org.forgerock.oauth2.core

Class AccessTokenVerifier

java.lang.Object

org.forgerock.oauth2.core.AccessTokenVerifier

Direct Known Subclasses:

RestletFormBodyAccessTokenVerifier, RestletHeaderAccessTokenVerifier, RestletQueryParameterAccessTokenVerifier

public abstract class AccessTokenVerifier
extends Object

Verifies that a OAuth2 request that is made to one of the protected endpoints on the OAuth2 provider, (i.e. tokeninfo, userinfo) contains a valid access token.

Since:

12.0.0

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	AccessTokenVerifier.TokenState Represents the state of the token on the request.

Field Summary

Fields

Modifier and Type	Field and Description
static String	FORM_BODY
static String	HEADER
protected org.slf4j.Logger	logger
static String	QUERY_PARAM
static String	REALM_AGNOSTIC_FORM_BODY An AccessTokenVerifier that verifies the OAuth2 access token provided in the request payload without checking the realm corresponding to the OAuth2Request.
static String	REALM_AGNOSTIC_HEADER An AccessTokenVerifier that verifies the OAuth2 access token provided in a header without checking the realm corresponding to the OAuth2Request.
static String	REALM_AGNOSTIC_QUERY_PARAM An AccessTokenVerifier that verifies the OAuth2 access token provided in the query parameter without checking the realm corresponding to the OAuth2Request.

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	AccessTokenVerifier(TokenStore tokenStore)

Method Summary

Modifier and Type	Method and Description
protected abstract String	obtainTokenId(OAuth2Request request) Obtain the token ID from the request.
AccessTokenVerifier.TokenState	verify(OAuth2Request request) Verifies that the specified OAuth2 request contains a valid access token which has not expired.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

HEADER

public static final String HEADER

See Also:

Constant Field Values

REALM_AGNOSTIC_HEADER

public static final String REALM_AGNOSTIC_HEADER

An AccessTokenVerifier that verifies the OAuth2 access token provided in a header without checking the realm corresponding to the OAuth2Request.

See Also:

Constant Field Values

FORM_BODY

public static final String FORM_BODY

See Also:

Constant Field Values

REALM_AGNOSTIC_FORM_BODY

public static final String REALM_AGNOSTIC_FORM_BODY

An AccessTokenVerifier that verifies the OAuth2 access token provided in the request payload without checking the realm corresponding to the OAuth2Request.

See Also:

Constant Field Values

QUERY_PARAM

public static final String QUERY_PARAM

See Also:

Constant Field Values

REALM_AGNOSTIC_QUERY_PARAM

public static final String REALM_AGNOSTIC_QUERY_PARAM

An AccessTokenVerifier that verifies the OAuth2 access token provided in the query parameter without checking the realm corresponding to the OAuth2Request.

See Also:

Constant Field Values

logger

protected final org.slf4j.Logger logger

Constructor Detail

AccessTokenVerifier

protected AccessTokenVerifier(TokenStore tokenStore)

Method Detail

verify

public AccessTokenVerifier.TokenState verify(OAuth2Request request)

Verifies that the specified OAuth2 request contains a valid access token which has not expired.

Parameters:

request - The OAuth2 request. Must not be null.

Returns:

true if the request contains an access token which is valid and has not expired.

obtainTokenId

protected abstract String obtainTokenId(OAuth2Request request)

Obtain the token ID from the request.

Parameters:

request - The OAuth2 request. Must not be null.

Returns:

The String access token ID.