Interface HttpOauth2TokenIntrospectionAuthorizationMechanismCfg
-
- All Superinterfaces:
Configuration
,HttpAuthorizationMechanismCfg
,HttpOauth2AuthorizationMechanismCfg
public interface HttpOauth2TokenIntrospectionAuthorizationMechanismCfg extends HttpOauth2AuthorizationMechanismCfg
A server-side interface for querying HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism settings.The HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism is used to define OAuth2 authorization using an introspection (RFC7662) compliant authorization server.
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description void
addHttpOauth2TokenIntrospectionAuthorizationMechanismChangeListener(ConfigurationChangeListener<HttpOauth2TokenIntrospectionAuthorizationMechanismCfg> listener)
Register to be notified when this HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism is changed.Class<? extends HttpOauth2TokenIntrospectionAuthorizationMechanismCfg>
configurationClass()
Gets the configuration class associated with this HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism.String
getClientId()
Gets the "client-id" property.String
getClientSecret()
Gets the "client-secret" property.String
getJavaClass()
Gets the "java-class" property.String
getKeyManagerProvider()
Gets the "key-manager-provider" property.Dn
getKeyManagerProviderDn()
Gets the "key-manager-provider" property as a DN.SortedSet<String>
getSslCertNickname()
Gets the "ssl-cert-nickname" property.SortedSet<String>
getSslCipherSuite()
Gets the "ssl-cipher-suite" property.SortedSet<String>
getSslProtocol()
Gets the "ssl-protocol" property.String
getTokenIntrospectionUrl()
Gets the "token-introspection-url" property.String
getTrustManagerProvider()
Gets the "trust-manager-provider" property.Dn
getTrustManagerProviderDn()
Gets the "trust-manager-provider" property as a DN.void
removeHttpOauth2TokenIntrospectionAuthorizationMechanismChangeListener(ConfigurationChangeListener<HttpOauth2TokenIntrospectionAuthorizationMechanismCfg> listener)
Deregister an existing HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism configuration change listener.-
Methods inherited from interface org.forgerock.opendj.config.Configuration
dn, name
-
Methods inherited from interface org.forgerock.opendj.server.config.server.HttpAuthorizationMechanismCfg
addChangeListener, isEnabled, removeChangeListener
-
Methods inherited from interface org.forgerock.opendj.server.config.server.HttpOauth2AuthorizationMechanismCfg
addHttpOauth2AuthorizationMechanismChangeListener, getAccessTokenCacheExpiration, getAuthzidJsonPointer, getIdentityMapper, getIdentityMapperDns, getRequiredScope, isAccessTokenCacheEnabled, removeHttpOauth2AuthorizationMechanismChangeListener
-
-
-
-
Method Detail
-
configurationClass
Class<? extends HttpOauth2TokenIntrospectionAuthorizationMechanismCfg> configurationClass()
Gets the configuration class associated with this HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism.- Specified by:
configurationClass
in interfaceConfiguration
- Specified by:
configurationClass
in interfaceHttpAuthorizationMechanismCfg
- Specified by:
configurationClass
in interfaceHttpOauth2AuthorizationMechanismCfg
- Returns:
- Returns the configuration class associated with this HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism.
-
addHttpOauth2TokenIntrospectionAuthorizationMechanismChangeListener
void addHttpOauth2TokenIntrospectionAuthorizationMechanismChangeListener(ConfigurationChangeListener<HttpOauth2TokenIntrospectionAuthorizationMechanismCfg> listener)
Register to be notified when this HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism is changed.- Parameters:
listener
- The HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism configuration change listener.
-
removeHttpOauth2TokenIntrospectionAuthorizationMechanismChangeListener
void removeHttpOauth2TokenIntrospectionAuthorizationMechanismChangeListener(ConfigurationChangeListener<HttpOauth2TokenIntrospectionAuthorizationMechanismCfg> listener)
Deregister an existing HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism configuration change listener.- Parameters:
listener
- The HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism configuration change listener.
-
getClientId
String getClientId()
Gets the "client-id" property.Client's ID to use during the HTTP basic authentication against the authorization server.
- Returns:
- Returns the value of the "client-id" property.
-
getClientSecret
String getClientSecret()
Gets the "client-secret" property.Client's secret to use during the HTTP basic authentication against the authorization server.
- Returns:
- Returns the value of the "client-secret" property.
-
getJavaClass
String getJavaClass()
Gets the "java-class" property.Specifies the fully-qualified name of the Java class that provides the HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism implementation.
Default value:
org.opends.server.protocols.http.authz.HttpOAuth2TokenIntrospectionAuthorizationMechanism
- Specified by:
getJavaClass
in interfaceHttpAuthorizationMechanismCfg
- Returns:
- Returns the value of the "java-class" property.
-
getKeyManagerProvider
String getKeyManagerProvider()
Gets the "key-manager-provider" property.Specifies the name of the key manager that should be used with this HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism .
Default value is undefined
- Returns:
- Returns the value of the "key-manager-provider" property.
-
getKeyManagerProviderDn
Dn getKeyManagerProviderDn()
Gets the "key-manager-provider" property as a DN.Specifies the name of the key manager that should be used with this HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism .
- Returns:
- Returns the DN value of the "key-manager-provider" property.
-
getSslCertNickname
SortedSet<String> getSslCertNickname()
Gets the "ssl-cert-nickname" property.Specifies the nicknames (also called the aliases) of the keys or key pairs that the HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism should use when performing SSL communication.
The property can be used multiple times (referencing different nicknames) when server certificates with different public key algorithms are used in parallel (for example, RSA, DSA, and ECC-based algorithms). When a nickname refers to an asymmetric (public/private) key pair, the nickname for the public key certificate and associated private key entry must match exactly. A single nickname is used to retrieve both the public key and the private key. This is only applicable when the HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism is configured to use SSL.
- Returns:
- Returns an unmodifiable set containing the values of the "ssl-cert-nickname" property.
-
getSslCipherSuite
SortedSet<String> getSslCipherSuite()
Gets the "ssl-cipher-suite" property.Specifies the names of the SSL cipher suites that are allowed for use in SSL or TLS communication.
- Returns:
- Returns an unmodifiable set containing the values of the "ssl-cipher-suite" property.
-
getSslProtocol
SortedSet<String> getSslProtocol()
Gets the "ssl-protocol" property.Specifies the names of the SSL protocols that are allowed for use in SSL or TLS communication.
- Returns:
- Returns an unmodifiable set containing the values of the "ssl-protocol" property.
-
getTokenIntrospectionUrl
String getTokenIntrospectionUrl()
Gets the "token-introspection-url" property.Defines the token introspection endpoint URL where the access-token resolution request should be sent. (example: http://example.com/introspect)
- Returns:
- Returns the value of the "token-introspection-url" property.
-
getTrustManagerProvider
String getTrustManagerProvider()
Gets the "trust-manager-provider" property.Specifies the name of the trust manager that should be used when negotiating SSL connections with the remote authorization server.
- Returns:
- Returns the value of the "trust-manager-provider" property.
-
getTrustManagerProviderDn
Dn getTrustManagerProviderDn()
Gets the "trust-manager-provider" property as a DN.Specifies the name of the trust manager that should be used when negotiating SSL connections with the remote authorization server.
- Returns:
- Returns the DN value of the "trust-manager-provider" property.
-
-