public class OpenAmAccessTokenResolverHeaplet extends GenericHeaplet
OpenAmAccessTokenResolver
in a heap environment.
It validates the token against the token info endpoint URL provided in the configuration.
{
"name": "ForgeRock Authorization Server",
"type": "OpenAmAccessTokenResolver",
"config": {
"endpoint": "https://openam.example.com:8443/openam/oauth2/tokeninfo",
"providerHandler": "ForgeRockClientHandler",
}
}
providerHandler is a name reference to another handler available in the heap. It will be used to perform
access token validation against the endpoint URL. It is usually a reference to some
ClientHandler
and more specifically the ForgeRockClientHandler.
Or if using the new AmService
reference:
{
"name": "ForgeRock Authorization Server",
"type": "OpenAmAccessTokenResolver",
"config": {
"amService": "AmService",
"providerHandler": "ForgeRockClientHandler",
}
}
In this example, the access token validation endpoint will be extrapolated from the OAuth2 endpoint provided by the amService and will be used in preference to any endpoint value set.
Constructor and Description |
---|
OpenAmAccessTokenResolverHeaplet() |
Modifier and Type | Method and Description |
---|---|
Object |
create()
Called to request the heaplet create an object.
|
create, destroy, endpointRegistry, evaluatedWithHeapProperties, expression, getConfig, getHeap, getType, meterRegistryHolder, start
public Object create() throws HeapException
GenericHeaplet
Heaplet.create(Name, JsonValue, Heap)
after initializing
the protected field members. Implementations should parse configuration
but not acquire resources, start threads, or log any initialization
messages. These tasks should be performed by the GenericHeaplet.start()
method.create
in class GenericHeaplet
HeapException
- if an exception occurred during creation of the heap object
or any of its dependencies.Copyright 2011-2017 ForgeRock AS.