如何使用Spring及其JdbcTokenStore类从我们的数据库中自动删除过期的Oauth访问令牌？

Question

我正在使用Spring 4.3.8.RELEASE.我建立了一个OAuth应用程序(允许客户端应用程序通过client_credentials交付式访问某些功能)使用Spring org.springframework.security.oauth2.provider.token.store.JdbcTokenStore类来管理访问令牌.我们正在使用MySQL 5数据库.这是访问令牌的表定义......

CREATE TABLE `oauth_access_token` (
  `token_id` varchar(255) COLLATE utf8_bin DEFAULT NULL,
  `token` mediumblob,
  `authentication_id` varchar(255) COLLATE utf8_bin NOT NULL,
  `user_name` varchar(255) COLLATE utf8_bin DEFAULT NULL,
  `client_id` varchar(255) COLLATE utf8_bin DEFAULT NULL,
  `authentication` mediumblob,
  `refresh_token` varchar(255) COLLATE utf8_bin DEFAULT NULL,
  PRIMARY KEY (`authentication_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;

这是我们的Spring OAuth配置的相关部分

<authentication-manager alias="authenticationManager"
    xmlns="http://www.springframework.org/schema/security">
    <authentication-provider>
        <user-service id="userDetailsService">
            <user name="marissa" password="koala" authorities="ROLE_USER" />
            <user name="paul" password="emu" authorities="ROLE_USER" />
        </user-service>
    </authentication-provider>
</authentication-manager>

<bean id="clientDetailsUserService"
    class="org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService">
    <constructor-arg ref="clientDetails" />
</bean>

<bean id="tokenStore" class="org.springframework.security.oauth2.provider.token.store.JdbcTokenStore">
    <constructor-arg ref="dataSource" />
    <property name="authenticationKeyGenerator">
        <bean class="org.springframework.security.oauth2.UniqueAuthenticationKeyGenerator" />
    </property>
</bean>

<bean id="tokenServices"
    class="org.springframework.security.oauth2.provider.token.DefaultTokenServices">
    <!-- <property name="accessTokenValiditySeconds" value="30" /> -->
    <property name="tokenStore" ref="tokenStore" />
    <property name="tokenEnhancer" ref="tokenEnhancer" />
    <property name="supportRefreshToken" value="false" />
    <property name="clientDetailsService" ref="clientDetails" />
</bean>

<bean id="tokenEnhancer"
    class="org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter" />

<bean id="requestFactory"
    class="org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory">
    <constructor-arg name="clientDetailsService" ref="clientDetails" />
</bean>

<bean id="approvalStore"
    class="org.springframework.security.oauth2.provider.approval.TokenApprovalStore">
    <property name="tokenStore" ref="tokenStore" />
</bean>

<oauth:authorization-server
    client-details-service-ref="clientDetails" token-services-ref="tokenServices">
    <oauth:client-credentials />
</oauth:authorization-server>

<oauth:resource-server id="resourceServerFilter" entry-point-ref="entry"
    resource-id="myclientAssignment" token-services-ref="tokenServices" />

<bean id="entry" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
    <constructor-arg value="/myresource" />
</bean>

<context:property-placeholder location="classpath:application.properties"/>
<oauth:client-details-service id="clientDetails">
    <oauth:client client-id="${myclient.client.id}"
        access-token-validity="30"
        authorized-grant-types="client_credentials" authorities="ROLE_CLIENT"
        scope="read,write" secret="${myclient.client.secret}" />
</oauth:client-details-service> 

<mvc:default-servlet-handler />

<oauth:expression-handler id="oauthExpressionHandler" />

<oauth:web-expression-handler id="oauthWebExpressionHandler" />

<http pattern="/api/**"  
              create-session="never"
              entry-point-ref="oauthAuthenticationEntryPoint"
              access-decision-manager-ref="accessDecisionManager"
              xmlns="http://www.springframework.org/schema/security">
 <anonymous enabled="false" />
 <custom-filter ref="resourceServerFilter"
                         before="PRE_AUTH_FILTER" />
 <access-denied-handler ref="oauthAccessDeniedHandler" />
 <csrf disabled="true"/>

我的问题是,一旦令牌到期,什么是最简单的设置方式,以便从表中删除该行？我们想删除旧数据.