consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE)
-  public CompletableFuture<TokenResponse> getToken(@RequestBody Map<String, String> parameters);
+  public CompletableFuture<OpenIDToken> getToken(@RequestBody Map<String, String> parameters);
 }

diff --git a/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/DumyEdgeTokenResponseProcessor.java b/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/DumyEdgeTokenResponseProcessor.java
deleted file mode 100644
index 97dd3c4..0000000
--- a/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/DumyEdgeTokenResponseProcessor.java
+++ /dev/null

@@ -1,30 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.servicecomb.authentication.edge;
-
-import org.apache.servicecomb.authentication.server.TokenResponse;
-
-public class DumyEdgeTokenResponseProcessor implements EdgeTokenResponseProcessor {
-  public DumyEdgeTokenResponseProcessor() {
-  }
-
-  @Override
-  public void process(TokenResponse tokenResponse) {
-  }
-
-}

diff --git a/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/EdgeConfiguration.java b/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/EdgeConfiguration.java
index 4142c4f..bcb48a8 100644
--- a/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/EdgeConfiguration.java
+++ b/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/EdgeConfiguration.java

@@ -17,16 +17,9 @@
 
 package org.apache.servicecomb.authentication.edge;
 
-import org.apache.servicecomb.authentication.util.CommonConstants;
-import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.core.annotation.Order;
 
 @Configuration
 public class EdgeConfiguration {
-  @Bean(name = {CommonConstants.BEAN_AUTH_EDGE_TOKEN_RESPONSE_PROCESSOR})
-  @Order(CommonConstants.BEAN_DEFAULT_ORDER)
-  public EdgeTokenResponseProcessor edgeTokenResponseProcessor() {
-    return new DumyEdgeTokenResponseProcessor();
-  }
+
 }

diff --git a/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/EdgeTokenResponseProcessor.java b/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/EdgeTokenResponseProcessor.java
deleted file mode 100644
index 09ea7b3..0000000
--- a/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/EdgeTokenResponseProcessor.java
+++ /dev/null

@@ -1,24 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.servicecomb.authentication.edge;
-
-import org.apache.servicecomb.authentication.server.TokenResponse;
-
-public interface EdgeTokenResponseProcessor {
-  void process(TokenResponse tokenResponse);
-}

diff --git a/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/TokenEndpoint.java b/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/TokenEndpoint.java
index 578f71a..ffafe1a 100644
--- a/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/TokenEndpoint.java
+++ b/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/TokenEndpoint.java

@@ -20,12 +20,9 @@
 import java.util.Map;
 import java.util.concurrent.CompletableFuture;
 
-import org.apache.servicecomb.authentication.server.TokenResponse;
-import org.apache.servicecomb.authentication.util.CommonConstants;
+import org.apache.servicecomb.authentication.token.OpenIDToken;
 import org.apache.servicecomb.provider.pojo.RpcReference;
 import org.apache.servicecomb.provider.rest.common.RestSchema;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.http.MediaType;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
@@ -37,21 +34,16 @@
   @RpcReference(microserviceName = "authentication-server", schemaId = "TokenEndpoint")
   private AuthenticationServerTokenEndpoint authenticationSererTokenEndpoint;
 
-  @Autowired
-  @Qualifier(CommonConstants.BEAN_AUTH_EDGE_TOKEN_RESPONSE_PROCESSOR)
-  private EdgeTokenResponseProcessor edgeTokenResponseProcessor;
-
   @Override
   @PostMapping(path = "/", consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE)
   public CompletableFuture<TokenResponse> getToken(@RequestBody Map<String, String> parameters) {
     CompletableFuture<TokenResponse> result = new CompletableFuture<>();
 
-    CompletableFuture<TokenResponse> response =
+    CompletableFuture<OpenIDToken> response =
         authenticationSererTokenEndpoint.getToken(parameters);
     response.whenComplete((tokenResonse, ex) -> {
       if (!response.isCompletedExceptionally()) {
-        result.complete(tokenResonse);
-        edgeTokenResponseProcessor.process(tokenResonse);
+        result.complete(TokenResponse.fromOpenIDToken(tokenResonse));
       } else {
         result.completeExceptionally(ex);
       }

diff --git a/api/authentication-server/service/src/main/java/org/apache/servicecomb/authentication/server/TokenResponse.java b/api/edge-service/service/src/main/java/org/apache/servicecomb/authentication/edge/TokenResponse.java
similarity index 97%
rename from api/authentication-server/service/src/main/java/org/apache/servicecomb/authentication/server/TokenResponse.java
rename to api/edge-service/service/src/main/java/org/apache/servicecomb/authentication/edge/TokenResponse.java
index 32e7fb5..9fc7b67 100644
--- a/api/authentication-server/service/src/main/java/org/apache/servicecomb/authentication/server/TokenResponse.java
+++ b/api/edge-service/service/src/main/java/org/apache/servicecomb/authentication/edge/TokenResponse.java

