TokenServiceConsumerImpl (OpenAM Project 15.1.7-SNAPSHOT API)

java.lang.Object
- org.forgerock.openam.sts.token.provider.TokenServiceConsumerImpl

All Implemented Interfaces:: TokenServiceConsumer

public class TokenServiceConsumerImpl
extends Object
implements TokenServiceConsumer

See Also:: TokenServiceConsumer

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`cancelToken(String tokenId, String callerSSOTokenString)` Invoke the TokenService to cancel a token.
`String`	`getOpenIdConnectToken(String ssoTokenString, String stsInstanceId, String realm, String authnContextClassRef, Set<String> authnMethodReferences, long authnTimeInSeconds, String nonce, String callerSSOTokenString)` Invoke the TokenService to produce a OpenId Connect Token
`String`	`getSAML2BearerAssertion(String ssoTokenString, String stsInstanceId, String realm, String authnContextClassRef, String callerSSOTokenString)` Invoke the TokenService to produce a SAML2 Bearer assertion
`String`	`getSAML2HolderOfKeyAssertion(String ssoTokenString, String stsInstanceId, String realm, String authnContextClassRef, ProofTokenState proofTokenState, String callerSSOTokenString)` Invoke the TokenService to produce a SAML2 Bearer assertion
`String`	`getSAML2SenderVouchesAssertion(String ssoTokenString, String stsInstanceId, String realm, String authnContextClassRef, String callerSSOTokenString)` Invoke the TokenService to produce a SAML2 Bearer assertion
`boolean`	`validateToken(String tokenId, String callerSSOTokenString)` Invoke the TokenService to validate a token.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Method Detail
  - getSAML2BearerAssertion
```
public String getSAML2BearerAssertion(String ssoTokenString,
                                      String stsInstanceId,
                                      String realm,
                                      String authnContextClassRef,
                                      String callerSSOTokenString)
                               throws TokenCreationException
```
    Description copied from interface: TokenServiceConsumer
    
    Invoke the TokenService to produce a SAML2 Bearer assertion
    
    Specified by:
    
    getSAML2BearerAssertion in interface TokenServiceConsumer
    
    Parameters:
    
    ssoTokenString - The session id corresponding to the to-be-asserted subject
    
    stsInstanceId - The instance id of the STS making the invocation
    
    realm - The realm of the STS making the invocation
    
    authnContextClassRef - The SAML2 AuthnContext class ref to be included in the SAML2 assertion
    
    callerSSOTokenString - The session id corresponding to the caller. The TokenService will be protected by an authz module.
    
    Returns:
    
    The string representation of the issued token.
    
    Throws:
    
    TokenCreationException - if the token could not be created.
  - getSAML2SenderVouchesAssertion
```
public String getSAML2SenderVouchesAssertion(String ssoTokenString,
                                             String stsInstanceId,
                                             String realm,
                                             String authnContextClassRef,
                                             String callerSSOTokenString)
                                      throws TokenCreationException
```
    Description copied from interface: TokenServiceConsumer
    
    Invoke the TokenService to produce a SAML2 Bearer assertion
    
    Specified by:
    
    getSAML2SenderVouchesAssertion in interface TokenServiceConsumer
    
    Parameters:
    
    ssoTokenString - The session id corresponding to the to-be-asserted subject
    
    stsInstanceId - The instance id of the STS making the invocation
    
    realm - The realm of the STS making the invocation
    
    authnContextClassRef - The SAML2 AuthnContext class ref to be included in the SAML2 assertion
    
    callerSSOTokenString - The session id corresponding to the caller. The TokenService will be protected by an authz module.
    
    Returns:
    
    The string representation of the issued token.
    
