Latest update: 7.0.2
- Preface
- Required Configuration
- Handlers
- Filters
- AllowOnlyFilter
- AssignmentFilter
- CapturedUserPasswordFilter
- CertificateThumbprintFilter
- ClientCredentialsOAuth2ClientFilter
- ConditionalFilter
- ConditionEnforcementFilter
- ChainOfFilters
- CookieFilter
- CorsFilter
- CrossDomainSingleSignOnFilter
- CryptoHeaderFilter
- CsrfFilter
- DateHeaderFilter
- EntityExtractFilter
- FapiInteractionIdFilter
- FileAttributesFilter
- ForwardedRequestFilter
- HeaderFilter
- HttpBasicAuthenticationClientFilter
- HttpBasicAuthFilter
- IdTokenValidationFilter
- JwtBuilderFilter
- JwtValidationFilter
- LocationHeaderFilter
- OAuth2ClientFilter
- OAuth2ResourceServerFilter
- PasswordReplayFilter
- PolicyEnforcementFilter
- ScriptableFilter
- SessionInfoFilter
- SetCookieUpdateFilter
- SingleSignOnFilter
- SqlAttributesFilter
- StaticRequestFilter
- SwitchFilter
- ThrottlingFilter
- TokenTransformationFilter
- UmaFilter
- UriPathRewriteFilter
- UserProfileFilter
- Decorators
- Audit Framework
- Monitoring
- Throttling Policies
- Miscellaneous Configuration Objects
- Property Value Substitution
- Expressions
- Expressions
- Functions
- array
- boolean
- contains
- decodeBase64
- decodeBase64url
- digestSha256
- encodeBase64
- encodeBase64url
- fileToUrl
- formDecodeParameterNameOrValue
- formEncodeParameterNameOrValue
- indexOf
- integer
- integerWithRadix
- ipMatch
- join
- keyMatch
- length
- matchingGroups
- matches
- pathToUrl
- pemCertificate
- read
- readProperties
- readWithCharset
- split
- toJson
- toLowerCase
- toString
- toUpperCase
- trim
- urlDecode
- urlEncode
- urlDecodeFragment
- urlDecodePathElement
- urlDecodeQueryParameterNameOrValue
- urlDecodeUserInfo
- urlEncodeFragment
- urlEncodePathElement
- urlEncodeQueryParameterNameOrValue
- urlEncodeUserInfo
- More Information
- Patterns
- Scripts
- Properties
- Requests, Responses, and Contexts
- AttributesContext
- CapturedUserPasswordContext
- ClientContext
- Contexts
- CdSsoContext
- CdSsoFailureContext
- JwtBuilderContext
- JwtValidationContext
- JwtValidationErrorContext
- OAuth2Context
- PolicyDecisionContext
- Request
- Response
- SessionContext
- SessionInfoContext
- SsoTokenContext
- Status
- StsContext
- TransactionIdContext
- URI
- UriRouterContext
- UserProfileContext
- Access Token Resolvers
- Secret Stores
- Supported Standards
ScriptableAccessTokenResolver
In OAuth2ResourceServerFilter, use a Groovy script to resolve access tokens against an authorization server.
Receive a string representing an access token and use a Groovy script to create an instance or promise of org.forgerock.http.oauth2.AccessTokenInfo
.
Usage
Use this resolver with the accessTokenResolver
property of OAuth2ResourceServerFilter.
"accessTokenResolver": { "type": "ScriptableAccessTokenResolver", "config": { "type": string, "file": expression, // Use either "file" "source": string or array of strings, // or "source", but not both. "args": object, "clientHandler": Handler reference } }
Properties
For information about properties for ScriptableAccessTokenResolver, see Scripts.