@@ -15,7 +15,7 @@
  * limitations under the License.
  */
 
-package org.apache.servicecomb.authentication.server;
+package org.apache.servicecomb.authentication.edge;
 
 import java.util.Map;
 import java.util.Set;

diff --git a/api/edge-service/service/src/main/java/org/apache/servicecomb/authentication/edge/TokenService.java b/api/edge-service/service/src/main/java/org/apache/servicecomb/authentication/edge/TokenService.java
index 5e12a45..e279986 100644
--- a/api/edge-service/service/src/main/java/org/apache/servicecomb/authentication/edge/TokenService.java
+++ b/api/edge-service/service/src/main/java/org/apache/servicecomb/authentication/edge/TokenService.java

@@ -20,8 +20,6 @@
 import java.util.Map;
 import java.util.concurrent.CompletableFuture;
 
-import org.apache.servicecomb.authentication.server.TokenResponse;
-
 
 public interface TokenService {
   CompletableFuture<TokenResponse> getToken(Map<String, String> parameters);

diff --git a/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/AuthenticationConfiguration.java b/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/AuthenticationConfiguration.java
index 0e4b462..854c940 100644
--- a/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/AuthenticationConfiguration.java
+++ b/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/AuthenticationConfiguration.java

@@ -17,8 +17,6 @@
 
 package org.apache.servicecomb.authentication;
 
-import org.apache.servicecomb.authentication.token.AbstractOpenIDTokenStore;
-import org.apache.servicecomb.authentication.token.InMemoryOpenIDTokenStore;
 import org.apache.servicecomb.authentication.util.CommonConstants;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -40,10 +38,4 @@
     // If using MacSigner, need to protect the shared key by properly encryption.
     return new MacSigner("Please change this key.");
   }
-
-  @Bean(name = CommonConstants.BEAN_AUTH_OPEN_ID_TOKEN_STORE)
-  public AbstractOpenIDTokenStore openIDTokenStore() {
-    // NOTICE: Use in memory store for testing. Need to implement JDBC or Redis SessionIDTokenStore in product. 
-    return new InMemoryOpenIDTokenStore();
-  }
 }

diff --git a/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/JDBCOpenIDTokenStore.java b/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/JDBCOpenIDTokenStore.java
new file mode 100644
index 0000000..0163612
--- /dev/null
+++ b/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/JDBCOpenIDTokenStore.java

@@ -0,0 +1,58 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.servicecomb.authentication;
+
+import org.apache.servicecomb.authentication.jwt.JsonParser;
+import org.apache.servicecomb.authentication.token.AbstractOpenIDTokenStore;
+import org.apache.servicecomb.authentication.token.OpenIDToken;
+import org.apache.servicecomb.authentication.user.TokenMapper;
+import org.apache.servicecomb.authentication.util.CommonConstants;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+@Component(CommonConstants.BEAN_AUTH_OPEN_ID_TOKEN_STORE)
+public class JDBCOpenIDTokenStore extends AbstractOpenIDTokenStore {
+  @Autowired
+  private TokenMapper tokenMapper;
+
+  @Override
+  public OpenIDToken readTokenByValue(String value) {
+    String tokenInfo = tokenMapper.getTokenInfoByAccessTokenId(value);
+    if (tokenInfo != null) {
+      return JsonParser.parse(tokenInfo, OpenIDToken.class);
+    }
+    return null;
+  }
+
+  @Override
+  public OpenIDToken readTokenByRefreshTokenValue(String refreshTokenValue) {
+    String tokenInfo = tokenMapper.getTokenInfoByRefreshTokenId(refreshTokenValue);
+    if (tokenInfo != null) {
+      return JsonParser.parse(tokenInfo, OpenIDToken.class);
+    }
+    return null;
+  }
+
+  @Override
+  public void saveToken(OpenIDToken token) {
+    tokenMapper.insertNewToken(token.getValue(),
+        token.getRefreshToken().getValue(),
+        JsonParser.unparse(token));
+  }
+
+}

diff --git a/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/user/TokenMapper.java b/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/user/TokenMapper.java
new file mode 100644
index 0000000..7ef3f22
--- /dev/null
+++ b/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/user/TokenMapper.java

