Package | Description |
---|---|
org.forgerock.oauth2.core |
Defines the core classes to implement OAuth2 for OpenAM.
|
Modifier and Type | Method and Description |
---|---|
static OAuth2Request |
OAuth2Request.forRealm(String realm)
Creates an
OAuth2Request which holds the provided realm only. |
Modifier and Type | Method and Description |
---|---|
Map<String,String> |
ScopeValidator.additionalDataToReturnFromAuthorizeEndpoint(Map<String,Token> tokens,
OAuth2Request request)
Provided as an extension point to allow the OAuth2 provider to return additional data from an authorization
request.
|
void |
ScopeValidator.additionalDataToReturnFromTokenEndpoint(AccessToken accessToken,
OAuth2Request request)
Provided as an extension point to allow the OAuth2 provider to return additional data from an access token
request.
|
UserInfoClaims |
ScopeValidator.getUserInfo(ClientRegistration clientRegistration,
AccessToken token,
OAuth2Request request)
Gets the resource owners information based on an issued access token.
|
Map.Entry<String,Token> |
ResponseTypeHandler.handle(String tokenType,
Set<String> scope,
ResourceOwner resourceOwner,
String clientId,
String redirectUri,
String nonce,
OAuth2Request request,
String codeChallenge,
String codeChallengeMethod)
Handles the creating of a Token instance and storing the Token in the OAuth2 provider
TokenStore . |
default void |
ScopeValidator.modifyAccessToken(AccessToken accessToken,
OAuth2Request request)
Allows modification of the OAuth2 access token before the token is persisted/returned to the client.
|
Set<String> |
ScopeValidator.validateAccessTokenScope(ClientRegistration clientRegistration,
Set<String> scope,
OAuth2Request request)
Provided as an extension point to allow the OAuth2 provider to customise the scope requested when an access token
is requested.
|
Set<String> |
ScopeValidator.validateAuthorizationScope(ClientRegistration clientRegistration,
Set<String> scope,
OAuth2Request request)
Provided as an extension point to allow the OAuth2 provider to customise the scope requested when authorization
is requested.
|
Set<String> |
ScopeValidator.validateBackChannelAuthorizationScope(ClientRegistration clientRegistration,
Set<String> requestedScopes,
OAuth2Request request)
Provided as an extension point to allow the OAuth2 provider to customize the scope requested when performing a
client initiated back channel authentication.
|
Set<String> |
ScopeValidator.validateRefreshTokenScope(ClientRegistration clientRegistration,
Set<String> requestedScope,
Set<String> tokenScope,
OAuth2Request request)
Provided as an extension point to allow the OAuth2 provider to customise the scope requested when a refresh token
is requested.
|
boolean |
ClientRegistration.verifyJwtBearerForClientAuthentication(OAuth2Request request,
OAuth2Jwt jwt)
Verifies that the supplied jwt is signed by this client.
|
SignedJwt |
ClientRegistration.verifyJwtRequestParameter(OAuth2Request request,
Jwt jwt)
Verifies that the supplied request parameter jwt is signed by this client.
|
Optional<PKIXCertPathValidatorResult> |
ClientRegistration.verifyTlsClientCertificateAuthentication(OAuth2Request request,
List<X509Certificate> certChain)
Verifies that the supplied X.509 certificate chain is acceptable to authenticate this client.
|
Constructor and Description |
---|
OAuth2Request(OAuth2Request request)
Copy the OAuth2 request.
|
Copyright © 2010-2018, ForgeRock All Rights Reserved.