| Package | Description |
|---|---|
| org.forgerock.oauth2.core |
Defines the core classes to implement OAuth2 for OpenAM.
|
| org.forgerock.oauth2.core.exceptions | |
| org.forgerock.openam.oauth2 | |
| org.forgerock.openam.oauth2.saml2.core | |
| org.forgerock.openidconnect | |
| org.forgerock.openidconnect.restlet |
| Modifier and Type | Method and Description |
|---|---|
void |
AgentOAuth2ProviderSettings.additionalDataToReturnFromTokenEndpoint(AccessToken accessToken,
OAuth2Request request) |
void |
OAuth2ProviderSettings.additionalDataToReturnFromTokenEndpoint(AccessToken accessToken,
OAuth2Request request)
Provided as an extension point to allow the OAuth2 provider to return additional data from an access token
request.
|
void |
ScopeValidator.additionalDataToReturnFromTokenEndpoint(AccessToken accessToken,
OAuth2Request request)
Provided as an extension point to allow the OAuth2 provider to return additional data from an access token
request.
|
void |
RealmOAuth2ProviderSettings.additionalDataToReturnFromTokenEndpoint(AccessToken accessToken,
OAuth2Request request) |
ClientRegistration |
ClientAuthenticator.authenticate(OAuth2Request request,
String endpoint)
Authenticates the client making the OAuth2 request by extracting the client's id and secret from the request
and authenticating against the OAuth2 providers client registrations.
|
AuthorizationToken |
AuthorizationService.authorize(OAuth2Request request)
Handles an initial authorization request from a OAuth2 client, validates the request is valid and contains
the required parameters, checks the resource owner has authenticated and given their consent for the client to
be authorized before issuing an AuthorizationToken.
|
AuthorizationToken |
AuthorizationService.authorize(OAuth2Request request,
boolean consentGiven,
boolean saveConsent)
Handles an authorization request from a OAuth2 client, validates the request is valid and contains the required
parameters, checks the resource owner has authenticated and given their consent for the client to be authorized
before issuing an AuthorizationToken.
|
ClientRegistration |
ClientRegistrationStore.get(String clientId,
OAuth2Request request)
Gets the client registration for the given client id.
|
ClientRegistration |
ClientRegistrationStore.get(String clientId,
String realm,
org.forgerock.services.context.Context context)
Gets the client registration for the given client id.
|
AccessToken |
GrantTypeHandler.handle(OAuth2Request request)
Handles an access token request for a specific OAuth2 grant type.
|
AccessToken |
ClientCredentialsGrantTypeHandler.handle(OAuth2Request request,
ClientRegistration clientRegistration,
OAuth2ProviderSettings providerSettings) |
AccessToken |
PasswordCredentialsGrantTypeHandler.handle(OAuth2Request request,
ClientRegistration clientRegistration,
OAuth2ProviderSettings providerSettings) |
AccessToken |
AuthorizationCodeGrantTypeHandler.handle(OAuth2Request request,
ClientRegistration clientRegistration,
OAuth2ProviderSettings providerSettings) |
protected AccessToken |
DeviceCodeGrantTypeHandler.handle(OAuth2Request request,
ClientRegistration client,
OAuth2ProviderSettings providerSettings) |
protected abstract AccessToken |
GrantTypeHandler.handle(OAuth2Request request,
ClientRegistration clientRegistration,
OAuth2ProviderSettings providerSettings) |
AccessToken |
JwtBearerGrantTypeHandler.handle(OAuth2Request request,
ClientRegistration clientRegistration,
OAuth2ProviderSettings providerSettings) |
Map.Entry<String,Token> |
ResponseTypeHandler.handle(String tokenType,
Set<String> scope,
ResourceOwner resourceOwner,
String clientId,
String redirectUri,
String nonce,
OAuth2Request request,
String codeChallenge,
String codeChallengeMethod)
Handles the creating of a Token instance and storing the Token in the OAuth2 provider
TokenStore. |
org.forgerock.json.JsonValue |
TokenIntrospectionService.introspect(OAuth2Request request)
Allows introspection of a (refresh or access) token according to the
OAuth 2.0 Token Introspection
standard.
|
AuthorizationToken |
AuthorizationTokenIssuer.issueTokens(OAuth2Request request,
ClientRegistration clientRegistration,
ResourceOwner resourceOwner,
Set<String> authorizationScope,
OAuth2ProviderSettings providerSettings)
Issues tokens for the OAuth2 authorize request.
|
AccessToken |
AccessTokenService.refreshToken(OAuth2Request request)
Handles a request to refresh an already issued access token for a OAuth2 client, validates that the request is
valid and contains the required parameters, checks that the refresh token on the request is valid and has not
expired, or been previously used to refresh an access token.
|
AccessToken |
AccessTokenService.requestAccessToken(OAuth2Request request)
Handles a request for access token(s) by a OAuth2 client, validates that the request is valid and contains the
required parameters, checks that the authorization code on the request is valid and has not expired, or been
previously used.
|
String |
RedirectUriResolver.resolve(OAuth2Request request)
Resolves the redirect URI
|
void |
DuplicateRequestParameterValidator.validateRequest(OAuth2Request request)
Validates that the OAuth2 request contains the valid parameters for the OAuth2 authorize endpoint.
|
void |
AuthorizeRequestValidator.validateRequest(OAuth2Request request)
Validates that the OAuth2 request contains the valid parameters for the OAuth2 authorize endpoint.
