See: Description
| Interface | Description |
|---|---|
| AccessToken |
Models an OAuth2 access token.
|
| AuthenticationMethod |
Abstract interface for indicating that some authentication method should be used to perform authentication.
|
| AuthorizationCodeRequestValidator |
Request validator for the OAuth2 authorization code grant.
|
| AuthorizeRequestValidator |
Request validator for the OAuth2 authorize endpoint.
|
| ClientCredentialsRequestValidator |
Request validator for the OAuth2 client credentials grant.
|
| ClientRegistration |
Models a client registration in the OAuth2 provider.
|
| ClientRegistrationStore |
The OAuth2 providers store for all client registrations.
|
| IntrospectableToken |
An OAuth 2.0 token abstraction for introspection.
|
| OAuth2ProviderSettings |
Interface for defining all settings an OAuth2 provider can have and that can be configured.
|
| OAuth2Uris |
Models all of the possible settings the OAuth2 provider can have and that can be configured.
|
| PasswordCredentialsRequestValidator |
Request validator for the OAuth2 password credentials grant.
|
| RefreshToken |
Base type for StatefulRefreshToken and StatelessRefreshToken.
|
| ResourceOwnerConsentVerifier |
Verifier for determining whether a resource owner has saved its consent for the authorization grant, taking into
account and OpenID Connect prompt parameter.
|
| ResourceSetFilter |
A filter that can be applied to ResourceSets.
|
| ResponseTypeHandler |
Handles the issuing of Tokens for a response type, i.e. code, token, id_token.
|
| ScopeValidator |
Provided as extension points to allow the OAuth2 provider to customise the requested scope of authorize,
access token and refresh token requests and to allow the OAuth2 provider to return additional data from these
endpoints as well.
|
| Token |
Models a OAuth2 token.
|
| TokenIntrospectionHandler |
Handles token introspection for given types of tokens.
|
| TokenStore |
Interface for a Token Store which the OAuth2 Provider will implement.
|
| Class | Description |
|---|---|
| AccessTokenService |
Handles access token requests from OAuth2 clients to the OAuth2 provider to grant access tokens for the requested
grant types.
|
| AccessTokenVerifier |
Verifies that a OAuth2 request that is made to one of the protected endpoints on the OAuth2 provider,
(i.e. tokeninfo, userinfo) contains a valid access token.
|
| AccessTokenVerifier.TokenState |
Represents the state of the token on the request.
|
| AgentOAuth2ProviderSettings |
Models all of the OAuth2 provider settings specific to agents.
|
| AuthorizationCode |
Models a OAuth2 Authorization Code.
|
| AuthorizationCodeGrantTypeHandler |
Implementation of the GrantTypeHandler for the OAuth2 Authorization Code grant.
|
| AuthorizationCodeRequestValidatorImpl |
Implementation of the AuthorizationCodeRequestValidator for OAuth2 request validation.
|
| AuthorizationCodeResponseTypeHandler |
Implementation of the ResponseTypeHandler for handling authorization code response types.
|
| AuthorizationService |
Handles authorization requests from OAuth2 clients to the OAuth2 provider to grant authorization for a specific
client by a specific resource owner.
|
| AuthorizationToken |
Models an authorization token that is returned from the OAuth2 authorize request.
|
| AuthorizationTokenIssuer |
Issues Authorization Tokens requested by OAuth2 authorize requests.
|
| AuthorizeRequestValidatorImpl |
Implementation of the request validator for the OAuth2 authorize endpoint.
|
| ClientAuthenticator |
Authenticates OAuth2 clients by extracting the client's identifier and secret from the request.
|
| ClientCredentialsGrantTypeHandler |
Implementation of the GrantTypeHandler for the OAuth2 Client Credentials grant.
|
| ClientCredentialsRequestValidatorImpl |
Implementation of the request validator for the OAuth2 client credentials grant.
|
| CsrfProtection |
This class provides methods for checking if a request is a part of a cross-site request forgery attack (CSRF).
|
| DeviceCode |
Models a OpenAm OAuth2 Authorization Code.
|
| DeviceCodeGrantTypeHandler |
Implementation of the GrantTypeHandler for the OAuth2 Device Code grant.
|
| DuplicateRequestParameterValidator |
Implementation of the AuthorizeRequestValidator for duplicate request parameter validation.
|
| GrantTypeAccessTokenGenerator | |
| GrantTypeHandler |
Handler for a specific OAuth2 grant type, i.e.
|
| JwtBearerGrantTypeHandler |
Implementation of the JwtBearerGrantTypeHandler for the JWT Bearer grant.
|
| NoneResponseTypeHandler |
Implementation of the ResponseTypeHandler for handling response types which do not issue any tokens.
|
| OAuth2Jwt |
Parses a JWT string and offers methods to validate the JWT is valid for the use as an OAuth2 authorization grant or
for OAuth2 client authentication.
|
| OAuth2ProviderSettingsFactory |
A factory for creating/retrieving OAuth2ProviderSettings instances.
|
| OAuth2Request |
An abstraction of the actual request so as to allow the core of the OAuth2 provider to be agnostic of the library
used to translate the HTTP request.
|
| OAuth2RequestFactory |
A factory for creating OAuth2Request instances.
|
| OAuth2TokenIntrospectionHandler | |
| PasswordCredentialsGrantTypeHandler |
Implementation of the GrantTypeHandler for the OAuth2 Password Credentials grant.
|
| PasswordCredentialsRequestValidatorImpl |
Implementation of the request validator for the OAuth2 password credentials grant.
|
| PEMDecoder |
Utility for decoding PEM formatted keys and certificates.
|
| RealmOAuth2ProviderSettings |
Models all of the possible settings the OAuth2 provider can have and that can be configured.
|
| RedirectUriResolver |
Resolves the URI to be redirected to after the authorization
|
| RedirectUriValidator |
Validates that the redirect uri on the request matches against the client's registered redirect uris.
|
| ResourceOwner |
Models a OAuth2 resource owner.
|
| ResourceOwnerAuthenticator |
Authenticates a resource owner from the credentials provided on the request.
|
| ResourceOwnerSessionValidator |
Validates whether a resource owner has a current authenticated session.
|
| ResponseTypeValidator |
Validates that the requested response types are valid and are allowed by the OAuth2 Provider and client registration.
|
| StatefulAccessToken |
Models a OAuth2 access token.
|
| StatefulRefreshToken |
Models a OAuth2 Refresh Token.
|
| StatefulToken | |
| TokenInfoService |
Service to return the full information of a OAuth2 token.
|
| TokenIntrospectionService |
A service for introspecting tokens.
|
| TokenInvalidator |
Invalidates tokens and all their associated tokens. i.e. an Access Token and the Refresh Tokens and Authorization
code used to issue or refresh it.
|
| TokenResponseTypeHandler |
Implementation of the ResponseTypeHandler for handling token response type.
|
| UserInfoClaims |
Simple bean that contains the values of claims, and the scopes that
provisioned them (if any).
|
| Utils |
Utility class containing common utility functions.
|
| Enum | Description |
|---|---|
| ClientType |
Models the possible types of OAuth2 clients.
|
Copyright © 2010–2025 Open Identity Platform Community. All rights reserved.