public abstract class AbstractOAuth2TokenService extends Object implements OAuth2TokenService, Cacheable
| Constructor and Description |
|---|
AbstractOAuth2TokenService() |
AbstractOAuth2TokenService(TokenCacheConfiguration tokenCacheConfiguration)
Constructor used to overwrite the default cache configuration.
|
| Modifier and Type | Method and Description |
|---|---|
void |
clearCache()
Clears the cache of the component.
|
TokenCacheConfiguration |
getCacheConfiguration()
Provides the cache configuration of the component.
|
protected java.time.Clock |
getClock()
By default
Clock.systemUTC() is used to determine of a cached token
has reached its expiration (exp) point in time. |
protected abstract OAuth2TokenResponse |
requestAccessToken(URI tokenEndpointUri,
HttpHeaders headers,
Map<String,String> parameters)
Implements the HTTP client specific logic to perform an HTTP request and
handle the response.
|
OAuth2TokenResponse |
retrieveAccessTokenViaClientCredentialsGrant(URI tokenEndpointUri,
ClientCredentials clientCredentials,
String subdomain,
Map<String,String> optionalParameters,
boolean disableCacheForRequest)
Requests access token from OAuth Server with client credentials.
|
OAuth2TokenResponse |
retrieveAccessTokenViaJwtBearerTokenGrant(URI tokenEndpoint,
ClientCredentials clientCredentials,
String token,
String subdomain,
Map<String,String> optionalParameters,
boolean disableCacheForRequest) |
OAuth2TokenResponse |
retrieveAccessTokenViaPasswordGrant(URI tokenEndpoint,
ClientCredentials clientCredentials,
String username,
String password,
String subdomain,
Map<String,String> optionalParameters,
boolean disableCacheForRequest)
Requests access token from OAuth Server with user / password.
|
OAuth2TokenResponse |
retrieveAccessTokenViaRefreshToken(URI tokenEndpointUri,
ClientCredentials clientCredentials,
String refreshToken,
String subdomain,
boolean disableCacheForRequest)
Requests access token from OAuth Server with refresh-token.
|
OAuth2TokenResponse |
retrieveAccessTokenViaUserTokenGrant(URI tokenEndpointUri,
ClientCredentials clientCredentials,
String token,
String subdomain,
Map<String,String> optionalParameters)
Exchanges user access token from OAuth Server with user access token.
|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitretrieveAccessTokenViaClientCredentialsGrant, retrieveAccessTokenViaJwtBearerTokenGrant, retrieveAccessTokenViaPasswordGrant, retrieveAccessTokenViaRefreshTokenpublic AbstractOAuth2TokenService()
public AbstractOAuth2TokenService(TokenCacheConfiguration tokenCacheConfiguration)
tokenCacheConfiguration - the cache configuration used to configure the cache.public void clearCache()
CacheableclearCache in interface Cacheable@Nonnull public TokenCacheConfiguration getCacheConfiguration()
CacheablegetCacheConfiguration in interface Cacheablepublic OAuth2TokenResponse retrieveAccessTokenViaClientCredentialsGrant(@Nonnull URI tokenEndpointUri, @Nonnull ClientCredentials clientCredentials, @Nullable String subdomain, @Nullable Map<String,String> optionalParameters, boolean disableCacheForRequest) throws OAuth2ServiceException
OAuth2TokenServiceretrieveAccessTokenViaClientCredentialsGrant in interface OAuth2TokenServicetokenEndpointUri - the token endpoint URI.clientCredentials - the client id and secret of the OAuth client, the recipient of the
token.subdomain - optionally indicates what Identity Zone this request goes to by
supplying a subdomain (tenant).optionalParameters - optional request parameters, can be null.disableCacheForRequest - set to true disables the token cache for this request.OAuth2ServiceException - in case of an error during the http request.public OAuth2TokenResponse retrieveAccessTokenViaUserTokenGrant(@Nonnull URI tokenEndpointUri, @Nonnull ClientCredentials clientCredentials, @Nonnull String token, @Nullable String subdomain, @Nullable Map<String,String> optionalParameters) throws OAuth2ServiceException
