Package org.forgerock.openig.filter.oauth2
This package contains the OAuth2 Token validation filter that acts as an OAuth 2 Resource Server.
- It ensure that there is an existing bearer access token in the request's headers.
- It resolves it against a given Authorization Server (that must provide a token-info
endpoint).
- Produced
AccessTokenInfo
are cached for future re-use. - Produced
AccessTokenInfo
are stored in theAttributesContext
for downstream handlers/filters.
- Produced
- It performs token validation: checking expiration time and required scopes compliance.
-
Class Summary Class Description CaffeineCacheAccessTokenResolver ACaffeineCacheAccessTokenResolver
is a delegatingAccessTokenResolver
that uses a write-throughCaffeine
cache to enable fastAccessTokenInfo
resolution.CaffeineCacheAccessTokenResolver.Builder Builder ofCaffeineCacheAccessTokenResolver
.CaffeineCacheAccessTokenResolver.Heaplet Creates and initializes anCaffeineCacheAccessTokenResolver
in the heap environment.OAuth2ClassAliasResolver Register all the aliases supported by the openig-oauth2 module.OAuth2ResourceServerFilterHeaplet Validates aRequest
that contains an OAuth 2.0 access token.OpenAmAccessTokenResolverHeaplet Deprecated. in 7.0.ScriptableAccessTokenResolver A Scriptable access token resolver.ScriptableAccessTokenResolver.Heaplet Creates and initializes a scriptable access token resolver in a heap environment.ScriptableResourceAccess A scriptable resource access.ScriptableResourceAccess.Heaplet Creates and initializes a scriptable object in a heap environment.StatelessAccessTokenResolver AStatelessAccessTokenResolver
that locally resolves and validates stateless access_tokens issued by AM.StatelessAccessTokenResolver.Heaplet Creates and initializes a stateless access token resolver in the heap environment.TokenIntrospectionAccessTokenResolverHeaplet Creates and initializes anTokenIntrospectionAccessTokenResolver
in a heap environment.