Map<String,String> |
AgentOAuth2ProviderSettings.additionalDataToReturnFromAuthorizeEndpoint(Map<String,Token> tokens,
OAuth2Request request) |
|
Map<String,String> |
OAuth2ProviderSettings.additionalDataToReturnFromAuthorizeEndpoint(Map<String,Token> tokens,
OAuth2Request request) |
Provided as an extension point to allow the OAuth2 provider to return additional data from an authorization
request.
|
Map<String,String> |
RealmOAuth2ProviderSettings.additionalDataToReturnFromAuthorizeEndpoint(Map<String,Token> tokens,
OAuth2Request request) |
|
void |
AgentOAuth2ProviderSettings.additionalDataToReturnFromTokenEndpoint(AccessToken accessToken,
OAuth2Request request) |
|
void |
OAuth2ProviderSettings.additionalDataToReturnFromTokenEndpoint(AccessToken accessToken,
OAuth2Request request) |
Provided as an extension point to allow the OAuth2 provider to return additional data from an access token
request.
|
void |
RealmOAuth2ProviderSettings.additionalDataToReturnFromTokenEndpoint(AccessToken accessToken,
OAuth2Request request) |
|
void |
ScopeValidator.additionalDataToReturnFromTokenEndpoint(AccessToken accessToken,
OAuth2Request request) |
Provided as an extension point to allow the OAuth2 provider to return additional data from an access token
request.
|
AuthorizationToken |
AuthorizationService.authorize(OAuth2Request request) |
Handles an initial authorization request from a OAuth2 client, validates the request is valid and contains
the required parameters, checks the resource owner has authenticated and given their consent for the client to
be authorized before issuing an AuthorizationToken.
|
AuthorizationToken |
AuthorizationService.authorize(OAuth2Request request,
boolean consentGiven,
boolean saveConsent) |
Handles an authorization request from a OAuth2 client, validates the request is valid and contains the required
parameters, checks the resource owner has authenticated and given their consent for the client to be authorized
before issuing an AuthorizationToken.
|
boolean |
AgentOAuth2ProviderSettings.clientsCanSkipConsent() |
|
boolean |
OAuth2ProviderSettings.clientsCanSkipConsent() |
Whether clients can opt to skip resource owner consent during authorization flows.
|
boolean |
RealmOAuth2ProviderSettings.clientsCanSkipConsent() |
|
AccessToken |
TokenStore.createAccessToken(String grantType,
String accessTokenType,
String authorizationCode,
String resourceOwnerId,
String clientId,
String redirectUri,
Set<String> scope,
RefreshToken refreshToken,
String nonce,
String claims,
OAuth2Request request) |
Creates an Access Token and stores it in the OAuth2 Provider's store.
|
AccessToken |
TokenStore.createAccessToken(String grantType,
String accessTokenType,
String authorizationCode,
String resourceOwnerId,
String clientId,
String redirectUri,
Set<String> scope,
RefreshToken refreshToken,
String nonce,
String claims,
OAuth2Request request,
long authTime) |
Creates an Access Token and stores it in the OAuth2 Provider's store.
|
AuthorizationCode |
TokenStore.createAuthorizationCode(Set<String> scope,
ResourceOwner resourceOwner,
String clientId,
String redirectUri,
String nonce,
OAuth2Request request,
String codeChallenge,
String codeChallengeMethod) |
Creates an Authorization Code and stores it in the OAuth2 Provider's store.
|
DeviceCode |
TokenStore.createDeviceCode(Set<String> scope,
ResourceOwner resourceOwner,
String clientId,
String nonce,
String responseType,
String state,
String acrValues,
String prompt,
String uiLocales,
String loginHint,
Integer maxAge,
String claims,
OAuth2Request request,
String codeChallenge,
String codeChallengeMethod) |
Creates a new device code token.
|
RefreshToken |
TokenStore.createRefreshToken(String grantType,
String clientId,
String resourceOwnerId,
String redirectUri,
Set<String> scope,
OAuth2Request request) |
Creates a Refresh Token and stores it in the OAuth2 Provider's store.
|
RefreshToken |
TokenStore.createRefreshToken(String grantType,
String clientId,
String resourceOwnerId,
String redirectUri,
Set<String> scope,
OAuth2Request request,
String validatedClaims) |
Creates a Refresh Token and stores it in the OAuth2 Provider's store.
