| Package | Description |
|---|---|
| org.forgerock.oauth2.core |
Defines the core classes to implement OAuth2 for OpenAM.
|
| org.forgerock.oauth2.core.exceptions | |
| org.forgerock.openam.oauth2 | |
| org.forgerock.openam.oauth2.saml2.core | |
| org.forgerock.openidconnect |
| Modifier and Type | Method and Description |
|---|---|
AuthorizationToken |
AuthorizationService.authorize(OAuth2Request request)
Handles an initial authorization request from a OAuth2 client, validates the request is valid and contains
the required parameters, checks the resource owner has authenticated and given their consent for the client to
be authorized before issuing an AuthorizationToken.
|
AuthorizationToken |
AuthorizationService.authorize(OAuth2Request request,
boolean consentGiven,
boolean saveConsent)
Handles an authorization request from a OAuth2 client, validates the request is valid and contains the required
parameters, checks the resource owner has authenticated and given their consent for the client to be authorized
before issuing an AuthorizationToken.
|
AccessToken |
GrantTypeHandler.handle(OAuth2Request request)
Handles an access token request for a specific OAuth2 grant type.
|
AccessToken |
ClientCredentialsGrantTypeHandler.handle(OAuth2Request request,
ClientRegistration clientRegistration,
OAuth2ProviderSettings providerSettings) |
AccessToken |
PasswordCredentialsGrantTypeHandler.handle(OAuth2Request request,
ClientRegistration clientRegistration,
OAuth2ProviderSettings providerSettings) |
protected AccessToken |
DeviceCodeGrantTypeHandler.handle(OAuth2Request request,
ClientRegistration client,
OAuth2ProviderSettings providerSettings) |
protected abstract AccessToken |
GrantTypeHandler.handle(OAuth2Request request,
ClientRegistration clientRegistration,
OAuth2ProviderSettings providerSettings) |
AccessToken |
JwtBearerGrantTypeHandler.handle(OAuth2Request request,
ClientRegistration clientRegistration,
OAuth2ProviderSettings providerSettings) |
AuthorizationToken |
AuthorizationTokenIssuer.issueTokens(OAuth2Request request,
ClientRegistration clientRegistration,
ResourceOwner resourceOwner,
Set<String> authorizationScope,
OAuth2ProviderSettings providerSettings)
Issues tokens for the OAuth2 authorize request.
|
AccessToken |
AccessTokenService.refreshToken(OAuth2Request request)
Handles a request to refresh an already issued access token for a OAuth2 client, validates that the request is
valid and contains the required parameters, checks that the refresh token on the request is valid and has not
expired, or been previously used to refresh an access token.
|
AccessToken |
AccessTokenService.requestAccessToken(OAuth2Request request)
Handles a request for access token(s) by a OAuth2 client, validates that the request is valid and contains the
required parameters, checks that the authorization code on the request is valid and has not expired, or been
previously used.
|
Set<String> |
AgentOAuth2ProviderSettings.validateAccessTokenScope(ClientRegistration clientRegistration,
Set<String> scope,
OAuth2Request request) |
Set<String> |
OAuth2ProviderSettings.validateAccessTokenScope(ClientRegistration clientRegistration,
Set<String> scope,
OAuth2Request request)
Provided as an extension point to allow the OAuth2 provider to customise the scope requested when an access token
is requested.
|
Set<String> |
ScopeValidator.validateAccessTokenScope(ClientRegistration clientRegistration,
Set<String> scope,
OAuth2Request request)
Provided as an extension point to allow the OAuth2 provider to customise the scope requested when an access token
is requested.
