001package com.nimbusds.openid.connect.provider.spi.grants; 002 003 004import com.nimbusds.oauth2.sdk.GeneralException; 005import com.nimbusds.oauth2.sdk.ResourceOwnerPasswordCredentialsGrant; 006import com.nimbusds.oauth2.sdk.Scope; 007import com.nimbusds.oauth2.sdk.id.ClientID; 008 009import com.nimbusds.openid.connect.sdk.rp.OIDCClientMetadata; 010 011 012/** 013 * Service Provider Interface (SPI) for handling token requests with an OAuth 014 * 2.0 Resource Owner Password Credentials grant. 015 * 016 * <p>Related specifications: 017 * 018 * <ul> 019 * <li>OAuth 2.0 (RFC 6749), sections 1.3.3 and 4.3. 020 * </ul> 021 */ 022public interface PasswordGrantHandler extends GrantHandler { 023 024 025 /** 026 * Handles a Resource Owner Password Credentials grant request. 027 * 028 * @param grant The Resource Owner Password Credentials 029 * grant. Not {@code null}. 030 * @param scope The requested scope, {@code null} if not 031 * specified. 032 * @param clientID The client identifier. Not {@code null}. 033 * @param confidentialClient {@code true} if the client is confidential 034 * and has been authenticated, else 035 * {@code false}. 036 * @param clientMetadata The OpenID Connect client metadata. Not 037 * {@code null}. 038 * 039 * @return The password grant authorisation response. 040 * 041 * @throws GeneralException If the grant is denied, or another 042 * exception was encountered. 043 */ 044 public PasswordGrantAuthorization processGrant(final ResourceOwnerPasswordCredentialsGrant grant, 045 final Scope scope, 046 final ClientID clientID, 047 final boolean confidentialClient, 048 final OIDCClientMetadata clientMetadata) 049 throws GeneralException; 050} 051