|
RefreshToken |
TokenStore.createRefreshToken(String grantType,
String clientId,
String resourceOwnerId,
String redirectUri,
Set<String> scope,
OAuth2Request request,
String validatedClaims,
long authTime) |
Creates a Refresh Token and stores it in the OAuth2 Provider's store.
|
RefreshToken |
TokenStore.createRefreshToken(String grantType,
String clientId,
String resourceOwnerId,
String redirectUri,
Set<String> scope,
OAuth2Request request,
String validatedClaims,
String authGrantId) |
Creates a Refresh Token and stores it in the OAuth2 Provider's store.
|
RefreshToken |
TokenStore.createRefreshToken(String grantType,
String clientId,
String resourceOwnerId,
String redirectUri,
Set<String> scope,
OAuth2Request request,
String validatedClaims,
String authGrantId,
long authTime) |
Creates a Refresh Token and stores it in the OAuth2 Provider's store.
|
void |
TokenStore.delete(String realm,
String tokenId) |
Deletes the Token from the OAuth2 Provider's store with the specified identifier.
|
void |
TokenStore.deleteAccessToken(OAuth2Request request,
String accessTokenId) |
Deletes an Access Token from the OAuth2 Provider's store.
|
void |
TokenStore.deleteAuthorizationCode(OAuth2Request request,
String authorizationCode) |
Deletes an Authorization Code from the OAuth2 Provider's store.
|
void |
TokenStore.deleteDeviceCode(String clientId,
String code,
OAuth2Request request) |
Deletes a device code token.
|
void |
TokenStore.deleteRefreshToken(OAuth2Request request,
String refreshTokenId) |
Deletes a Refresh Token from the OAuth2 Provider's store.
|
Map<String,Object> |
AgentOAuth2ProviderSettings.evaluateScope(AccessToken accessToken) |
|
Map<String,Object> |
OAuth2ProviderSettings.evaluateScope(AccessToken accessToken) |
Gets the specified access token's information.
|
Map<String,Object> |
RealmOAuth2ProviderSettings.evaluateScope(AccessToken accessToken) |
|
Set<ResourceSetDescription> |
ResourceSetFilter.filter(Set<ResourceSetDescription> values) |
Filters the Set provided.
|
AccessToken |
GrantTypeAccessTokenGenerator.generateAccessToken(OAuth2ProviderSettings providerSettings,
String grantType,
String clientId,
String resourceOwnerId,
String redirectUri,
Set<String> scope,
String validatedClaims,
String authorizationCode,
String nonce,
OAuth2Request request) |
|
long |
AgentOAuth2ProviderSettings.getAccessTokenLifetime() |
|
long |
OAuth2ProviderSettings.getAccessTokenLifetime() |
Gets the lifetime an access token will have before it expires.
|
long |
RealmOAuth2ProviderSettings.getAccessTokenLifetime() |
|
Map<String,AuthenticationMethod> |
AgentOAuth2ProviderSettings.getAcrMapping() |
|
Map<String,AuthenticationMethod> |
OAuth2ProviderSettings.getAcrMapping() |
Returns a mapping from Authentication Context Class Reference (ACR) values (typically a Level of Assurance
value) to concrete authentication methods.
|
Map<String,AuthenticationMethod> |
RealmOAuth2ProviderSettings.getAcrMapping() |
|
Map<String,ResponseTypeHandler> |
AgentOAuth2ProviderSettings.getAllowedResponseTypes() |
|
Map<String,ResponseTypeHandler> |
OAuth2ProviderSettings.getAllowedResponseTypes() |
Gets the response types allowed by the OAuth2 provider.
|
Map<String,ResponseTypeHandler> |
RealmOAuth2ProviderSettings.getAllowedResponseTypes() |
|
Map<String,String> |
AgentOAuth2ProviderSettings.getAMRAuthModuleMappings() |
|
Map<String,String> |
OAuth2ProviderSettings.getAMRAuthModuleMappings() |
The mappings between amr values and auth module names.
|
Map<String,String> |
RealmOAuth2ProviderSettings.getAMRAuthModuleMappings() |
|
long |
AgentOAuth2ProviderSettings.getAuthorizationCodeLifetime() |
|
long |
OAuth2ProviderSettings.getAuthorizationCodeLifetime() |
Gets the lifetime an authorization code will have before it expires.
