org.forgerock.http.oauth2.resolver

Class OpenAmAccessTokenResolver

java.lang.Object

org.forgerock.http.oauth2.resolver.OpenAmAccessTokenResolver

All Implemented Interfaces:

AccessTokenResolver

public class OpenAmAccessTokenResolver
extends Object
implements AccessTokenResolver

An OpenAmAccessTokenResolver knows how to resolve a given token identifier against an OpenAm instance.

Models an AccessTokenInfo as returned by the OpenAM tokeninfo endpoint.

     
     curl https://openam.example.com:8443/openam/oauth2/tokeninfo?access_token=70e5776c-b0fa-4c70-9962-defb0e9c3cd6
     
 

Example of OpenAM returned Json value (for the previous request):

     
     {
         "scope": [
             "email",
             "profile"
         ],
         "grant_type": "password",
         "realm": "/",
         "token_type": "Bearer",
         "expires_in": 471,
         "access_token": "70e5776c-b0fa-4c70-9962-defb0e9c3cd6",
         "email": "",
         "profile": ""
     }
     
 

Constructor Summary

Constructors

Constructor and Description
OpenAmAccessTokenResolver(Handler client, Clock clock, String tokenInfoEndpoint) Creates a new OpenAmAccessTokenResolver configured to access the given /oauth2/tokeninfo OpenAm endpoint.

Method Summary

Modifier and Type	Method and Description
Promise<AccessTokenInfo,AccessTokenException>	resolve(Context context, String token) Resolves a given access token against an authorization server.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OpenAmAccessTokenResolver

public OpenAmAccessTokenResolver(Handler client,
                                 Clock clock,
                                 String tokenInfoEndpoint)

Creates a new OpenAmAccessTokenResolver configured to access the given /oauth2/tokeninfo OpenAm endpoint.

Parameters:

client - Http client handler used to perform the request

clock - Clock used to compute the token expiration time

tokenInfoEndpoint - full URL of the /oauth2/tokeninfo endpoint

Method Detail

resolve

public Promise<AccessTokenInfo,AccessTokenException> resolve(Context context,
                                                             String token)

Description copied from interface: AccessTokenResolver

Resolves a given access token against an authorization server.

Specified by:

resolve in interface AccessTokenResolver

Parameters:

context - Context chain used to keep a relationship between requests (tracking)

token - token identifier to be resolved

Returns:

a promise completed either with a valid AccessTokenInfo (well-formed, known by the server), or by an exception