001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2008 Sun Microsystems, Inc.
015 */
016package org.forgerock.opendj.server.config.server;
017
018
019
020import org.forgerock.opendj.config.server.ConfigurationChangeListener;
021import org.forgerock.opendj.ldap.DN;
022
023
024
025/**
026 * A server-side interface for querying HTTP Oauth2 Token
027 * Introspection Authorization Mechanism settings.
028 * <p>
029 * The HTTP Oauth2 Token Introspection Authorization Mechanism is used
030 * to define OAuth2 authorization using an introspection (RFC7662)
031 * compliant authorization server.
032 */
033public interface HTTPOauth2TokenIntrospectionAuthorizationMechanismCfg extends HTTPOauth2AuthorizationMechanismCfg {
034
035  /**
036   * Gets the configuration class associated with this HTTP Oauth2 Token Introspection Authorization Mechanism.
037   *
038   * @return Returns the configuration class associated with this HTTP Oauth2 Token Introspection Authorization Mechanism.
039   */
040  Class<? extends HTTPOauth2TokenIntrospectionAuthorizationMechanismCfg> configurationClass();
041
042
043
044  /**
045   * Register to be notified when this HTTP Oauth2 Token Introspection Authorization Mechanism is changed.
046   *
047   * @param listener
048   *          The HTTP Oauth2 Token Introspection Authorization Mechanism configuration change listener.
049   */
050  void addHTTPOauth2TokenIntrospectionAuthorizationMechanismChangeListener(ConfigurationChangeListener<HTTPOauth2TokenIntrospectionAuthorizationMechanismCfg> listener);
051
052
053
054  /**
055   * Deregister an existing HTTP Oauth2 Token Introspection Authorization Mechanism configuration change listener.
056   *
057   * @param listener
058   *          The HTTP Oauth2 Token Introspection Authorization Mechanism configuration change listener.
059   */
060  void removeHTTPOauth2TokenIntrospectionAuthorizationMechanismChangeListener(ConfigurationChangeListener<HTTPOauth2TokenIntrospectionAuthorizationMechanismCfg> listener);
061
062
063
064  /**
065   * Gets the "authzid-json-pointer" property.
066   * <p>
067   * Specifies the JSON pointer to the value to use as Authorization
068   * ID. The JSON pointer is applied to the resolved access token JSON
069   * document. (example: /uid)
070   *
071   * @return Returns the value of the "authzid-json-pointer" property.
072   */
073  String getAuthzidJsonPointer();
074
075
076
077  /**
078   * Gets the "client-id" property.
079   * <p>
080   * Client's ID to use during the HTTP basic authentication against
081   * the authorization server.
082   *
083   * @return Returns the value of the "client-id" property.
084   */
085  String getClientId();
086
087
088
089  /**
090   * Gets the "client-secret" property.
091   * <p>
092   * Client's secret to use during the HTTP basic authentication
093   * against the authorization server.
094   *
095   * @return Returns the value of the "client-secret" property.
096   */
097  String getClientSecret();
098
099
100
101  /**
102   * Gets the "java-class" property.
103   * <p>
104   * Specifies the fully-qualified name of the Java class that
105   * provides the HTTP Oauth2 Token Introspection Authorization
106   * Mechanism implementation.
107   *
108   * @return Returns the value of the "java-class" property.
109   */
110  String getJavaClass();
111
112
113
114  /**
115   * Gets the "key-manager-provider" property.
116   * <p>
117   * Specifies the name of the key manager that should be used with
118   * this HTTP Oauth2 Token Introspection Authorization Mechanism .
119   *
120   * @return Returns the value of the "key-manager-provider" property.
121   */
122  String getKeyManagerProvider();
123
124
125
126  /**
127   * Gets the "key-manager-provider" property as a DN.
128   * <p>
129   * Specifies the name of the key manager that should be used with
130   * this HTTP Oauth2 Token Introspection Authorization Mechanism .
131   *
132   * @return Returns the DN value of the "key-manager-provider"
133   *         property.
134   */
135  DN getKeyManagerProviderDN();
136
137
138
139  /**
140   * Gets the "token-introspection-url" property.
141   * <p>
142   * Defines the token introspection endpoint URL where the
143   * access-token resolution request should be sent. (example:
144   * http://example.com/introspect)
145   *
146   * @return Returns the value of the "token-introspection-url" property.
147   */
148  String getTokenIntrospectionUrl();
149
150
151
152  /**
153   * Gets the "trust-manager-provider" property.
154   * <p>
155   * Specifies the name of the trust manager that should be used when
156   * negotiating SSL connections with the remote authorization server.
157   *
158   * @return Returns the value of the "trust-manager-provider" property.
159   */
160  String getTrustManagerProvider();
161
162
163
164  /**
165   * Gets the "trust-manager-provider" property as a DN.
166   * <p>
167   * Specifies the name of the trust manager that should be used when
168   * negotiating SSL connections with the remote authorization server.
169   *
170   * @return Returns the DN value of the "trust-manager-provider"
171   *         property.
172   */
173  DN getTrustManagerProviderDN();
174
175}