|
long |
RealmOAuth2ProviderSettings.getAuthorizationCodeLifetime() |
|
Map<String,String> |
ClientRegistration.getClaimDescriptions(Locale locale) |
Gets the display descriptions for the allowed and default scopes combined, in the specified locale.
|
boolean |
AgentOAuth2ProviderSettings.getClaimsParameterSupported() |
|
boolean |
OAuth2ProviderSettings.getClaimsParameterSupported() |
Returns whether this provider supports claims requested via 'claims' parameter.
|
boolean |
RealmOAuth2ProviderSettings.getClaimsParameterSupported() |
|
String |
AgentOAuth2ProviderSettings.getCompletionUrl() |
|
String |
OAuth2ProviderSettings.getCompletionUrl() |
The URL that the user will be sent to on completion of their OAuth 2 login
and consent when using the device code flow.
|
String |
RealmOAuth2ProviderSettings.getCompletionUrl() |
|
String |
AgentOAuth2ProviderSettings.getCreatedTimestampAttributeName() |
|
String |
OAuth2ProviderSettings.getCreatedTimestampAttributeName() |
Gets the created timestamp attribute name.
|
String |
RealmOAuth2ProviderSettings.getCreatedTimestampAttributeName() |
|
freemarker.template.Template |
AgentOAuth2ProviderSettings.getCustomLoginUrlTemplate() |
|
freemarker.template.Template |
OAuth2ProviderSettings.getCustomLoginUrlTemplate() |
Gets the custom login url template which will create the url to redirect resource owners to for authentication.
|
freemarker.template.Template |
RealmOAuth2ProviderSettings.getCustomLoginUrlTemplate() |
|
String |
AgentOAuth2ProviderSettings.getDefaultAcrValues() |
|
String |
OAuth2ProviderSettings.getDefaultAcrValues() |
The default Authentication Context Class Reference (ACR) values to use for authentication if none is specified
in the request.
|
String |
RealmOAuth2ProviderSettings.getDefaultAcrValues() |
|
Set<String> |
AgentOAuth2ProviderSettings.getDefaultScopes() |
|
Set<String> |
OAuth2ProviderSettings.getDefaultScopes() |
Gets the default set of scopes to give a client registering with this provider.
|
Set<String> |
RealmOAuth2ProviderSettings.getDefaultScopes() |
|
int |
AgentOAuth2ProviderSettings.getDeviceCodeLifetime() |
|
int |
OAuth2ProviderSettings.getDeviceCodeLifetime() |
The lifetime of the device code.
|
int |
RealmOAuth2ProviderSettings.getDeviceCodeLifetime() |
|
int |
AgentOAuth2ProviderSettings.getDeviceCodePollInterval() |
|
int |
OAuth2ProviderSettings.getDeviceCodePollInterval() |
The polling interval for devices waiting for tokens when using the device code flow.
|
int |
RealmOAuth2ProviderSettings.getDeviceCodePollInterval() |
|
String |
AgentOAuth2ProviderSettings.getHashSalt() |
|
String |
OAuth2ProviderSettings.getHashSalt() |
Returns the salt to use for hashing sub values upon pairwise requests.
|
String |
RealmOAuth2ProviderSettings.getHashSalt() |
|
protected IntrospectableToken |
OAuth2TokenIntrospectionHandler.getIntrospectableToken(OAuth2Request request,
String tokenType,
String tokenId) |
|
String |
OAuth2Uris.getIssuer() |
Gets the identifier of this issuer.
|
org.forgerock.json.JsonValue |
AgentOAuth2ProviderSettings.getJWKSet() |
|
org.forgerock.json.JsonValue |
OAuth2ProviderSettings.getJWKSet() |
Gets the JWK Set for this OAuth2 Authorization /OpenID Provider.
|
org.forgerock.json.JsonValue |
RealmOAuth2ProviderSettings.getJWKSet() |
|
String |
AgentOAuth2ProviderSettings.getJWKSUri() |
|
String |
OAuth2ProviderSettings.getJWKSUri() |
Gets the JSON Web Key Set URI.
|
String |
OAuth2Uris.getJWKSUri() |
Gets the JSON Web Key Set URI.