    Throws:
    
    TokenCreationException - if the token could not be created.
  - getSAML2HolderOfKeyAssertion
```
public String getSAML2HolderOfKeyAssertion(String ssoTokenString,
                                           String stsInstanceId,
                                           String realm,
                                           String authnContextClassRef,
                                           ProofTokenState proofTokenState,
                                           String callerSSOTokenString)
                                    throws TokenCreationException
```
    Description copied from interface: TokenServiceConsumer
    
    Invoke the TokenService to produce a SAML2 Bearer assertion
    
    Specified by:
    
    getSAML2HolderOfKeyAssertion in interface TokenServiceConsumer
    
    Parameters:
    
    ssoTokenString - The session id corresponding to the to-be-asserted subject
    
    stsInstanceId - The instance id of the STS making the invocation
    
    realm - The realm of the STS making the invocation
    
    authnContextClassRef - The SAML2 AuthnContext class ref to be included in the SAML2 assertion
    
    proofTokenState - The ProofTokenState used as the proof token in the HoK assertion.
    
    callerSSOTokenString - The session id corresponding to the caller. The TokenService will be protected by an authz module.
    
    Returns:
    
    The string representation of the issued token.
    
    Throws:
    
    TokenCreationException - if the token could not be created.
  - getOpenIdConnectToken
```
public String getOpenIdConnectToken(String ssoTokenString,
                                    String stsInstanceId,
                                    String realm,
                                    String authnContextClassRef,
                                    Set<String> authnMethodReferences,
                                    long authnTimeInSeconds,
                                    String nonce,
                                    String callerSSOTokenString)
                             throws TokenCreationException
```
    Description copied from interface: TokenServiceConsumer
    
    Invoke the TokenService to produce a OpenId Connect Token
    
    Specified by:
    
    getOpenIdConnectToken in interface TokenServiceConsumer
    
    Parameters:
    
    ssoTokenString - The session id corresponding to the to-be-asserted subject
    
    stsInstanceId - The instance id of the STS making the invocation
    
    realm - The realm of the STS making the invocation
    
    authnContextClassRef - The OpenIdConnect AuthnContext class ref to be included in the OIDC token. Corresponds to the acr claim specified here http://openid.net/specs/openid-connect-core-1_0.html#IDToken Can be null.
    
    authnMethodReferences - State corresponding to the amr claim included in the OIDC token as defined here: http://openid.net/specs/openid-connect-core-1_0.html#IDToken. Can be null
    
    authnTimeInSeconds - used to set the auth_time claim as specified here: http://openid.net/specs/openid-connect-core-1_0.html#IDToken.
    
    nonce - Used to set the nonce claim as specified here: http://openid.net/specs/openid-connect-core-1_0.html#IDToken. This value will be taken from the original sts invocation.
    
    callerSSOTokenString - The session id corresponding to the caller. The TokenService will be protected by an authz module.
    
    Returns:
    
    The string representation of the issued token.
    
    Throws:
    
    TokenCreationException - if the token could not be created.
  - validateToken
```
public boolean validateToken(String tokenId,
                             String callerSSOTokenString)
                      throws TokenValidationException
```
    Description copied from interface: TokenServiceConsumer
    
    Invoke the TokenService to validate a token. In the 13 release, as no SAML2 authN module is present, this method will only check the CTS to determine if the token has been persisted.
    
    Specified by:
    
    validateToken in interface TokenServiceConsumer
    
    Parameters:
    
    tokenId - The id of the to-be-canceled token.
    
    callerSSOTokenString - The session id corresponding to the caller. The TokenService will be protected by an authz module.
    
    Returns:
    
    true if the token is valid.
    
    Throws:
    
    TokenValidationException
  - cancelToken
```
public void cancelToken(String tokenId,
                        String callerSSOTokenString)
                 throws TokenCancellationException
```
    Description copied from interface: TokenServiceConsumer
    
    Invoke the TokenService to cancel a token. In the 13 release, this will only remove the token with the specified id from the CTS.
    
    Specified by:
    
    cancelToken in interface TokenServiceConsumer
    
    Parameters:
    
    tokenId - The id of the to-be-canceled token.
    
    callerSSOTokenString - The session id corresponding to the caller. The TokenService will be protected by an authz module.
    
    Throws:
    
    TokenCancellationException - in case the token could not be canceled.

Class TokenServiceConsumerImpl

Method Summary

Methods inherited from class java.lang.Object

Method Detail

getSAML2BearerAssertion

getSAML2SenderVouchesAssertion

getSAML2HolderOfKeyAssertion

getOpenIdConnectToken

validateToken

cancelToken