001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2008 Sun Microsystems, Inc. 015 */ 016package org.forgerock.opendj.server.config.server; 017 018 019 020import org.forgerock.opendj.config.server.ConfigurationChangeListener; 021import org.forgerock.opendj.ldap.DN; 022 023 024 025/** 026 * A server-side interface for querying HTTP Oauth2 Token 027 * Introspection Authorization Mechanism settings. 028 * <p> 029 * The HTTP Oauth2 Token Introspection Authorization Mechanism is used 030 * to define OAuth2 authorization using an introspection (RFC7662) 031 * compliant authorization server. 032 */ 033public interface HTTPOauth2TokenIntrospectionAuthorizationMechanismCfg extends HTTPOauth2AuthorizationMechanismCfg { 034 035 /** 036 * Gets the configuration class associated with this HTTP Oauth2 Token Introspection Authorization Mechanism. 037 * 038 * @return Returns the configuration class associated with this HTTP Oauth2 Token Introspection Authorization Mechanism. 039 */ 040 Class<? extends HTTPOauth2TokenIntrospectionAuthorizationMechanismCfg> configurationClass(); 041 042 043 044 /** 045 * Register to be notified when this HTTP Oauth2 Token Introspection Authorization Mechanism is changed. 046 * 047 * @param listener 048 * The HTTP Oauth2 Token Introspection Authorization Mechanism configuration change listener. 049 */ 050 void addHTTPOauth2TokenIntrospectionAuthorizationMechanismChangeListener(ConfigurationChangeListener<HTTPOauth2TokenIntrospectionAuthorizationMechanismCfg> listener); 051 052 053 054 /** 055 * Deregister an existing HTTP Oauth2 Token Introspection Authorization Mechanism configuration change listener. 056 * 057 * @param listener 058 * The HTTP Oauth2 Token Introspection Authorization Mechanism configuration change listener. 059 */ 060 void removeHTTPOauth2TokenIntrospectionAuthorizationMechanismChangeListener(ConfigurationChangeListener<HTTPOauth2TokenIntrospectionAuthorizationMechanismCfg> listener); 061 062 063 064 /** 065 * Gets the "authzid-json-pointer" property. 066 * <p> 067 * Specifies the JSON pointer to the value to use as Authorization 068 * ID. The JSON pointer is applied to the resolved access token JSON 069 * document. (example: /uid) 070 * 071 * @return Returns the value of the "authzid-json-pointer" property. 072 */ 073 String getAuthzidJsonPointer(); 074 075 076 077 /** 078 * Gets the "client-id" property. 079 * <p> 080 * Client's ID to use during the HTTP basic authentication against 081 * the authorization server. 082 * 083 * @return Returns the value of the "client-id" property. 084 */ 085 String getClientId(); 086 087 088 089 /** 090 * Gets the "client-secret" property. 091 * <p> 092 * Client's secret to use during the HTTP basic authentication 093 * against the authorization server. 094 * 095 * @return Returns the value of the "client-secret" property. 096 */ 097 String getClientSecret(); 098 099 100 101 /** 102 * Gets the "java-class" property. 103 * <p> 104 * Specifies the fully-qualified name of the Java class that 105 * provides the HTTP Oauth2 Token Introspection Authorization 106 * Mechanism implementation. 107 * 108 * @return Returns the value of the "java-class" property. 109 */ 110 String getJavaClass(); 111 112 113 114 /** 115 * Gets the "key-manager-provider" property. 116 * <p> 117 * Specifies the name of the key manager that should be used with 118 * this HTTP Oauth2 Token Introspection Authorization Mechanism . 119 * 120 * @return Returns the value of the "key-manager-provider" property. 121 */ 122 String getKeyManagerProvider(); 123 124 125 126 /** 127 * Gets the "key-manager-provider" property as a DN. 128 * <p> 129 * Specifies the name of the key manager that should be used with 130 * this HTTP Oauth2 Token Introspection Authorization Mechanism . 131 * 132 * @return Returns the DN value of the "key-manager-provider" 133 * property. 134 */ 135 DN getKeyManagerProviderDN(); 136 137 138 139 /** 140 * Gets the "token-introspection-url" property. 141 * <p> 142 * Defines the token introspection endpoint URL where the 143 * access-token resolution request should be sent. (example: 144 * http://example.com/introspect) 145 * 146 * @return Returns the value of the "token-introspection-url" property. 147 */ 148 String getTokenIntrospectionUrl(); 149 150 151 152 /** 153 * Gets the "trust-manager-provider" property. 154 * <p> 155 * Specifies the name of the trust manager that should be used when 156 * negotiating SSL connections with the remote authorization server. 157 * 158 * @return Returns the value of the "trust-manager-provider" property. 159 */ 160 String getTrustManagerProvider(); 161 162 163 164 /** 165 * Gets the "trust-manager-provider" property as a DN. 166 * <p> 167 * Specifies the name of the trust manager that should be used when 168 * negotiating SSL connections with the remote authorization server. 169 * 170 * @return Returns the DN value of the "trust-manager-provider" 171 * property. 172 */ 173 DN getTrustManagerProviderDN(); 174 175}