Package com.nimbusds.openid.connect.provider.spi.tokens.introspection

Interface TokenIntrospectionResponseComposer

All Superinterfaces:

Lifecycle

All Known Implementing Classes:

BaseTokenIntrospectionResponseComposer, DefaultTokenIntrospectionResponseComposer

@ThreadSafe
public interface TokenIntrospectionResponseComposer
extends Lifecycle

Service Provider Interface (SPI) for composing token introspection (RFC 7662) responses. Implementations must be thread-safe.

The SPI may be used to respond differently to different resource servers making the same request. For instance, an authorisation server may limit which scopes from a given token are returned for each resource server to prevent a resource server from learning more about the larger network than is necessary for its operation.

See OAuth 2.0 Token Introspection (RFC 7662), section 2.2.

Method Summary

Modifier and Type	Method	Description
com.nimbusds.oauth2.sdk.TokenIntrospectionSuccessResponse	compose(@Nullable AccessTokenAuthorization tokenAuthz, TokenIntrospectionContext context)	Composes a token introspection response.

Methods inherited from interface com.nimbusds.openid.connect.provider.spi.Lifecycle

init, isEnabled, shutdown

Method Details

compose

com.nimbusds.oauth2.sdk.TokenIntrospectionSuccessResponse compose(@Nullable AccessTokenAuthorization tokenAuthz,
 TokenIntrospectionContext context)

Composes a token introspection response.

If the access token was found to be invalid or expired the method should simply return

 if (tokenAuthz == null) {
        return new TokenIntrospectionSuccessResponse.Builder(false)
            .build();
 }
 

Parameters:

tokenAuthz - The access token authorisation, null if the token was found to be invalid or expired (implies "active":false).

context - The token introspection context. Not null.

Returns:

The token introspection success response (for "active":true as well as "active":false access tokens.