public interface TokenStore
| Modifier and Type | Field and Description |
|---|---|
static String |
REALM_AGNOSTIC_TOKEN_STORE
A constant to identify the realm agnostic version of the
TokenStore implementation when using dependency
injection. |
| Modifier and Type | Method and Description |
|---|---|
AccessToken |
createAccessToken(String grantType,
String accessTokenType,
String authorizationCode,
String resourceOwnerId,
String clientId,
String redirectUri,
Set<String> scope,
RefreshToken refreshToken,
String nonce,
String claims,
OAuth2Request request)
Creates an Access Token and stores it in the OAuth2 Provider's store.
|
AccessToken |
createAccessToken(String grantType,
String accessTokenType,
String authorizationCode,
String resourceOwnerId,
String clientId,
String redirectUri,
Set<String> scope,
RefreshToken refreshToken,
String nonce,
String claims,
OAuth2Request request,
long authTime)
Creates an Access Token and stores it in the OAuth2 Provider's store.
|
AuthorizationCode |
createAuthorizationCode(Set<String> scope,
ResourceOwner resourceOwner,
String clientId,
String redirectUri,
String nonce,
OAuth2Request request,
String codeChallenge,
String codeChallengeMethod)
Creates an Authorization Code and stores it in the OAuth2 Provider's store.
|
DeviceCode |
createDeviceCode(Set<String> scope,
ResourceOwner resourceOwner,
String clientId,
String nonce,
String responseType,
String state,
String acrValues,
String prompt,
String uiLocales,
String loginHint,
Integer maxAge,
String claims,
OAuth2Request request,
String codeChallenge,
String codeChallengeMethod)
Creates a new device code token.
|
RefreshToken |
createRefreshToken(String grantType,
String clientId,
String resourceOwnerId,
String redirectUri,
Set<String> scope,
OAuth2Request request)
Creates a Refresh Token and stores it in the OAuth2 Provider's store.
|
RefreshToken |
createRefreshToken(String grantType,
String clientId,
String resourceOwnerId,
String redirectUri,
Set<String> scope,
OAuth2Request request,
String validatedClaims)
Creates a Refresh Token and stores it in the OAuth2 Provider's store.
|
RefreshToken |
createRefreshToken(String grantType,
String clientId,
String resourceOwnerId,
String redirectUri,
Set<String> scope,
OAuth2Request request,
String validatedClaims,
long authTime)
Creates a Refresh Token and stores it in the OAuth2 Provider's store.
|
RefreshToken |
createRefreshToken(String grantType,
String clientId,
String resourceOwnerId,
String redirectUri,
Set<String> scope,
OAuth2Request request,
String validatedClaims,
String authGrantId)
Creates a Refresh Token and stores it in the OAuth2 Provider's store.
|
RefreshToken |
createRefreshToken(String grantType,
String clientId,
String resourceOwnerId,
String redirectUri,
Set<String> scope,
OAuth2Request request,
String validatedClaims,
String authGrantId,
long authTime)
Creates a Refresh Token and stores it in the OAuth2 Provider's store.
|
void |
delete(String realm,
String tokenId)
Deletes the Token from the OAuth2 Provider's store with the specified identifier.
|
void |
deleteAccessToken(OAuth2Request request,
String accessTokenId)
Deletes an Access Token from the OAuth2 Provider's store.
|
void |
deleteAuthorizationCode(OAuth2Request request,
String authorizationCode)
Deletes an Authorization Code from the OAuth2 Provider's store.
|
void |
deleteDeviceCode(String clientId,
String code,
OAuth2Request request)
Deletes a device code token.
|
void |
deleteRefreshToken(OAuth2Request request,
String refreshTokenId)
Deletes a Refresh Token from the OAuth2 Provider's store.
|
org.forgerock.json.JsonValue |
queryForToken(String realm,
org.forgerock.util.query.QueryFilter<CoreTokenField> queryFilter)
Queries the OAuth2 Provider's store for tokens.
