Interface ClientCredentialsGrantHandler
-
- All Superinterfaces:
GrantHandler
,Lifecycle
@ThreadSafe public interface ClientCredentialsGrantHandler extends GrantHandler
Service Provider Interface (SPI) for handling OAuth 2.0 client credentials grants. Returns the matchingauthorisation
on success.Implementations must be thread-safe.
Related specifications:
- OAuth 2.0 (RFC 6749), sections 1.3.4 and 4.4.
-
-
Field Summary
Fields Modifier and Type Field Description static com.nimbusds.oauth2.sdk.GrantType
GRANT_TYPE
The handled grant type.
-
Method Summary
All Methods Instance Methods Default Methods Deprecated Methods Modifier and Type Method Description default com.nimbusds.oauth2.sdk.GrantType
getGrantType()
Returns the handled grant type.default GrantAuthorization
processGrant(@Nullable com.nimbusds.oauth2.sdk.Scope scope, com.nimbusds.oauth2.sdk.id.ClientID clientID, com.nimbusds.oauth2.sdk.client.ClientMetadata clientMetadata)
Deprecated.default GrantAuthorization
processGrant(TokenRequestParameters tokenRequestParams, com.nimbusds.oauth2.sdk.id.ClientID clientID, com.nimbusds.oauth2.sdk.client.ClientMetadata clientMetadata, InvocationContext invocationCtx)
Handles a client credentials grant.
-
-
-
Field Detail
-
GRANT_TYPE
static final com.nimbusds.oauth2.sdk.GrantType GRANT_TYPE
The handled grant type.
-
-
Method Detail
-
getGrantType
default com.nimbusds.oauth2.sdk.GrantType getGrantType()
Description copied from interface:GrantHandler
Returns the handled grant type.- Specified by:
getGrantType
in interfaceGrantHandler
- Returns:
- The grant type;
-
processGrant
@Deprecated default GrantAuthorization processGrant(@Nullable com.nimbusds.oauth2.sdk.Scope scope, com.nimbusds.oauth2.sdk.id.ClientID clientID, com.nimbusds.oauth2.sdk.client.ClientMetadata clientMetadata) throws com.nimbusds.oauth2.sdk.GeneralException
Deprecated.Handles a client credentials grant. The client is confidential and always authenticated.- Parameters:
scope
- The requested scope,null
if not specified.clientID
- The client identifier. Notnull
.clientMetadata
- The OAuth 2.0 client metadata. Notnull
.If the requested scope is invalid, unknown, malformed, or exceeds the scope granted by the resource owner the handler must throw a
GeneralException
with aninvalid_scope
error code.- Returns:
- The authorisation.
- Throws:
com.nimbusds.oauth2.sdk.GeneralException
- If the grant is invalid, or another exception was encountered.
-
processGrant
default GrantAuthorization processGrant(TokenRequestParameters tokenRequestParams, com.nimbusds.oauth2.sdk.id.ClientID clientID, com.nimbusds.oauth2.sdk.client.ClientMetadata clientMetadata, InvocationContext invocationCtx) throws com.nimbusds.oauth2.sdk.GeneralException
Handles a client credentials grant. The client is confidential and always authenticated.- Parameters:
tokenRequestParams
- The token request parameters, such as the requested scope. Notnull
.clientID
- The client identifier. Notnull
.clientMetadata
- The OAuth 2.0 client metadata. Notnull
.invocationCtx
- The invocation context. Notnull
.If the requested scope is invalid, unknown, malformed, or exceeds the scope granted by the resource owner the handler must throw a
GeneralException
with aninvalid_scope
error code.- Returns:
- The authorisation.
- Throws:
com.nimbusds.oauth2.sdk.GeneralException
- If the grant is invalid, or another exception was encountered.
-
-