@@ -0,0 +1,32 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.servicecomb.authentication.user;
+
+import org.apache.ibatis.annotations.Param;
+
+public interface TokenMapper {
+  public void insertNewToken(@Param("accessTokenId") String accessTokenId,
+      @Param("refreshTokenId") String refreshTokenId,
+      @Param("tokenInfo") String tokenInfo);
+
+  public String getTokenInfoByAccessTokenId(@Param("accessTokenId") String accessTokenId);
+
+  public String getTokenInfoByRefreshTokenId(@Param("refreshTokenId") String refreshTokenId);
+
+  public String getTokenInfoByIdTokenId(@Param("idTokenId") String idTokenId);
+}

diff --git a/samples/AuthenticationServer/src/main/resources/META-INF/spring/authentication.server.bean.xml b/samples/AuthenticationServer/src/main/resources/META-INF/spring/authentication.server.bean.xml
index dac1cdf..08ebeb0 100644
--- a/samples/AuthenticationServer/src/main/resources/META-INF/spring/authentication.server.bean.xml
+++ b/samples/AuthenticationServer/src/main/resources/META-INF/spring/authentication.server.bean.xml

@@ -38,5 +38,9 @@
       value="org.apache.servicecomb.authentication.user.UserMapper" />
     <property name="sqlSessionFactory" ref="sqlSessionFactory" />
   </bean>
-
+  <bean id="tokenMapper" class="org.mybatis.spring.mapper.MapperFactoryBean">
+    <property name="mapperInterface"
+      value="org.apache.servicecomb.authentication.user.TokenMapper" />
+    <property name="sqlSessionFactory" ref="sqlSessionFactory" />
+  </bean>
 </beans>
\ No newline at end of file

diff --git a/samples/AuthenticationServer/src/main/resources/config/TokenMapper.xml b/samples/AuthenticationServer/src/main/resources/config/TokenMapper.xml
new file mode 100644
index 0000000..8d702f9
--- /dev/null
+++ b/samples/AuthenticationServer/src/main/resources/config/TokenMapper.xml

@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- ~ Licensed to the Apache Software Foundation (ASF) under one or more 
+  ~ contributor license agreements. See the NOTICE file distributed with ~ 
+  this work for additional information regarding copyright ownership. ~ The 
+  ASF licenses this file to You under the Apache License, Version 2.0 ~ (the 
+  "License"); you may not use this file except in compliance with ~ the License. 
+  You may obtain a copy of the License at ~ ~ http://www.apache.org/licenses/LICENSE-2.0 
+  ~ ~ Unless required by applicable law or agreed to in writing, software ~ 
+  distributed under the License is distributed on an "AS IS" BASIS, ~ WITHOUT 
+  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ~ See the 
+  License for the specific language governing permissions and ~ limitations 
+  under the License. -->
+
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="org.apache.servicecomb.authentication.user.TokenMapper">
+  <insert id="insertNewToken">
+    insert into
+    T_TOKENS(ACCESS_TOKEN_VALUE,REFRESH_TOKEN_VALUE,TOKEN)
+    values(#{accessTokenId},#{refreshTokenId},#{tokenInfo})
+  </insert>
+
+  <select id="getTokenInfoByAccessTokenId" parameterType="java.lang.String"
+    resultType="java.lang.String">
+    select TOKEN
+    from T_TOKENS where ACCESS_TOKEN_VALUE =
+    #{accessTokenId}
+  </select>
+
+  <select id="getTokenInfoByRefreshTokenId" parameterType="java.lang.String"
+    resultType="java.lang.String">
+    select TOKEN
+    from T_TOKENS where REFRESH_TOKEN_VALUE =
+    #{refreshTokenId}
+  </select>
+</mapper>
\ No newline at end of file

diff --git a/samples/AuthenticationServer/src/main/resources/config/mybatis-config.xml b/samples/AuthenticationServer/src/main/resources/config/mybatis-config.xml
index 2bd7b68..9290b3f 100644
--- a/samples/AuthenticationServer/src/main/resources/config/mybatis-config.xml
+++ b/samples/AuthenticationServer/src/main/resources/config/mybatis-config.xml

