org.forgerock.oauth2.core

Interface ResourceOwnerConsentVerifier

All Known Implementing Classes:

OpenIdResourceOwnerConsentVerifier

public interface ResourceOwnerConsentVerifier

Verifier for determining whether a resource owner has saved its consent for the authorization grant, taking into account and OpenID Connect prompt parameter.

Since:

12.0.0

Method Summary

Modifier and Type	Method and Description
boolean	verify(boolean consentSaved, OAuth2Request request, ClientRegistration registration) Determines whether if the resource owner has previously saved consent and whether it should be used.

Method Detail

verify

boolean verify(boolean consentSaved,
               OAuth2Request request,
               ClientRegistration registration)
        throws ResourceOwnerConsentRequiredException

Determines whether if the resource owner has previously saved consent and whether it should be used.
OpenID Connect prompt parameter can mandate that the resource owner is forced to give consent.

Parameters:

consentSaved - true if the resource owner has previously saved consent.

request - The OAuth2 request.

registration - The client's registration information, used to determine where to error if necessary.

Returns:

true if the resource owner has saved consent and it can be used.

Throws:

ResourceOwnerConsentRequiredException - If the OpenID Connect prompt parameter enforces that the resource owner is not asked for consent, but the resource owners consent has not been previously stored.