|
String |
RealmOAuth2ProviderSettings.getJWKSUri() |
|
String |
AgentOAuth2ProviderSettings.getModifiedTimestampAttributeName() |
|
String |
OAuth2ProviderSettings.getModifiedTimestampAttributeName() |
Gets the modified timestamp attribute name.
|
String |
RealmOAuth2ProviderSettings.getModifiedTimestampAttributeName() |
|
String |
ResourceOwner.getName(OAuth2ProviderSettings settings) |
Gets the name of the user, if possible.
|
long |
AgentOAuth2ProviderSettings.getOpenIdTokenLifetime() |
|
long |
OAuth2ProviderSettings.getOpenIdTokenLifetime() |
Gets the lifetime an OpenID token will have before it expires.
|
long |
RealmOAuth2ProviderSettings.getOpenIdTokenLifetime() |
|
long |
AgentOAuth2ProviderSettings.getRefreshTokenLifetime() |
|
long |
OAuth2ProviderSettings.getRefreshTokenLifetime() |
Gets the lifetime an refresh token will have before it expires.
|
long |
RealmOAuth2ProviderSettings.getRefreshTokenLifetime() |
|
Set<String> |
AgentOAuth2ProviderSettings.getResourceOwnerAuthenticatedAttributes() |
|
Set<String> |
OAuth2ProviderSettings.getResourceOwnerAuthenticatedAttributes() |
Gets the attributes of the resource owner that are used for authenticating resource owners.
|
Set<String> |
RealmOAuth2ProviderSettings.getResourceOwnerAuthenticatedAttributes() |
|
Map<String,String> |
ClientRegistration.getScopeDescriptions(Locale locale) |
Gets the display descriptions for the allowed and default scopes combined, in the specified locale.
|
KeyPair |
AgentOAuth2ProviderSettings.getSigningKeyPair(org.forgerock.json.jose.jws.JwsAlgorithm algorithm) |
|
KeyPair |
OAuth2ProviderSettings.getSigningKeyPair(org.forgerock.json.jose.jws.JwsAlgorithm algorithm) |
Gets the signing key pair of the OAuth2 provider.
|
KeyPair |
RealmOAuth2ProviderSettings.getSigningKeyPair(org.forgerock.json.jose.jws.JwsAlgorithm algorithm) |
|
Set<String> |
AgentOAuth2ProviderSettings.getSupportedClaims() |
|
Set<String> |
OAuth2ProviderSettings.getSupportedClaims() |
Gets the supported claims for this provider.
|
Set<String> |
RealmOAuth2ProviderSettings.getSupportedClaims() |
|
Set<String> |
AgentOAuth2ProviderSettings.getSupportedClaimsWithTranslations() |
|
Set<String> |
OAuth2ProviderSettings.getSupportedClaimsWithTranslations() |
Gets the supported claims for this provider as strings with pipe-separated translations.
|
Set<String> |
RealmOAuth2ProviderSettings.getSupportedClaimsWithTranslations() |
|
Set<String> |
AgentOAuth2ProviderSettings.getSupportedIDTokenEncryptionAlgorithms() |
|
Set<String> |
OAuth2ProviderSettings.getSupportedIDTokenEncryptionAlgorithms() |
Gets the algorithms that the OAuth2 provider supports for encryptin OpenID tokens.
|
Set<String> |
RealmOAuth2ProviderSettings.getSupportedIDTokenEncryptionAlgorithms() |
|
Set<String> |
AgentOAuth2ProviderSettings.getSupportedIDTokenEncryptionMethods() |
|
Set<String> |
OAuth2ProviderSettings.getSupportedIDTokenEncryptionMethods() |
Gets the encryption methods that the OAuth2 provider supports for encryptin OpenID tokens.
|
Set<String> |
RealmOAuth2ProviderSettings.getSupportedIDTokenEncryptionMethods() |
|
Set<String> |
AgentOAuth2ProviderSettings.getSupportedIDTokenSigningAlgorithms() |
|
Set<String> |
OAuth2ProviderSettings.getSupportedIDTokenSigningAlgorithms() |
Gets the algorithms that the OAuth2 provider supports for signing OpenID tokens.