|
Set<String> |
RealmOAuth2ProviderSettings.validateAccessTokenScope(ClientRegistration clientRegistration,
Set<String> scope,
OAuth2Request request) |
Set<String> |
AgentOAuth2ProviderSettings.validateAuthorizationScope(ClientRegistration clientRegistration,
Set<String> scope,
OAuth2Request request) |
Set<String> |
OAuth2ProviderSettings.validateAuthorizationScope(ClientRegistration clientRegistration,
Set<String> scope,
OAuth2Request request)
Provided as an extension point to allow the OAuth2 provider to customise the scope requested when authorization
is requested.
|
Set<String> |
ScopeValidator.validateAuthorizationScope(ClientRegistration clientRegistration,
Set<String> scope,
OAuth2Request request)
Provided as an extension point to allow the OAuth2 provider to customise the scope requested when authorization
is requested.
|
Set<String> |
RealmOAuth2ProviderSettings.validateAuthorizationScope(ClientRegistration clientRegistration,
Set<String> scope,
OAuth2Request request) |
Set<String> |
AgentOAuth2ProviderSettings.validateRefreshTokenScope(ClientRegistration clientRegistration,
Set<String> requestedScope,
Set<String> tokenScope,
OAuth2Request request) |
Set<String> |
OAuth2ProviderSettings.validateRefreshTokenScope(ClientRegistration clientRegistration,
Set<String> requestedScope,
Set<String> tokenScope,
OAuth2Request request)
Provided as an extension point to allow the OAuth2 provider to customise the scope requested when a refresh token
is requested.
|
Set<String> |
ScopeValidator.validateRefreshTokenScope(ClientRegistration clientRegistration,
Set<String> requestedScope,
Set<String> tokenScope,
OAuth2Request request)
Provided as an extension point to allow the OAuth2 provider to customise the scope requested when a refresh token
is requested.
|
Set<String> |
RealmOAuth2ProviderSettings.validateRefreshTokenScope(ClientRegistration clientRegistration,
Set<String> requestedScope,
Set<String> tokenScope,
OAuth2Request request) |
void |
DuplicateRequestParameterValidator.validateRequest(OAuth2Request request)
Validates that the OAuth2 request contains the valid parameters for the OAuth2 authorize endpoint.
|
void |
AuthorizeRequestValidator.validateRequest(OAuth2Request request)
Validates that the OAuth2 request contains the valid parameters for the OAuth2 authorize endpoint.
|
| Modifier and Type | Method and Description |
|---|---|
static InvalidScopeException |
InvalidScopeException.create(String message,
OAuth2Request request)
Creates a new InvalidScopeException by deducing the UrlLocation from the OAuth2Request.
|
| Modifier and Type | Method and Description |
|---|---|
Set<String> |
OpenAMScopeValidator.validateAccessTokenScope(ClientRegistration client,
Set<String> scope,
OAuth2Request request)
Provided as an extension point to allow the OAuth2 provider to customise the scope requested when an access token
is requested.
|
Set<String> |
OpenAMScopeValidator.validateAuthorizationScope(ClientRegistration client,
Set<String> scope,
OAuth2Request request)
Provided as an extension point to allow the OAuth2 provider to customise the scope requested when authorization
is requested.
|
Set<String> |
OpenAMScopeValidator.validateRefreshTokenScope(ClientRegistration clientRegistration,
Set<String> requestedScope,
Set<String> tokenScope,
OAuth2Request request)
Provided as an extension point to allow the OAuth2 provider to customise the scope requested when a refresh token
is requested.
|
| Modifier and Type | Method and Description |
|---|---|
AccessToken |
Saml2GrantTypeHandler.handle(OAuth2Request request) |
| Modifier and Type | Method and Description |
|---|---|
void |
OpenIdConnectAuthorizeRequestValidator.validateRequest(OAuth2Request request)
Validates that the OAuth2 request contains the valid parameters for the OAuth2 authorize endpoint.
|
void |
ClaimsParameterValidator.validateRequest(OAuth2Request request) |
void |
CodeVerifierValidator.validateRequest(OAuth2Request request) |
Copyright © 2010–2025 Open Identity Platform Community. All rights reserved.