com.adobe.granite.auth.oauth

Interface AccessTokenProvider

@ProviderType
public interface AccessTokenProvider

Interface for an OAuth 2.0 access token provider using Authorization Grants as defined in the Assertion Framework for OAuth 2.0 Client Authentication and Authorization Grants (see RFC 7523).

Since:

3.1

See Also:

AccessTokenRequestCustomizer

Method Summary

Modifier and Type	Method and Description
String	getAccessToken(ResourceResolver resolver, String userId, Map<String,?> claims) Return a valid access token or throws an exception.

Method Detail

getAccessToken

String getAccessToken(ResourceResolver resolver,
                      String userId,
                      Map<String,?> claims)
               throws CryptoException,
                      IOException,
                      NullPointerException

Return a valid access token or throws an exception. A new access token is obtained from the authorization server if needed, by generating a JWT and using it as authorization grant. Custom claims may be added via the claim parameter. The custom claims do override the claims computed by a AccessTokenProvider implementation.

An implementation may or may not reuse the access tokens.

Parameters:

resolver - The resource resolver to access the user associated to the userId

userId - The user identifier which has access to the required asymmetric cryptographic material

claims - An optional map of JWT claims that overrides the claims computed by a AccessTokenProvider implementation. Providing an empty map or null uses the default AccessTokenProvider implementation claims

Returns:

A valid JWT access token or throws an Exception (does not return null)

Throws:

CryptoException - If an error occurred while generating/signing the JWT claim

IOException - If an error occurred while communicating with the authorization server

NullPointerException - If the resolver or the userId is null