|
Set<String> |
RealmOAuth2ProviderSettings.getSupportedIDTokenSigningAlgorithms() |
|
Set<String> |
AgentOAuth2ProviderSettings.getSupportedScopes() |
|
Set<String> |
OAuth2ProviderSettings.getSupportedScopes() |
Gets the supported scopes for this provider without translations.
|
Set<String> |
RealmOAuth2ProviderSettings.getSupportedScopes() |
|
Set<String> |
AgentOAuth2ProviderSettings.getSupportedScopesWithTranslations() |
|
Set<String> |
OAuth2ProviderSettings.getSupportedScopesWithTranslations() |
Gets the supported scopes for this provider.
|
Set<String> |
RealmOAuth2ProviderSettings.getSupportedScopesWithTranslations() |
|
Set<String> |
AgentOAuth2ProviderSettings.getSupportedSubjectTypes() |
|
Set<String> |
OAuth2ProviderSettings.getSupportedSubjectTypes() |
Gets the subject types supported by the OAuth2 provider.
|
Set<String> |
RealmOAuth2ProviderSettings.getSupportedSubjectTypes() |
|
String |
AgentOAuth2ProviderSettings.getTokenHmacSharedSecret() |
|
String |
OAuth2ProviderSettings.getTokenHmacSharedSecret() |
Gets the Base64 encoded shared secret used to sign stateless access and refresh tokens.
|
String |
RealmOAuth2ProviderSettings.getTokenHmacSharedSecret() |
|
String |
Token.getTokenId() |
Gets the token's identifier.
|
org.forgerock.json.JsonValue |
TokenInfoService.getTokenInfo(OAuth2Request request) |
Returns a Json representation of the token's information that is on the OAuth2 request.
|
String |
AgentOAuth2ProviderSettings.getTokenSigningAlgorithm() |
|
String |
OAuth2ProviderSettings.getTokenSigningAlgorithm() |
Gets the signing algorithm used when issuing stateless access and refresh tokens.
|
String |
RealmOAuth2ProviderSettings.getTokenSigningAlgorithm() |
|
String |
AgentOAuth2ProviderSettings.getUserDisplayNameAttribute() |
|
String |
OAuth2ProviderSettings.getUserDisplayNameAttribute() |
The attribute that can be used to obtain a UI-displayable name for a user's AMIdentity.
|
String |
RealmOAuth2ProviderSettings.getUserDisplayNameAttribute() |
|
UserInfoClaims |
AgentOAuth2ProviderSettings.getUserInfo(ClientRegistration clientRegistration,
AccessToken token,
OAuth2Request request) |
|
UserInfoClaims |
OAuth2ProviderSettings.getUserInfo(ClientRegistration clientRegistration,
AccessToken token,
OAuth2Request request) |
Gets the resource owners information based on an issued access token or request.
|
UserInfoClaims |
RealmOAuth2ProviderSettings.getUserInfo(ClientRegistration clientRegistration,
AccessToken token,
OAuth2Request request) |
|
String |
AgentOAuth2ProviderSettings.getVerificationUrl() |
|
String |
OAuth2ProviderSettings.getVerificationUrl() |
The URL that the user will be instructed to visit to complete their OAuth 2 login and consent when using the
device code flow.
|
String |
RealmOAuth2ProviderSettings.getVerificationUrl() |
|
AccessToken |
AuthorizationCodeGrantTypeHandler.handle(OAuth2Request request,
ClientRegistration clientRegistration,
OAuth2ProviderSettings providerSettings) |
Map.Entry<String,Token> |
AuthorizationCodeResponseTypeHandler.handle(String tokenType,
Set<String> scope,
ResourceOwner resourceOwner,
String clientId,
String redirectUri,
String nonce,
OAuth2Request request,
String codeChallenge,
String codeChallengeMethod) |
Handles the creating of a Token instance and storing the Token in the OAuth2 provider TokenStore. |
AccessToken |
ClientCredentialsGrantTypeHandler.handle(OAuth2Request request,
ClientRegistration clientRegistration,
OAuth2ProviderSettings providerSettings) |
protected AccessToken |
DeviceCodeGrantTypeHandler.handle(OAuth2Request request,
ClientRegistration client,
OAuth2ProviderSettings providerSettings) |
|
AccessToken |
GrantTypeHandler.handle(OAuth2Request request) |
Handles an access token request for a specific OAuth2 grant type.
