public class TokenIntrospectionAccessTokenResolverHeaplet extends GenericHeaplet
TokenIntrospectionAccessTokenResolver
in a heap environment.
It validates the token against the token introspection endpoint URL provided in the configuration.
{
"name": "OAuth 2.0 Authorization Server",
"type": "TokenIntrospectionAccessTokenResolver",
"config": {
"endpoint": "https://as.example.com/oauth2/introspect",
"providerHandler": "ForgeRockClientHandler",
}
}
providerHandler is a name reference to another handler available in the heap. It will be used to perform
access token introspection against the endpoint URL. It is usually a reference to some
ClientHandler
and more specifically the ForgeRockClientHandler.
Or if using the new AmService
reference:
{
"name": "OAuth 2.0 Authorization Server",
"type": "TokenIntrospectionAccessTokenResolver",
"config": {
"amService": "AmService",
"providerHandler": "ForgeRockClientHandler",
}
}
In this example, the access token introspection endpoint will be extrapolated from the OAuth2 endpoint provided by the amService and will be used in preference to any endpoint value set.
Constructor and Description |
---|
TokenIntrospectionAccessTokenResolverHeaplet() |
Modifier and Type | Method and Description |
---|---|
Object |
create()
Called to request the heaplet create an object.
|
create, destroy, endpointRegistry, evaluatedWithHeapProperties, expression, getConfig, getHeap, getType, meterRegistryHolder, start
public TokenIntrospectionAccessTokenResolverHeaplet()
public Object create() throws HeapException
GenericHeaplet
Heaplet.create(Name, JsonValue, Heap)
after initializing
the protected field members. Implementations should parse configuration
but not acquire resources, start threads, or log any initialization
messages. These tasks should be performed by the GenericHeaplet.start()
method.create
in class GenericHeaplet
HeapException
- if an exception occurred during creation of the heap object
or any of its dependencies.Copyright 2011-2017 ForgeRock AS.