Package com.nimbusds.openid.connect.provider.spi.grants

Class TokenExchangeAuthorization

java.lang.Object

com.nimbusds.openid.connect.provider.spi.grants.GrantAuthorization

com.nimbusds.openid.connect.provider.spi.grants.SubjectAuthorization

com.nimbusds.openid.connect.provider.spi.grants.TokenExchangeAuthorization

@Immutable
public class TokenExchangeAuthorization
extends SubjectAuthorization

Authorisation produced by a TokenExchangeGrantHandler.

Supported issued token types:

• Access token (TokenTypeURI.ACCESS_TOKEN)

Constructor Summary

Constructors

Constructor	Description
TokenExchangeAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, com.nimbusds.oauth2.sdk.Scope scope, boolean longLived, AccessTokenSpec accessTokenSpec, RefreshTokenSpec refreshTokenSpec, ClaimsSpec claimsSpec, @Nullable net.minidev.json.JSONObject data)	Creates a new token exchange authorisation specifying the issue of an own (local) access token with an optional refresh token.
TokenExchangeAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, com.nimbusds.oauth2.sdk.Scope scope, boolean longLived, AccessTokenSpec accessTokenSpec, RefreshTokenSpec refreshTokenSpec, IDTokenSpec idTokenSpec, ClaimsSpec claimsSpec, @Nullable net.minidev.json.JSONObject data)	Creates a new token exchange authorisation specifying the issue of an own (local) access token with an optional refresh token and ID token.
TokenExchangeAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, com.nimbusds.oauth2.sdk.Scope scope, AccessTokenSpec accessTokenSpec, ClaimsSpec claimsSpec, @Nullable net.minidev.json.JSONObject data)	Creates a new token exchange authorisation specifying the issue of an own (local) access token.

Method Summary

Modifier and Type	Method	Description
RefreshTokenSpec	getRefreshTokenSpec()	Returns the refresh token specification.
com.nimbusds.oauth2.sdk.token.TokenTypeURI	getTokenType()	Returns the type of the issued token.
boolean	isLongLived()	Returns the authorisation lifetime.
static TokenExchangeAuthorization	parse(String json)	Parses a token exchange authorisation from the specified JSON object string.
static TokenExchangeAuthorization	parse(net.minidev.json.JSONObject jsonObject)	Parses a token exchange authorisation from the specified JSON object.
net.minidev.json.JSONObject	toJSONObject()	Returns a JSON object representation of this authorisation.

Methods inherited from class com.nimbusds.openid.connect.provider.spi.grants.SubjectAuthorization

getACR, getAMRList, getAuthTime, getIDTokenSpec, getSubject

Methods inherited from class com.nimbusds.openid.connect.provider.spi.grants.GrantAuthorization

getAccessTokenSpec, getAudience, getClaimsSpec, getData, getScope

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

TokenExchangeAuthorization

public TokenExchangeAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject,
                                  com.nimbusds.oauth2.sdk.Scope scope,
                                  AccessTokenSpec accessTokenSpec,
                                  ClaimsSpec claimsSpec,
                                  @Nullable net.minidev.json.JSONObject data)

Creates a new token exchange authorisation specifying the issue of an own (local) access token.

Parameters:

subject - The subject (end-user) identifier. Must not be null.

scope - The authorised scope. Must not be null.

accessTokenSpec - The access token specification. Must not be null.

claimsSpec - The OpenID claims specification. Must not be null.

data - Additional data as a JSON object, null if not specified.

TokenExchangeAuthorization

public TokenExchangeAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject,
                                  com.nimbusds.oauth2.sdk.Scope scope,
                                  boolean longLived,
                                  AccessTokenSpec accessTokenSpec,
                                  RefreshTokenSpec refreshTokenSpec,
                                  ClaimsSpec claimsSpec,
                                  @Nullable net.minidev.json.JSONObject data)

Creates a new token exchange authorisation specifying the issue of an own (local) access token with an optional refresh token.

Parameters:

subject - The subject (end-user) identifier. Must not be null.

scope - The authorised scope. Must not be null.

longLived - Controls the authorisation lifetime. true for a long-lived (implies persistence), false for a short-lived (transient).

accessTokenSpec - The access token specification. Must not be null.

refreshTokenSpec - The refresh token specification. Must not be null.

claimsSpec - The OpenID claims specification. Must not be null.

data - Additional data as a JSON object, null if not specified.

TokenExchangeAuthorization

public TokenExchangeAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject,
                                  com.nimbusds.oauth2.sdk.Scope scope,
                                  boolean longLived,
                                  AccessTokenSpec accessTokenSpec,
                                  RefreshTokenSpec refreshTokenSpec,
                                  IDTokenSpec idTokenSpec,
                                  ClaimsSpec claimsSpec,
                                  @Nullable net.minidev.json.JSONObject data)

Creates a new token exchange authorisation specifying the issue of an own (local) access token with an optional refresh token and ID token.

Parameters:

subject - The subject (end-user) identifier. Must not be null.

scope - The authorised scope. Must not be null.

longLived - Controls the authorisation lifetime. true for a long-lived (implies persistence), false for a short-lived (transient).

accessTokenSpec - The access token specification. Must not be null.

refreshTokenSpec - The refresh token specification. Must not be null.

idTokenSpec - The ID token specification. Must not be null.

claimsSpec - The OpenID claims specification. Must not be null.

data - Additional data as a JSON object, null if not specified.

Method Detail

getTokenType

public com.nimbusds.oauth2.sdk.token.TokenTypeURI getTokenType()

Returns the type of the issued token.

Returns:

The type of the issued token.

isLongLived

public boolean isLongLived()

Returns the authorisation lifetime.

Returns:

true for a long-lived authorisation (implies persistence), false for a short-lived (transient).

getRefreshTokenSpec

public RefreshTokenSpec getRefreshTokenSpec()

Returns the refresh token specification.

Returns:

The refresh token specification.

toJSONObject

public net.minidev.json.JSONObject toJSONObject()

Description copied from class: GrantAuthorization

Returns a JSON object representation of this authorisation.

Overrides:

toJSONObject in class SubjectAuthorization

Returns:

The JSON object representation.

parse

public static TokenExchangeAuthorization parse(net.minidev.json.JSONObject jsonObject)
                                        throws com.nimbusds.oauth2.sdk.ParseException

Parses a token exchange authorisation from the specified JSON object.

Parameters:

jsonObject - The JSON object to parse. Must not be null.

Returns:

The token exchange authorisation.

Throws:

com.nimbusds.oauth2.sdk.ParseException - If parsing failed.

parse

public static TokenExchangeAuthorization parse(String json)
                                        throws com.nimbusds.oauth2.sdk.ParseException

Parses a token exchange authorisation from the specified JSON object string.

Parameters:

json - The JSON object string to parse. Must not be null.

Returns:

The token exchange authorisation.

Throws:

com.nimbusds.oauth2.sdk.ParseException - If parsing failed.