|
protected abstract AccessToken |
GrantTypeHandler.handle(OAuth2Request request,
ClientRegistration clientRegistration,
OAuth2ProviderSettings providerSettings) |
|
AccessToken |
JwtBearerGrantTypeHandler.handle(OAuth2Request request,
ClientRegistration clientRegistration,
OAuth2ProviderSettings providerSettings) |
|
AccessToken |
PasswordCredentialsGrantTypeHandler.handle(OAuth2Request request,
ClientRegistration clientRegistration,
OAuth2ProviderSettings providerSettings) |
Map.Entry<String,Token> |
ResponseTypeHandler.handle(String tokenType,
Set<String> scope,
ResourceOwner resourceOwner,
String clientId,
String redirectUri,
String nonce,
OAuth2Request request,
String codeChallenge,
String codeChallengeMethod) |
Handles the creating of a Token instance and storing the Token in the OAuth2 provider TokenStore. |
Map.Entry<String,Token> |
TokenResponseTypeHandler.handle(String tokenType,
Set<String> scope,
ResourceOwner resourceOwner,
String clientId,
String redirectUri,
String nonce,
OAuth2Request request,
String codeChallenge,
String codeChallengeMethod) |
Handles the creating of a Token instance and storing the Token in the OAuth2 provider TokenStore. |
org.forgerock.json.JsonValue |
OAuth2TokenIntrospectionHandler.introspect(OAuth2Request request,
String clientId,
String tokenType,
String tokenId) |
|
org.forgerock.json.JsonValue |
TokenIntrospectionHandler.introspect(OAuth2Request request,
String clientId,
String tokenType,
String tokenId) |
Look for a token of a particular type, with a given ID, and return its introspected representation.
|
org.forgerock.json.JsonValue |
TokenIntrospectionService.introspect(OAuth2Request request) |
|
void |
TokenInvalidator.invalidateTokens(OAuth2Request request,
String clientId,
String userName,
String authGrantId) |
Invalidates all tokens associated with same auth grant, client and resource owner.
|
boolean |
AgentOAuth2ProviderSettings.isAlwaysAddClaimsToToken() |
|
boolean |
OAuth2ProviderSettings.isAlwaysAddClaimsToToken() |
Whether to always add claims to id_tokens - non-spec compliant.
|
boolean |
RealmOAuth2ProviderSettings.isAlwaysAddClaimsToToken() |
|
boolean |
AgentOAuth2ProviderSettings.isCodeVerifierRequired() |
|
boolean |
OAuth2ProviderSettings.isCodeVerifierRequired() |
Whether or not to enforce the Code Verifier Parameter.
|
boolean |
RealmOAuth2ProviderSettings.isCodeVerifierRequired() |
|
boolean |
AgentOAuth2ProviderSettings.isIdTokenInfoClientAuthenticationEnabled() |
|
boolean |
OAuth2ProviderSettings.isIdTokenInfoClientAuthenticationEnabled() |
Determines whether idtokeninfo endpoint should require client authentication.
|
boolean |
RealmOAuth2ProviderSettings.isIdTokenInfoClientAuthenticationEnabled() |
|
boolean |
AgentOAuth2ProviderSettings.isOpenDynamicClientRegistrationAllowed() |
|
boolean |
OAuth2ProviderSettings.isOpenDynamicClientRegistrationAllowed() |
Indicates whether clients may register without providing an access token.
|
boolean |
RealmOAuth2ProviderSettings.isOpenDynamicClientRegistrationAllowed() |
|
boolean |
AgentOAuth2ProviderSettings.isOpenIDConnectSSOProviderEnabled() |
|
boolean |
OAuth2ProviderSettings.isOpenIDConnectSSOProviderEnabled() |
Whether OpenID Connect ID Tokens are accepted as SSOTokens in this realm or not.
|
boolean |
RealmOAuth2ProviderSettings.isOpenIDConnectSSOProviderEnabled() |
|
boolean |
AgentOAuth2ProviderSettings.isRegistrationAccessTokenGenerationEnabled() |
|
boolean |
OAuth2ProviderSettings.isRegistrationAccessTokenGenerationEnabled() |
Whether to generate access tokens for clients that register without one.
