001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2008 Sun Microsystems, Inc.
015 */
016package org.forgerock.opendj.server.config.server;
017
018
019
020import java.util.SortedSet;
021import org.forgerock.opendj.config.server.ConfigurationChangeListener;
022import org.forgerock.opendj.ldap.DN;
023
024
025
026/**
027 * A server-side interface for querying HTTP Oauth2 Authorization
028 * Mechanism settings.
029 * <p>
030 * The HTTP Oauth2 Authorization Mechanism is used to define HTTP
031 * OAuth2 authorization mechanism.
032 */
033public interface HTTPOauth2AuthorizationMechanismCfg extends HTTPAuthorizationMechanismCfg {
034
035  /**
036   * Gets the configuration class associated with this HTTP Oauth2 Authorization Mechanism.
037   *
038   * @return Returns the configuration class associated with this HTTP Oauth2 Authorization Mechanism.
039   */
040  Class<? extends HTTPOauth2AuthorizationMechanismCfg> configurationClass();
041
042
043
044  /**
045   * Register to be notified when this HTTP Oauth2 Authorization Mechanism is changed.
046   *
047   * @param listener
048   *          The HTTP Oauth2 Authorization Mechanism configuration change listener.
049   */
050  void addHTTPOauth2AuthorizationMechanismChangeListener(ConfigurationChangeListener<HTTPOauth2AuthorizationMechanismCfg> listener);
051
052
053
054  /**
055   * Deregister an existing HTTP Oauth2 Authorization Mechanism configuration change listener.
056   *
057   * @param listener
058   *          The HTTP Oauth2 Authorization Mechanism configuration change listener.
059   */
060  void removeHTTPOauth2AuthorizationMechanismChangeListener(ConfigurationChangeListener<HTTPOauth2AuthorizationMechanismCfg> listener);
061
062
063
064  /**
065   * Gets the "access-token-cache-enabled" property.
066   * <p>
067   * Indicates whether the HTTP Oauth2 Authorization Mechanism is
068   * enabled for use.
069   *
070   * @return Returns the value of the "access-token-cache-enabled" property.
071   */
072  boolean isAccessTokenCacheEnabled();
073
074
075
076  /**
077   * Gets the "access-token-cache-expiration" property.
078   * <p>
079   * Token cache expiration
080   *
081   * @return Returns the value of the "access-token-cache-expiration" property.
082   */
083  Long getAccessTokenCacheExpiration();
084
085
086
087  /**
088   * Gets the "authzid-json-pointer" property.
089   * <p>
090   * Specifies the JSON pointer to the value to use as Authorization
091   * ID. The JSON pointer is applied to the resolved access token JSON
092   * document. (example: /uid)
093   *
094   * @return Returns the value of the "authzid-json-pointer" property.
095   */
096  String getAuthzidJsonPointer();
097
098
099
100  /**
101   * Gets the "identity-mapper" property.
102   * <p>
103   * > Specifies the name of the identity mapper to use in conjunction
104   * with the authzid-json-pointer to get the user corresponding to the
105   * acccess-token.
106   *
107   * @return Returns the value of the "identity-mapper" property.
108   */
109  String getIdentityMapper();
110
111
112
113  /**
114   * Gets the "identity-mapper" property as a DN.
115   * <p>
116   * > Specifies the name of the identity mapper to use in conjunction
117   * with the authzid-json-pointer to get the user corresponding to the
118   * acccess-token.
119   *
120   * @return Returns the DN value of the "identity-mapper" property.
121   */
122  DN getIdentityMapperDN();
123
124
125
126  /**
127   * Gets the "required-scope" property.
128   * <p>
129   * Scopes required to grant access to the service.
130   *
131   * @return Returns an unmodifiable set containing the values of the "required-scope" property.
132   */
133  SortedSet<String> getRequiredScope();
134
135}