|
org.forgerock.json.JsonValue |
read(String tokenId)
Reads the Token from the OAuth2 Provider's store with the specified identifier.
|
AccessToken |
readAccessToken(OAuth2Request request,
String tokenId)
Reads an Access Token from the OAuth2 Provider's store with the specified identifier.
|
AuthorizationCode |
readAuthorizationCode(OAuth2Request request,
String code)
Creates an Authorization Code and stores it in the OAuth2 Provider's store.
|
DeviceCode |
readDeviceCode(String userCode,
OAuth2Request request)
Reads a device code token.
|
DeviceCode |
readDeviceCode(String clientId,
String code,
OAuth2Request request)
Reads a device code token.
|
RefreshToken |
readRefreshToken(OAuth2Request request,
String tokenId)
Reads a Refresh Token from the OAuth2 Provider's store with the specified identifier.
|
void |
updateAccessToken(OAuth2Request request,
AccessToken accessToken)
Updates an Access Token.
|
void |
updateAuthorizationCode(OAuth2Request request,
AuthorizationCode authorizationCode)
Updates an Authorization Code.
|
void |
updateDeviceCode(DeviceCode code,
OAuth2Request request)
Updates a device code token.
|
static final String REALM_AGNOSTIC_TOKEN_STORE
TokenStore implementation when using dependency
injection. The realm agnostic TokenStore does not verify whether the incoming OAuth2Request's realm is
the same as the OAuth2 access token's realm.AuthorizationCode createAuthorizationCode(Set<String> scope, ResourceOwner resourceOwner, String clientId, String redirectUri, String nonce, OAuth2Request request, String codeChallenge, String codeChallengeMethod) throws ServerException, NotFoundException
scope - The requested scope.resourceOwner - The resource owner.clientId - The client's id.redirectUri - The redirect uri.nonce - The nonce.request - The OAuth2 request.codeChallenge - codeChallengeMethod - ServerException - If any internal server error occurs.NotFoundException - If the realm does not have an OAuth 2.0 provider service.AccessToken createAccessToken(String grantType, String accessTokenType, String authorizationCode, String resourceOwnerId, String clientId, String redirectUri, Set<String> scope, RefreshToken refreshToken, String nonce, String claims, OAuth2Request request) throws ServerException, NotFoundException
grantType - The grant type.accessTokenType - The access token type.authorizationCode - The authorization code.resourceOwnerId - The resource owner's id.clientId - The client's id.redirectUri - The redirect uri.scope - The requested scope.refreshToken - The refresh token. May be null.nonce - The nonce.claims - Additional claims requested (for id_token or userinfo).request - The OAuth2 request.ServerException - If any internal server error occurs.NotFoundException - If the realm does not have an OAuth 2.0 provider service.AccessToken createAccessToken(String grantType, String accessTokenType, String authorizationCode, String resourceOwnerId, String clientId, String redirectUri, Set<String> scope, RefreshToken refreshToken, String nonce, String claims, OAuth2Request request, long authTime) throws ServerException, NotFoundException
grantType - The grant type.accessTokenType - The access token type.authorizationCode - The authorization code.resourceOwnerId - The resource owner's id.clientId - The client's id.redirectUri - The redirect uri.scope - The requested scope.refreshToken - The refresh token. May be null.nonce - The nonce.claims - Additional claims requested (for id_token or userinfo).request - The OAuth2 request.authTime - The end user's authentication time.ServerException - If any internal server error occurs.NotFoundException - If the realm does not have an OAuth 2.0 provider service.RefreshToken createRefreshToken(String grantType, String clientId, String resourceOwnerId, String redirectUri, Set<String> scope, OAuth2Request request) throws ServerException, NotFoundException
grantType - The OAuth2 Grant Type.clientId - The client's id.resourceOwnerId - The resource owner's Id.redirectUri - The redirect uri.scope - The requested scope.request - The OAuth2 request.ServerException - If any internal server error occurs.NotFoundException - If the realm does not have an OAuth 2.0 provider service.RefreshToken createRefreshToken(String grantType, String clientId, String resourceOwnerId, String redirectUri, Set<String> scope, OAuth2Request request, String validatedClaims) throws ServerException, NotFoundException
