org.forgerock.openam.oauth2.rest

Class OAuth2UserApplications

java.lang.Object

org.forgerock.openam.oauth2.rest.OAuth2UserApplications

public class OAuth2UserApplications
extends Object

A request handler for inspecting and revoking OAuth2 applications. It requires a user and a realm to be available in the request context.

Since:

13.0.0

Constructor Summary

Constructors

Constructor and Description
OAuth2UserApplications(TokenStore tokenStore, OAuth2ProviderSettingsFactory oAuth2ProviderSettingsFactory, ClientRegistrationStore clientRegistrationStore, ContextHelper contextHelper, Debug debug)

Method Summary

Modifier and Type	Method and Description
org.forgerock.util.promise.Promise<org.forgerock.json.resource.ResourceResponse,org.forgerock.json.resource.ResourceException>	deleteInstance(org.forgerock.services.context.Context context, String resourceId) Allows users to revoke an OAuth2 application.
org.forgerock.util.promise.Promise<org.forgerock.json.resource.QueryResponse,org.forgerock.json.resource.ResourceException>	query(org.forgerock.services.context.Context context, org.forgerock.json.resource.QueryResourceHandler queryHandler, org.forgerock.json.resource.QueryRequest request) Allows users to query OAuth2 applications that they have given their consent access to and that have active access and/or refresh tokens.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OAuth2UserApplications

@Inject
public OAuth2UserApplications(TokenStore tokenStore,
                                      OAuth2ProviderSettingsFactory oAuth2ProviderSettingsFactory,
                                      ClientRegistrationStore clientRegistrationStore,
                                      ContextHelper contextHelper,
                                      @Named(value="frRest")
                                      Debug debug)

Method Detail

query

public org.forgerock.util.promise.Promise<org.forgerock.json.resource.QueryResponse,org.forgerock.json.resource.ResourceException> query(org.forgerock.services.context.Context context,
                                                                                                                                         org.forgerock.json.resource.QueryResourceHandler queryHandler,
                                                                                                                                         org.forgerock.json.resource.QueryRequest request)

Allows users to query OAuth2 applications that they have given their consent access to and that have active access and/or refresh tokens.

Applications consist of an id, a name (the client id), a set of scopes and an expiry time. The scopes field is the union of the scopes of the individual access/refresh tokens. The expiry time is the time when the last access/refresh token will expire, or null if the server is configured to allow tokens to be refreshed indefinitely.

Parameters:

context - The request context.

queryHandler - The query handler.

request - Unused but necessary for used of the @Query annotation.

Returns:

A promise of a query response.

deleteInstance

public org.forgerock.util.promise.Promise<org.forgerock.json.resource.ResourceResponse,org.forgerock.json.resource.ResourceException> deleteInstance(org.forgerock.services.context.Context context,
                                                                                                                                                     String resourceId)

Allows users to revoke an OAuth2 application. This will remove their consent and revoke any access and refresh tokens with a matching client id.

Parameters:

context - The request context.

resourceId - The id of the OAuth2 client.

Returns:

A promise of the removed application.