@ThreadSafe public interface TokenIntrospectionResponseComposer
The SPI may be used to respond differently to different resource servers making the same request. For instance, an authorisation server may limit which scopes from a given token are returned for each resource server to prevent a resource server from learning more about the larger network than is necessary for its operation.
See OAuth 2.0 Token Introspection (RFC 7662), section 2.2.
Modifier and Type | Method and Description |
---|---|
com.nimbusds.oauth2.sdk.TokenIntrospectionSuccessResponse |
compose(AccessTokenAuthorization tokenAuthz,
TokenIntrospectionContext context)
Composes a token introspection response.
|
com.nimbusds.oauth2.sdk.TokenIntrospectionSuccessResponse compose(AccessTokenAuthorization tokenAuthz, TokenIntrospectionContext context)
If the access token was found to be invalid or expired the method should simply return
if (tokenAuthz == null) { return new TokenIntrospectionSuccessResponse.Builder(false) .build(); }
tokenAuthz
- The access token authorisation, null
if
the token was found to be invalid or expired
(implies "active":false
).context
- The token introspection context. Not null
."active":true
as well as "active":false
access tokens.Copyright © 2021 Connect2id Ltd.. All rights reserved.