grantType - The OAuth2 Grant Type.clientId - The client's id.resourceOwnerId - The resource owner's Id.redirectUri - The redirect uri.scope - The requested scope.request - The OAuth2 request.validatedClaims - The validated claims.ServerException - If any internal server error occurs.NotFoundException - If the realm does not have an OAuth 2.0 provider service.RefreshToken createRefreshToken(String grantType, String clientId, String resourceOwnerId, String redirectUri, Set<String> scope, OAuth2Request request, String validatedClaims, long authTime) throws ServerException, NotFoundException
grantType - The OAuth2 Grant Type.clientId - The client's id.resourceOwnerId - The resource owner's Id.redirectUri - The redirect uri.scope - The requested scope.request - The OAuth2 request.validatedClaims - The validated claims.authTime - The end user's authentication time.ServerException - If any internal server error occurs.NotFoundException - If the realm does not have an OAuth 2.0 provider service.RefreshToken createRefreshToken(String grantType, String clientId, String resourceOwnerId, String redirectUri, Set<String> scope, OAuth2Request request, String validatedClaims, String authGrantId) throws ServerException, NotFoundException
grantType - The OAuth2 Grant Type.clientId - The client's id.resourceOwnerId - The resource owner's Id.redirectUri - The redirect uri.scope - The requested scope.request - The OAuth2 request.validatedClaims - The validated claims.authGrantId - The authorization grant Id.ServerException - If any internal server error occurs.NotFoundException - If the realm does not have an OAuth 2.0 provider service.RefreshToken createRefreshToken(String grantType, String clientId, String resourceOwnerId, String redirectUri, Set<String> scope, OAuth2Request request, String validatedClaims, String authGrantId, long authTime) throws ServerException, NotFoundException
grantType - The OAuth2 Grant Type.clientId - The client's id.resourceOwnerId - The resource owner's Id.redirectUri - The redirect uri.scope - The requested scope.request - The OAuth2 request.validatedClaims - The validated claims.authGrantId - The authorization grant Id.authTime - The end user's authentication time.ServerException - If any internal server error occurs.NotFoundException - If the realm does not have an OAuth 2.0 provider service.AuthorizationCode readAuthorizationCode(OAuth2Request request, String code) throws InvalidGrantException, ServerException, NotFoundException
request - The current request.code - The authorization code identifier.InvalidGrantException - If a problem occurs whilst retrieving the Authorization Code or if the read token
is not an Authorization Code.ServerException - If any internal server error occurs.NotFoundException - If the requested realm does not exist.void updateAuthorizationCode(OAuth2Request request, AuthorizationCode authorizationCode) throws NotFoundException, ServerException
request - The current request.authorizationCode - The authorization code.ServerException - If the authorization code could not be updated.NotFoundException - If the requested realm does not exist.void updateAccessToken(OAuth2Request request, AccessToken accessToken) throws NotFoundException, ServerException
request - The current request.accessToken - The access token.ServerException - If the token could not be updated.NotFoundException - If the requested realm does not exist.void deleteAuthorizationCode(OAuth2Request request, String authorizationCode) throws NotFoundException, ServerException
request - The current request.authorizationCode - The authorization code.ServerException - If the authorization code could not be deleted.NotFoundException - If the requested realm does not exist.void deleteAccessToken(OAuth2Request request, String accessTokenId) throws ServerException, NotFoundException
request - The current request.accessTokenId - The access token identifier.ServerException - If the token could not be deleted.NotFoundException - If the requested realm does not exist.void deleteRefreshToken(OAuth2Request request, String refreshTokenId) throws InvalidRequestException, NotFoundException, ServerException
request - The current request.refreshTokenId - The refresh token identifier.InvalidRequestException - If the token could not be deleted.ServerException - If the token could not be deleted.NotFoundException - If the requested realm does not exist.AccessToken readAccessToken(OAuth2Request request, String tokenId) throws ServerException, InvalidGrantException, NotFoundException
