001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2008 Sun Microsystems, Inc. 015 */ 016package org.forgerock.opendj.server.config.server; 017 018 019 020import java.util.SortedSet; 021import org.forgerock.opendj.config.server.ConfigurationChangeListener; 022import org.forgerock.opendj.ldap.DN; 023 024 025 026/** 027 * A server-side interface for querying HTTP Oauth2 Authorization 028 * Mechanism settings. 029 * <p> 030 * The HTTP Oauth2 Authorization Mechanism is used to define HTTP 031 * OAuth2 authorization mechanism. 032 */ 033public interface HTTPOauth2AuthorizationMechanismCfg extends HTTPAuthorizationMechanismCfg { 034 035 /** 036 * Gets the configuration class associated with this HTTP Oauth2 Authorization Mechanism. 037 * 038 * @return Returns the configuration class associated with this HTTP Oauth2 Authorization Mechanism. 039 */ 040 Class<? extends HTTPOauth2AuthorizationMechanismCfg> configurationClass(); 041 042 043 044 /** 045 * Register to be notified when this HTTP Oauth2 Authorization Mechanism is changed. 046 * 047 * @param listener 048 * The HTTP Oauth2 Authorization Mechanism configuration change listener. 049 */ 050 void addHTTPOauth2AuthorizationMechanismChangeListener(ConfigurationChangeListener<HTTPOauth2AuthorizationMechanismCfg> listener); 051 052 053 054 /** 055 * Deregister an existing HTTP Oauth2 Authorization Mechanism configuration change listener. 056 * 057 * @param listener 058 * The HTTP Oauth2 Authorization Mechanism configuration change listener. 059 */ 060 void removeHTTPOauth2AuthorizationMechanismChangeListener(ConfigurationChangeListener<HTTPOauth2AuthorizationMechanismCfg> listener); 061 062 063 064 /** 065 * Gets the "access-token-cache-enabled" property. 066 * <p> 067 * Indicates whether the HTTP Oauth2 Authorization Mechanism is 068 * enabled for use. 069 * 070 * @return Returns the value of the "access-token-cache-enabled" property. 071 */ 072 boolean isAccessTokenCacheEnabled(); 073 074 075 076 /** 077 * Gets the "access-token-cache-expiration" property. 078 * <p> 079 * Token cache expiration 080 * 081 * @return Returns the value of the "access-token-cache-expiration" property. 082 */ 083 Long getAccessTokenCacheExpiration(); 084 085 086 087 /** 088 * Gets the "authzid-json-pointer" property. 089 * <p> 090 * Specifies the JSON pointer to the value to use as Authorization 091 * ID. The JSON pointer is applied to the resolved access token JSON 092 * document. (example: /uid) 093 * 094 * @return Returns the value of the "authzid-json-pointer" property. 095 */ 096 String getAuthzidJsonPointer(); 097 098 099 100 /** 101 * Gets the "identity-mapper" property. 102 * <p> 103 * > Specifies the name of the identity mapper to use in conjunction 104 * with the authzid-json-pointer to get the user corresponding to the 105 * acccess-token. 106 * 107 * @return Returns the value of the "identity-mapper" property. 108 */ 109 String getIdentityMapper(); 110 111 112 113 /** 114 * Gets the "identity-mapper" property as a DN. 115 * <p> 116 * > Specifies the name of the identity mapper to use in conjunction 117 * with the authzid-json-pointer to get the user corresponding to the 118 * acccess-token. 119 * 120 * @return Returns the DN value of the "identity-mapper" property. 121 */ 122 DN getIdentityMapperDN(); 123 124 125 126 /** 127 * Gets the "required-scope" property. 128 * <p> 129 * Scopes required to grant access to the service. 130 * 131 * @return Returns an unmodifiable set containing the values of the "required-scope" property. 132 */ 133 SortedSet<String> getRequiredScope(); 134 135}