|
boolean |
RealmOAuth2ProviderSettings.isRegistrationAccessTokenGenerationEnabled() |
|
boolean |
AgentOAuth2ProviderSettings.isStatelessTokensEnabled() |
|
boolean |
OAuth2ProviderSettings.isStatelessTokensEnabled() |
Determines whether access and refresh tokens should be stateless.
|
boolean |
RealmOAuth2ProviderSettings.isStatelessTokensEnabled() |
|
boolean |
AgentOAuth2ProviderSettings.issueRefreshTokens() |
|
boolean |
OAuth2ProviderSettings.issueRefreshTokens() |
Whether the OAuth2 provider should issue refresh tokens when issuing access tokens.
|
boolean |
RealmOAuth2ProviderSettings.issueRefreshTokens() |
|
boolean |
AgentOAuth2ProviderSettings.issueRefreshTokensOnRefreshingToken() |
|
boolean |
OAuth2ProviderSettings.issueRefreshTokensOnRefreshingToken() |
Whether the OAuth2 provider should issue refresh tokens when refreshing access tokens.
|
boolean |
RealmOAuth2ProviderSettings.issueRefreshTokensOnRefreshingToken() |
|
AuthorizationToken |
AuthorizationTokenIssuer.issueTokens(OAuth2Request request,
ClientRegistration clientRegistration,
ResourceOwner resourceOwner,
Set<String> authorizationScope,
OAuth2ProviderSettings providerSettings) |
Issues tokens for the OAuth2 authorize request.
|
boolean |
AgentOAuth2ProviderSettings.isTokenCompressionEnabled() |
|
boolean |
OAuth2ProviderSettings.isTokenCompressionEnabled() |
Determines whether token compression is enabled for stateless access and refresh tokens.
|
boolean |
RealmOAuth2ProviderSettings.isTokenCompressionEnabled() |
|
org.forgerock.json.JsonValue |
TokenStore.queryForToken(String realm,
org.forgerock.util.query.QueryFilter<CoreTokenField> queryFilter) |
Queries the OAuth2 Provider's store for tokens.
|
org.forgerock.json.JsonValue |
TokenStore.read(String tokenId) |
Reads the Token from the OAuth2 Provider's store with the specified identifier.
|
AccessToken |
TokenStore.readAccessToken(OAuth2Request request,
String tokenId) |
Reads an Access Token from the OAuth2 Provider's store with the specified identifier.
|
AuthorizationCode |
TokenStore.readAuthorizationCode(OAuth2Request request,
String code) |
Creates an Authorization Code and stores it in the OAuth2 Provider's store.
|
DeviceCode |
TokenStore.readDeviceCode(String clientId,
String code,
OAuth2Request request) |
Reads a device code token.
|
DeviceCode |
TokenStore.readDeviceCode(String userCode,
OAuth2Request request) |
Reads a device code token.
|
RefreshToken |
TokenStore.readRefreshToken(OAuth2Request request,
String tokenId) |
Reads a Refresh Token from the OAuth2 Provider's store with the specified identifier.
|
AccessToken |
AccessTokenService.refreshToken(OAuth2Request request) |
Handles a request to refresh an already issued access token for a OAuth2 client, validates that the request is
valid and contains the required parameters, checks that the refresh token on the request is valid and has not
expired, or been previously used to refresh an access token.
|
AccessToken |
AccessTokenService.requestAccessToken(OAuth2Request request) |
Handles a request for access token(s) by a OAuth2 client, validates that the request is valid and contains the
required parameters, checks that the authorization code on the request is valid and has not expired, or been
previously used.
|
boolean |
AgentOAuth2ProviderSettings.shouldStoreOpsTokens() |
|
boolean |
OAuth2ProviderSettings.shouldStoreOpsTokens() |
Whether to generate and store an ops token in CTS for this OIDC provider.
|
boolean |
RealmOAuth2ProviderSettings.shouldStoreOpsTokens() |
|
Map<String,Object> |
DeviceCode.toMap() |
|
Map<String,Object> |
Token.toMap() |
Converts the token into a Map of its key data.
|
void |
TokenStore.updateAccessToken(OAuth2Request request,
AccessToken accessToken) |
Updates an Access Token.
|
void |
TokenStore.updateAuthorizationCode(OAuth2Request request,
AuthorizationCode authorizationCode) |
Updates an Authorization Code.
