Interface UserManagerOAuthService
- All Known Implementing Classes:
UserManagerOAuthServiceImpl
@Path("/oauth2")
public interface UserManagerOAuthService
-
Field Summary
Fields -
Method Summary
Modifier and TypeMethodDescriptioncreateDelegatedAccessToken(String clientId, String secret, long validityPeriod, String refreshToken, String basicAuthHeader) User Manager extension: given user info, return user recordjavax.ws.rs.core.Responsejavax.ws.rs.core.ResponsegetOIDCUserInfo(String bearerTokenHeader) javax.ws.rs.core.ResponsegetOIDCUserInfoPost(String bearerTokenHeader) getToken(String grantType, String code, String redirectUri, String clientId, String secret, String refreshToken, String username, String password, String subjectToken, String basicAuthHeader) Exchange an access code, a refresh token or a username/password for a Token to be POSTed back
N.B.javax.ws.rs.core.ResponseuserMadeAuthDecision(String responseType, String clientId, String redirectUri, String state, String scope, String token, String decision)
-
Field Details
-
GRANT_TYPE_AUTHORIZATION_CODE
- See Also:
-
GRANT_TYPE_REFRESH_TOKEN
- See Also:
-
GRANT_TYPE_TOKEN_EXCHANGE
- See Also:
-
GRANT_TYPE_PASSWORD
- See Also:
-
GRANT_TYPE_CLIENT_CREDENTIALS
- See Also:
-
-
Method Details
-
getAuth
-
userMadeAuthDecision
@POST @Path("/authorize") javax.ws.rs.core.Response userMadeAuthDecision(@FormParam("response_type") String responseType, @FormParam("client_id") String clientId, @FormParam("redirect_uri") String redirectUri, @FormParam("state") String state, @FormParam("scope") String scope, @FormParam("token") String token, @FormParam("decision") String decision) -
getToken
@POST @Path("/token") @Consumes("application/x-www-form-urlencoded") @Produces("application/json") String getToken(@FormParam("grant_type") String grantType, @FormParam("code") String code, @FormParam("redirect_uri") String redirectUri, @FormParam("client_id") String clientId, @FormParam("client_secret") String secret, @FormParam("refresh_token") String refreshToken, @FormParam("username") String username, @FormParam("password") String password, @FormParam("subject_token") String subjectToken, @HeaderParam("Authorization") String basicAuthHeader) Exchange an access code, a refresh token or a username/password for a Token to be POSTed back
N.B. currently this impl is not fully compliant with RFC6749 because it cannot acceptclientIdandsecretusing BASIC Auth.
One approach here might be to add logic into the BASIC auth processor to treat as anonymous any BASIC auth request whose username is in the client ID format- Parameters:
grantType-code-redirectUri-clientId-secret-refreshToken-username-password-- Returns:
-
get
@POST @Path("/token-to-user-info") @Produces("application/xml") UserManagerUser get(@FormParam("token") String token, @FormParam("client_id") String clientId) User Manager extension: given user info, return user record- Parameters:
token-clientId- if specified, checks that the token is associated with this client (may be required in the future)- Returns:
-
getOIDCUserInfo
@GET @Path("/userinfo") @Produces("application/json") javax.ws.rs.core.Response getOIDCUserInfo(@HeaderParam("Authorization") String bearerTokenHeader) -
getOIDCUserInfoPost
@POST @Path("/userinfo") @Produces("application/json") javax.ws.rs.core.Response getOIDCUserInfoPost(@HeaderParam("Authorization") String bearerTokenHeader) -
createDelegatedAccessToken
@POST @Path("/token-to-delegated-token") @Consumes("application/x-www-form-urlencoded") @Produces("text/plain") String createDelegatedAccessToken(@FormParam("client_id") String clientId, @FormParam("client_secret") String secret, @FormParam("validity_period") long validityPeriod, @FormParam("refresh_token") String refreshToken, @HeaderParam("Authorization") String basicAuthHeader)
-