|
void |
AuthorizeRequestValidatorImpl.validateRequest(OAuth2Request request)
Validates that the OAuth2 request contains the valid parameters for the OAuth2 authorize endpoint.
|
void |
AuthorizationCodeRequestValidator.validateRequest(OAuth2Request request,
ClientRegistration clientRegistration)
Validates that the OAuth2 request contains the valid parameters for the OAuth2 authorization code grant.
|
void |
ClientCredentialsRequestValidator.validateRequest(OAuth2Request request,
ClientRegistration clientRegistration)
Validates that the OAuth2 request contains the valid parameters for the OAuth2 client credentials grant.
|
void |
AuthorizationCodeRequestValidatorImpl.validateRequest(OAuth2Request request,
ClientRegistration clientRegistration)
Validates that the OAuth2 request contains the valid parameters for the OAuth2 authorization code grant.
|
void |
PasswordCredentialsRequestValidator.validateRequest(OAuth2Request request,
ClientRegistration clientRegistration)
Validates that the OAuth2 request contains the valid parameters for the OAuth2 password credentials grant.
|
| Modifier and Type | Class and Description |
|---|---|
class |
InvalidClientAuthZHeaderException
Thrown when client authentication fails.
|
| Modifier and Type | Method and Description |
|---|---|
InvalidClientException |
ClientAuthenticationFailureFactory.getException()
Produces an InvalidClientException.
|
InvalidClientException |
ClientAuthenticationFailureFactory.getException(OAuth2Request request,
String message)
Produces an InvalidClientException or InvalidClientAuthZHeaderException based on the request provided.
|
InvalidClientException |
ClientAuthenticationFailureFactory.getException(String message)
Produces an InvalidClientException.
|
| Modifier and Type | Method and Description |
|---|---|
void |
OpenAMScopeValidator.additionalDataToReturnFromTokenEndpoint(AccessToken accessToken,
OAuth2Request request)
Provided as an extension point to allow the OAuth2 provider to return additional data from an access token
request.
|
OpenIdConnectToken |
OpenAMTokenStore.createOpenIDToken(ResourceOwner resourceOwner,
String clientId,
String authorizationParty,
String nonce,
String ops,
OAuth2Request request) |
OpenIdConnectToken |
StatefulTokenStore.createOpenIDToken(ResourceOwner resourceOwner,
String clientId,
String authorizationParty,
String nonce,
String ops,
OAuth2Request request)
Creates an OpenId Connect token and stores it in the OpenId Connect Provider's store.
|
ClientCredentials |
ClientCredentialsReader.extractCredentials(OAuth2Request request,
String endpoint)
Extracts the client's credentials from the OAuth2 request.
|
OpenIdConnectClientRegistration |
OpenAMClientRegistrationStore.get(String clientId,
OAuth2Request request)
Gets the client registration for the given client id.
|
OpenIdConnectClientRegistration |
OpenAMClientRegistrationStore.get(String clientId,
String realm,
org.forgerock.services.context.Context context)
Gets the client registration for the given client id.
|
| Modifier and Type | Method and Description |
|---|---|
AccessToken |
Saml2GrantTypeHandler.handle(OAuth2Request request) |
| Modifier and Type | Method and Description |
|---|---|
OpenIdConnectToken |
OpenIdConnectTokenStore.createOpenIDToken(ResourceOwner resourceOwner,
String clientId,
String authorizationParty,
String nonce,
String ops,
OAuth2Request request)
Creates an OpenId Connect token and stores it in the OpenId Connect Provider's store.
|
OpenIdConnectClientRegistration |
OpenIdConnectClientRegistrationStore.get(String clientId,
OAuth2Request request)
Gets the client registration for the given client id.
|
OpenIdConnectClientRegistration |
OpenIdConnectClientRegistrationStore.get(String clientId,
String realm,
org.forgerock.services.context.Context context)
Gets the client registration for the given client id.
|
String |
CheckSession.getClientSessionURI(javax.servlet.http.HttpServletRequest request)
Get the URL the postMessage must be coming from (registered in client) to process the message.
|
Map.Entry<String,Token> |
IdTokenResponseTypeHandler.handle(String tokenType,
Set<String> scope,
ResourceOwner resourceOwner,
String clientId,
String redirectUri,
String nonce,
OAuth2Request request,
String codeChallenge,
String codeChallengeMethod)
Handles the creating of a Token instance and storing the Token in the OAuth2 provider
TokenStore. |
Map.Entry<String,String> |
OpenIDTokenIssuer.issueToken(AccessToken accessToken,
OAuth2Request request)
Issues an OpenId Connect token, using the details of the access token.
|
void |
OpenIdConnectAuthorizeRequestValidator.validateRequest(OAuth2Request request)
Validates that the OAuth2 request contains the valid parameters for the OAuth2 authorize endpoint.
|
void |
ClaimsParameterValidator.validateRequest(OAuth2Request request) |
void |
CodeVerifierValidator.validateRequest(OAuth2Request request) |
void |
SubjectTypeValidator.validateRequest(OAuth2Request request) |
| Modifier and Type | Method and Description |
|---|---|
protected Map<String,Object> |
OpenIDConnectCheckSessionEndpoint.getDataModel(OAuth2Request oAuth2Request) |
Copyright © 2010–2025 Open Identity Platform Community. All rights reserved.