HTTP OAuth2 File Based Authorization Mechanism

The HTTP OAuth2 File Based Authorization Mechanism is used to define OAuth2 authorization through a file based access-token resolution. For test purpose only, this mechanism is looking up for JSON access-token files under the specified path.

Parent

The HTTP OAuth2 File Based Authorization Mechanism object inherits from HTTP OAuth2 Authorization Mechanism.

Properties

Use the --advanced option to access advanced properties.

Basic Properties

Advanced Properties

Basic Properties

access-token-cache-enabled

SynopsisIndicates whether the HTTP OAuth2 Authorization Mechanism is enabled for use.
Default Valuefalse
Allowed Valuestrue
false
Multi-valuedNo
RequiredYes
Admin Action RequiredNone
AdvancedNo
Read-OnlyNo

access-token-cache-expiration

SynopsisToken cache expiration
Default ValueNone
Allowed ValuesA duration. Lower limit: 0 seconds. Upper limit: 2147483647 seconds.
Multi-valuedNo
RequiredNo
Admin Action RequiredNone
AdvancedNo
Read-OnlyNo

access-token-directory

SynopsisDirectory containing token files. File names must be equal to the token strings. The file content must a JSON object with the following attributes: 'scope', 'expireTime' and all the field(s) needed to resolve the authzIdTemplate.
Default Valueoauth2-demo/
Allowed ValuesA string.
Multi-valuedNo
RequiredYes
Admin Action RequiredNone
AdvancedNo
Read-OnlyNo

authzid-json-pointer

SynopsisSpecifies the JSON pointer to the value to use as Authorization ID. The JSON pointer is applied to the resolved access token JSON document. (example: /uid)
Default ValueNone
Allowed ValuesA string.
Multi-valuedNo
RequiredYes
Admin Action RequiredNone
AdvancedNo
Read-OnlyNo

enabled

SynopsisIndicates whether the HTTP Authorization Mechanism is enabled.
Default ValueNone
Allowed Valuestrue
false
Multi-valuedNo
RequiredYes
Admin Action RequiredNone
AdvancedNo
Read-OnlyNo

identity-mapper

Synopsis> Specifies the name of the identity mapper to use in conjunction with the authzid-json-pointer to get the user corresponding to the acccess-token.
Default ValueNone
Allowed ValuesThe name of an existing Identity Mapper. The referenced identity mapper must be enabled when the HTTP OAuth2 Authorization Mechanism is enabled.
Multi-valuedNo
RequiredYes
Admin Action RequiredNone
AdvancedNo
Read-OnlyNo

required-scope

SynopsisScopes required to grant access to the service.
Default ValueNone
Allowed ValuesA string.
Multi-valuedYes
RequiredYes
Admin Action RequiredNone
AdvancedNo
Read-OnlyNo

Advanced Properties

java-class

SynopsisSpecifies the fully-qualified name of the Java class that provides the HTTP OAuth2 File Based Authorization Mechanism implementation.
Default Valueorg.opends.server.protocols.http.authz.HttpOAuth2FileAuthorizationMechanism
Allowed ValuesA Java class that extends or implements:
org.opends.server.protocols.http.authz.HttpAuthorizationMechanism
Multi-valuedNo
RequiredYes
Admin Action RequiredNone
AdvancedYes
Read-OnlyNo