001package com.nimbusds.openid.connect.provider.spi.tokens; 002 003 004import com.nimbusds.oauth2.sdk.id.Identifier; 005import com.nimbusds.openid.connect.provider.spi.Lifecycle; 006import net.jcip.annotations.ThreadSafe; 007 008 009/** 010 * Service Provider Interface (SPI) for generating and decoding 011 * identifier-based access tokens. Implementations must be thread-safe. 012 */ 013@ThreadSafe 014public interface IdentifierAccessTokenCodec extends Lifecycle { 015 016 017 /** 018 * Generates a new identifier-based access token. 019 * 020 * @param tokenAuthz The access token authorisation. Not {@code null}. 021 * @param context The token codec context. Not {@code null}. 022 * 023 * @return The identifier-based access token. 024 */ 025 IdentifierAccessToken generate(final AccessTokenAuthorization tokenAuthz, final TokenCodecContext context); 026 027 028 /** 029 * Decodes the specified bearer access token value to extract the token 030 * identifier. 031 * 032 * @param tokenValue The bearer access token value. Not {@code null}. 033 * @param context The token codec context. Not {@code null}. 034 * 035 * @return The access token identifier. 036 * 037 * @throws TokenDecodeException If decoding failed. 038 */ 039 Identifier decode(final String tokenValue, final TokenCodecContext context) 040 throws TokenDecodeException; 041}