Module org.glassfish.soteria
Package org.glassfish.soteria.mechanisms.openid.controller

Class TokenController

  • @ApplicationScoped
public class TokenController
extends Object
    Controller for Token endpoint
    Author:
    Gaurav Gupta, Rudy De Busscher

    • Constructor Summary

      Constructors 
      Constructor Description
      TokenController()  

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      jakarta.ws.rs.core.Response getTokens​(jakarta.servlet.http.HttpServletRequest request)
      (4) A Client makes a token request to the token endpoint and the OpenId Provider responds with an ID Token and an Access Token.
      jakarta.ws.rs.core.Response refreshTokens​(jakarta.security.enterprise.identitystore.openid.RefreshToken refreshToken)
      Makes a refresh request to the token endpoint and the OpenId Provider responds with a new (updated) Access Token and Refreshs Token.
      Map<String,​Object> validateAccessToken​(AccessTokenImpl accessToken, com.nimbusds.jose.Algorithm idTokenAlgorithm, Map<String,​Object> idTokenClaims)
      (5.2) Validate the Access Token and its claims and verify the signature.
      com.nimbusds.jwt.JWTClaimsSet validateIdToken​(IdentityTokenImpl idToken, jakarta.security.enterprise.authentication.mechanism.http.HttpMessageContext httpContext)
      (5.1) Validate Id Token's claims and verify ID Token's signature.
      com.nimbusds.jwt.JWTClaimsSet validateRefreshedIdToken​(jakarta.security.enterprise.identitystore.openid.IdentityToken previousIdToken, IdentityTokenImpl newIdToken)
      Validate Id Token received from Successful Refresh Response.

    • Constructor Detail

      • TokenController

        public TokenController()

    • Method Detail

      • getTokens

        public jakarta.ws.rs.core.Response getTokens​(jakarta.servlet.http.HttpServletRequest request)
        (4) A Client makes a token request to the token endpoint and the OpenId Provider responds with an ID Token and an Access Token.
        Parameters:
        request -
        Returns:
        a JSON object representation of OpenID Connect token response from the Token endpoint.

      • validateIdToken

        public com.nimbusds.jwt.JWTClaimsSet validateIdToken​(IdentityTokenImpl idToken,
                                                     jakarta.security.enterprise.authentication.mechanism.http.HttpMessageContext httpContext)
        (5.1) Validate Id Token's claims and verify ID Token's signature.
        Parameters:
        idToken -
        httpContext -
        Returns:
        JWT Claims

      • validateRefreshedIdToken

        public com.nimbusds.jwt.JWTClaimsSet validateRefreshedIdToken​(jakarta.security.enterprise.identitystore.openid.IdentityToken previousIdToken,
                                                              IdentityTokenImpl newIdToken)
        Validate Id Token received from Successful Refresh Response.
        Parameters:
        previousIdToken -
        newIdToken -
        Returns:
        JWT Claims

      • validateAccessToken

        public Map<String,​Object> validateAccessToken​(AccessTokenImpl accessToken,
                                                    com.nimbusds.jose.Algorithm idTokenAlgorithm,
                                                    Map<String,​Object> idTokenClaims)
        (5.2) Validate the Access Token and its claims and verify the signature.
        Parameters:
        accessToken -
        idTokenAlgorithm -
        idTokenClaims -
        Returns:
        JWT Claims

      • refreshTokens

        public jakarta.ws.rs.core.Response refreshTokens​(jakarta.security.enterprise.identitystore.openid.RefreshToken refreshToken)
        Makes a refresh request to the token endpoint and the OpenId Provider responds with a new (updated) Access Token and Refreshs Token.
        Parameters:
        refreshToken - Refresh Token received from previous token request.
        Returns:
        a JSON object representation of OpenID Connect token response from the Token endpoint.