|
void |
TokenStore.updateDeviceCode(DeviceCode code,
OAuth2Request request) |
Updates a device code token.
|
ResourceOwner |
ResourceOwnerSessionValidator.validate(OAuth2Request request) |
Checks if the request contains valid resource owner session.
|
void |
ResponseTypeValidator.validate(ClientRegistration clientRegistration,
Set<String> requestedResponseTypes,
OAuth2ProviderSettings providerSettings,
OAuth2Request request) |
Validates that the requested response types are valid and supported by both the OAuth2 client and provider.
|
Set<String> |
AgentOAuth2ProviderSettings.validateAccessTokenScope(ClientRegistration clientRegistration,
Set<String> scope,
OAuth2Request request) |
|
Set<String> |
OAuth2ProviderSettings.validateAccessTokenScope(ClientRegistration clientRegistration,
Set<String> scope,
OAuth2Request request) |
Provided as an extension point to allow the OAuth2 provider to customise the scope requested when an access token
is requested.
|
Set<String> |
RealmOAuth2ProviderSettings.validateAccessTokenScope(ClientRegistration clientRegistration,
Set<String> scope,
OAuth2Request request) |
|
Set<String> |
ScopeValidator.validateAccessTokenScope(ClientRegistration clientRegistration,
Set<String> scope,
OAuth2Request request) |
Provided as an extension point to allow the OAuth2 provider to customise the scope requested when an access token
is requested.
|
Set<String> |
AgentOAuth2ProviderSettings.validateAuthorizationScope(ClientRegistration clientRegistration,
Set<String> scope,
OAuth2Request request) |
|
Set<String> |
OAuth2ProviderSettings.validateAuthorizationScope(ClientRegistration clientRegistration,
Set<String> scope,
OAuth2Request request) |
Provided as an extension point to allow the OAuth2 provider to customise the scope requested when authorization
is requested.
|
Set<String> |
RealmOAuth2ProviderSettings.validateAuthorizationScope(ClientRegistration clientRegistration,
Set<String> scope,
OAuth2Request request) |
|
Set<String> |
ScopeValidator.validateAuthorizationScope(ClientRegistration clientRegistration,
Set<String> scope,
OAuth2Request request) |
Provided as an extension point to allow the OAuth2 provider to customise the scope requested when authorization
is requested.
|
Set<String> |
AgentOAuth2ProviderSettings.validateRefreshTokenScope(ClientRegistration clientRegistration,
Set<String> requestedScope,
Set<String> tokenScope,
OAuth2Request request) |
|
Set<String> |
OAuth2ProviderSettings.validateRefreshTokenScope(ClientRegistration clientRegistration,
Set<String> requestedScope,
Set<String> tokenScope,
OAuth2Request request) |
Provided as an extension point to allow the OAuth2 provider to customise the scope requested when a refresh token
is requested.
|
Set<String> |
RealmOAuth2ProviderSettings.validateRefreshTokenScope(ClientRegistration clientRegistration,
Set<String> requestedScope,
Set<String> tokenScope,
OAuth2Request request) |
|
Set<String> |
ScopeValidator.validateRefreshTokenScope(ClientRegistration clientRegistration,
Set<String> requestedScope,
Set<String> tokenScope,
OAuth2Request request) |
Provided as an extension point to allow the OAuth2 provider to customise the scope requested when a refresh token
is requested.
|
void |
AuthorizeRequestValidator.validateRequest(OAuth2Request request) |
Validates that the OAuth2 request contains the valid parameters for the OAuth2 authorize endpoint.
|
void |
AuthorizeRequestValidatorImpl.validateRequest(OAuth2Request request) |
Validates that the OAuth2 request contains the valid parameters for the OAuth2 authorize endpoint.
|
void |
DuplicateRequestParameterValidator.validateRequest(OAuth2Request request) |
Validates that the OAuth2 request contains the valid parameters for the OAuth2 authorize endpoint.
|
String |
AgentOAuth2ProviderSettings.validateRequestedClaims(String requestedClaims) |
|
String |
OAuth2ProviderSettings.validateRequestedClaims(String requestedClaims) |
Validates that the requested claims are appropriate to be requested by the given client.
|
String |
RealmOAuth2ProviderSettings.validateRequestedClaims(String requestedClaims) |
|