OAuth2TokenServiceretrieveAccessTokenViaUserTokenGrant in interface OAuth2TokenServicetokenEndpointUri - the token endpoint URI.clientCredentials - the client id and secret of the OAuth client, the recipient of the
token.token - the user bearer token, that represents an authenticated user.subdomain - optionally indicates what Identity Zone this request goes to by
supplying a subdomain (tenant).optionalParameters - optional request parameters, can be null.OAuth2ServiceException - in case of an error during the http request.public OAuth2TokenResponse retrieveAccessTokenViaRefreshToken(@Nonnull URI tokenEndpointUri, @Nonnull ClientCredentials clientCredentials, @Nonnull String refreshToken, String subdomain, boolean disableCacheForRequest) throws OAuth2ServiceException
OAuth2TokenServiceretrieveAccessTokenViaRefreshToken in interface OAuth2TokenServicetokenEndpointUri - the token endpoint URI.clientCredentials - the client id and secret of the OAuth client, the recipient of the
token.refreshToken - the refresh token that was returned along with the access token
{link #OAuth2AccessToken}.subdomain - optionally indicates what Identity Zone this request goes to by
supplying a subdomain (tenant).disableCacheForRequest - set to true disables the token cache for this request.OAuth2ServiceException - in case of an error during the http request.public OAuth2TokenResponse retrieveAccessTokenViaPasswordGrant(@Nonnull URI tokenEndpoint, @Nonnull ClientCredentials clientCredentials, @Nonnull String username, @Nonnull String password, @Nullable String subdomain, @Nullable Map<String,String> optionalParameters, boolean disableCacheForRequest) throws OAuth2ServiceException
OAuth2TokenServiceretrieveAccessTokenViaPasswordGrant in interface OAuth2TokenServicetokenEndpoint - the token endpoint URI.clientCredentials - the client id and secret of the OAuth client, the recipient of the
token.username - the username for the user trying to get a tokenpassword - the password for the user trying to get a tokensubdomain - optionally indicates what Identity Zone this request goes to by
supplying a subdomain (tenant).optionalParameters - optional request parameters, can be null.disableCacheForRequest - set to true disables the token cache for this request.OAuth2ServiceException - in case of an error during the http request.public OAuth2TokenResponse retrieveAccessTokenViaJwtBearerTokenGrant(URI tokenEndpoint, ClientCredentials clientCredentials, String token, @Nullable String subdomain, @Nullable Map<String,String> optionalParameters, boolean disableCacheForRequest) throws OAuth2ServiceException
retrieveAccessTokenViaJwtBearerTokenGrant in interface OAuth2TokenServicetokenEndpoint - the token endpoint URI.clientCredentials - the client id and secret of the OAuth client, the recipient of the
token.token - the JWT token identifying representing the user to be
authenticatedsubdomain - optionally indicates what Identity Zone this request goes to by
supplying a subdomain (tenant).optionalParameters - optional request parameters, can be null.disableCacheForRequest - set to true disables the token cache for this request.OAuth2ServiceException - in case of an error during the http request.protected abstract OAuth2TokenResponse requestAccessToken(URI tokenEndpointUri, HttpHeaders headers, Map<String,String> parameters) throws OAuth2ServiceException
tokenEndpointUri - the URI of the token endpoint the request must be sent to.headers - the HTTP headers that must be sent with the request.parameters - a map of request parameters that must be sent with the request.OAuth2ServiceException - when the request ot the token endpoint fails or returns an error
code.protected java.time.Clock getClock()
Clock.systemUTC() is used to determine of a cached token
has reached its expiration (exp) point in time. This method can be overridden
for testing purposes.ClockCopyright © 2020. All rights reserved.