request - The current request.tokenId - The token identifier.InvalidGrantException - If the token is not an Access Token.ServerException - If the token could not be read by the server.NotFoundException - If the requested realm does not exist.RefreshToken readRefreshToken(OAuth2Request request, String tokenId) throws ServerException, InvalidGrantException, NotFoundException
request - The current request.tokenId - The token identifier.InvalidGrantException - If the token is not a Refresh Token.ServerException - If the token could not be read by the server.NotFoundException - If the requested realm does not exist.DeviceCode createDeviceCode(Set<String> scope, ResourceOwner resourceOwner, String clientId, String nonce, String responseType, String state, String acrValues, String prompt, String uiLocales, String loginHint, Integer maxAge, String claims, OAuth2Request request, String codeChallenge, String codeChallengeMethod) throws ServerException, NotFoundException
scope - The scope of the requested access token.resourceOwner - The resource owner ID.clientId - The client ID.nonce - The nonce for the ID token.responseType - The response type string.state - The client-side state token.acrValues - The requested ACR values.prompt - The prompt request parameter.uiLocales - The ui_locales request parameter.loginHint - The login_hint request parameter.maxAge - The max_age request parameter.claims - The claims request parameter for ID token claims.request - The request.codeChallenge - The submitted code challenge.codeChallengeMethod - The code challenge method.ServerException - If there was an error in constructing the code.NotFoundException - If the realm does not have an OAuth2Provider configured.DeviceCode readDeviceCode(String clientId, String code, OAuth2Request request) throws ServerException, NotFoundException, InvalidGrantException
clientId - The client ID.request - The request.code - The device code.ServerException - If there was an error in constructing the code.NotFoundException - If the realm does not have an OAuth2Provider configured.InvalidGrantExceptionDeviceCode readDeviceCode(String userCode, OAuth2Request request) throws ServerException, NotFoundException, InvalidGrantException
request - The request.userCode - The device code's user code.ServerException - If there was an error in constructing the code.NotFoundException - If the realm does not have an OAuth2Provider configured.InvalidGrantExceptionvoid updateDeviceCode(DeviceCode code, OAuth2Request request) throws ServerException, NotFoundException, InvalidGrantException
request - The request.code - The device code object.ServerException - If there was an error in constructing the code.NotFoundException - If the realm does not have an OAuth2Provider configured.InvalidGrantExceptionvoid deleteDeviceCode(String clientId, String code, OAuth2Request request) throws ServerException, NotFoundException, InvalidGrantException
clientId - The client ID.request - The request.code - The device code.ServerException - If there was an error in constructing the code.NotFoundException - If the realm does not have an OAuth2Provider configured.InvalidGrantExceptionorg.forgerock.json.JsonValue queryForToken(String realm, org.forgerock.util.query.QueryFilter<CoreTokenField> queryFilter) throws ServerException, NotFoundException
realm - The Realm.queryFilter - The query keyed by auth grant id, client id and resource owner.ServerException - If there was an error in reading the token using the id.NotFoundException - If the realm does not have an OAuth2Provider configured.void delete(String realm, String tokenId) throws ServerException, NotFoundException
realm - The RealmtokenId - The token IDServerException - If there was an error in reading the token using the id.NotFoundException - If the realm does not have an OAuth2Provider configured.org.forgerock.json.JsonValue read(String tokenId) throws ServerException, NotFoundException
tokenId - The token IDnull if the token is not found.ServerException - If there was an error in reading the token using the id.NotFoundException - If the realm does not have an OAuth2Provider configured.Copyright © 2010–2025 Open Identity Platform Community. All rights reserved.