001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2014-2017 ForgeRock AS.
015 */
016
017package org.forgerock.oauth2.core;
018
019import java.net.URI;
020import java.util.Locale;
021import java.util.Map;
022import java.util.Set;
023
024import org.forgerock.json.jose.jws.JwsAlgorithm;
025import org.forgerock.oauth2.core.exceptions.ServerException;
026
027/**
028 * Models a client registration in the OAuth2 provider.
029 *
030 * @since 12.0.0
031 * @supported.all.api
032 */
033public interface ClientRegistration {
034
035    /**
036     * Gets the registered redirect uris for the client.
037     *
038     * @return The redirect uris.
039     */
040    Set<URI> getRedirectUris();
041
042    /**
043     * Gets the registered post logout redirect uris for the client.
044     *
045     * @return The redirect uris.
046     */
047    Set<URI> getPostLogoutRedirectUris();
048
049    /**
050     * Gets the allowed response types.
051     *
052     * @return The allowed response types.
053     */
054    Set<String> getAllowedResponseTypes();
055
056    /**
057     * Gets the client's identifier.
058     *
059     * @return The client's id.
060     */
061    String getClientId();
062
063    /**
064     * Gets the client's secret.
065     *
066     * @return The client's secret.
067     */
068    String getClientSecret();
069
070    /**
071     * Gets the type of access token the client requires.
072     *
073     * @return The access token type.
074     */
075    String getAccessTokenType();
076
077    /**
078     * Gets the display name of the client in the specified locale.
079     *
080     * @param locale The locale.
081     * @return The display name.
082     */
083    String getDisplayName(Locale locale);
084
085    /**
086     * Gets the display description of the client in the specified locale.
087     *
088     * @param locale The locale.
089     * @return The display description.
090     */
091    String getDisplayDescription(Locale locale);
092
093    /**
094     * Gets the display descriptions for the allowed and default scopes combined, in the specified locale.
095     *
096     * @param locale The locale.
097     * @return The descriptions of the allowed and default scopes combined.
098     */
099    Map<String, String> getScopeDescriptions(Locale locale) throws ServerException;
100
101    /**
102     * Gets the display descriptions for the allowed and default scopes combined, in the specified locale.
103     *
104     * @param locale The locale.
105     * @return The descriptions of the allowed and default scopes combined.
106     */
107    Map<String, String> getClaimDescriptions(Locale locale) throws ServerException;
108
109    /**
110     * Gets the default scopes configured for the client.
111     *
112     * @return The default scopes.
113     */
114    Set<String> getDefaultScopes();
115
116    /**
117     * Gets the allowed scopes configured for the client.
118     *
119     * @return The allowed scopes.
120     */
121    Set<String> getAllowedScopes();
122
123    /**
124     * Gets whether the client is confidential or not.
125     *
126     * @return {@code true} if the client is confidential.
127     */
128    boolean isConfidential();
129
130    /**
131     * Gets the client's session URI.
132     *
133     * @return The client's session URI.
134     */
135    String getClientSessionURI();
136
137    /**
138     * Gets the subject type of this client. PAIRWISE or PUBLIC.
139     */
140    String getSubjectType();
141
142    /**
143     * Verifies that the supplied jwt is signed by this client.
144     */
145    boolean verifyJwtBearerForClientAuthentication(OAuth2Jwt jwt);
146
147    /**
148     * Verifies that the supplied jwt is signed by AM.
149     */
150    boolean verifyJwtSignedByOAuth2Provider(OAuth2Jwt jwt, JwsAlgorithm expectedJwsAlgorithm);
151
152    /**
153     * Gets whether or not the client wants the OAuth2 implementation to skip asking the resource owner for consent.
154     *
155     * @return true if the client is configured to skip resource owner consent.
156     */
157    boolean isConsentImplied();
158}