Package org.forgerock.openidconnect

Class OpenIDTokenIssuer

java.lang.Object

org.forgerock.openidconnect.OpenIDTokenIssuer

public class OpenIDTokenIssuer
extends Object

Issues OpenId Connect tokens and stores them in the OpenID Connect Token Store, when an access token is required and the OAuth2 request scope contains 'openid'.

Since:

12.0.0

Constructor Summary

Constructors

Constructor	Description
OpenIDTokenIssuer(OpenIdConnectTokenStore tokenStore, ResourceOwnerSessionValidator resourceOwnerSessionValidator)	Constructs a new OpenIDTokenIssuer.

Method Summary

Modifier and Type	Method	Description
protected String	getOps(AccessToken accessToken, OAuth2Request request)	Gets the ops value for the OpenId Token.
Map.Entry<String,String>	issueToken(AccessToken accessToken, OAuth2Request request)	Issues an OpenId Connect token, using the details of the access token.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OpenIDTokenIssuer

@Inject
public OpenIDTokenIssuer(OpenIdConnectTokenStore tokenStore,
                         ResourceOwnerSessionValidator resourceOwnerSessionValidator)

Constructs a new OpenIDTokenIssuer.

Parameters:

tokenStore - An instance of the OpenIdConnectTokenStore.

Method Detail

issueToken

public Map.Entry<String,String> issueToken(AccessToken accessToken,
                                                 OAuth2Request request)
                                          throws ServerException,
                                                 InvalidClientException,
                                                 NotFoundException

Issues an OpenId Connect token, using the details of the access token.

Parameters:

accessToken - The access token requested by the OAuth2 request.

request - The OAuth2 request.

Returns:

A Map.Entry of the token name with the Token instance.

Throws:

ServerException - If any internal server error occurs.

InvalidClientException - If either the request does not contain the client's id or the client fails to be authenticated.

NotFoundException - If the realm does not have an OAuth 2.0 provider service.

getOps

protected String getOps(AccessToken accessToken,
                        OAuth2Request request)

Gets the ops value for the OpenId Token.

Parameters:

accessToken - The access token requested by the OAuth2 request.

request - The OAuth2 request.

Returns:

The ops value.