@@ -15,7 +15,8 @@
   PUBLIC "-//mybatis.org//DTD Config 3.0//EN"
   "http://mybatis.org/dtd/mybatis-3-config.dtd">
 <configuration>
-    <mappers>
-        <mapper resource="config/UserMapper.xml"/>
-    </mappers>
+  <mappers>
+    <mapper resource="config/UserMapper.xml" />
+    <mapper resource="config/TokenMapper.xml" />
+  </mappers>
 </configuration>
\ No newline at end of file

diff --git a/samples/AuthenticationServer/src/main/resources/sql/user.sql b/samples/AuthenticationServer/src/main/resources/sql/user.sql
index 223826d..b5dbfc7 100644
--- a/samples/AuthenticationServer/src/main/resources/sql/user.sql
+++ b/samples/AuthenticationServer/src/main/resources/sql/user.sql

@@ -73,7 +73,6 @@
   `ID` INTEGER(8) NOT NULL AUTO_INCREMENT,
   `ACCESS_TOKEN_VALUE` VARCHAR(256) NOT NULL,
   `REFRESH_TOKEN_VALUE` VARCHAR(256) NOT NULL,
-  `ID_TOKEN_VALUE` VARCHAR(256) NOT NULL,
   `TOKEN` TEXT NOT NULL,
   PRIMARY KEY (`ID`)
 );

diff --git a/samples/Client/pom.xml b/samples/Client/pom.xml
index 5bbe9d8..b6b3220 100644
--- a/samples/Client/pom.xml
+++ b/samples/Client/pom.xml

@@ -33,7 +33,7 @@
     <dependencies>
       <dependency>
         <groupId>org.apache.servicecomb.authentication</groupId>
-        <artifactId>authentication-server-api-service</artifactId>
+        <artifactId>authentication-edge-api-service</artifactId>
         <version>0.0.1-SNAPSHOT</version>
       </dependency>
       <dependency>
@@ -64,7 +64,7 @@
   <dependencies>
     <dependency>
       <groupId>org.apache.servicecomb.authentication</groupId>
-      <artifactId>authentication-server-api-service</artifactId>
+      <artifactId>authentication-edge-api-service</artifactId>
     </dependency>
     <dependency>
       <groupId>org.apache.servicecomb</groupId>

diff --git a/samples/Client/src/main/java/org/apache/servicecomb/authentication/AuthenticationTestCase.java b/samples/Client/src/main/java/org/apache/servicecomb/authentication/AuthenticationTestCase.java
index 2b8fd5a..7acb34d 100644
--- a/samples/Client/src/main/java/org/apache/servicecomb/authentication/AuthenticationTestCase.java
+++ b/samples/Client/src/main/java/org/apache/servicecomb/authentication/AuthenticationTestCase.java

@@ -17,7 +17,7 @@
 
 package org.apache.servicecomb.authentication;
 
-import org.apache.servicecomb.authentication.server.TokenResponse;
+import org.apache.servicecomb.authentication.edge.TokenResponse;
 import org.apache.servicecomb.authentication.util.CommonConstants;
 import org.springframework.http.HttpEntity;
 import org.springframework.http.HttpHeaders;

diff --git a/samples/Client/src/main/java/org/apache/servicecomb/authentication/TokenExpireTestCase.java b/samples/Client/src/main/java/org/apache/servicecomb/authentication/TokenExpireTestCase.java
index 00a557e..766aba0 100644
--- a/samples/Client/src/main/java/org/apache/servicecomb/authentication/TokenExpireTestCase.java
+++ b/samples/Client/src/main/java/org/apache/servicecomb/authentication/TokenExpireTestCase.java

@@ -17,7 +17,7 @@
 
 package org.apache.servicecomb.authentication;
 
-import org.apache.servicecomb.authentication.server.TokenResponse;
+import org.apache.servicecomb.authentication.edge.TokenResponse;
 import org.apache.servicecomb.authentication.util.CommonConstants;
 import org.springframework.http.HttpEntity;
 import org.springframework.http.HttpHeaders;