Interface TokenIntrospectionResponseComposer
- All Superinterfaces:
Lifecycle
- All Known Implementing Classes:
BaseTokenIntrospectionResponseComposer,DefaultTokenIntrospectionResponseComposer
Service Provider Interface (SPI) for composing token introspection (RFC
7662) responses. Implementations must be thread-safe.
The SPI may be used to respond differently to different resource servers making the same request. For instance, an authorisation server may limit which scopes from a given token are returned for each resource server to prevent a resource server from learning more about the larger network than is necessary for its operation.
See OAuth 2.0 Token Introspection (RFC 7662), section 2.2.
-
Method Summary
Modifier and TypeMethodDescriptioncom.nimbusds.oauth2.sdk.TokenIntrospectionSuccessResponsecompose(@Nullable AccessTokenAuthorization tokenAuthz, TokenIntrospectionContext context) Composes a token introspection response.
-
Method Details
-
compose
com.nimbusds.oauth2.sdk.TokenIntrospectionSuccessResponse compose(@Nullable AccessTokenAuthorization tokenAuthz, TokenIntrospectionContext context) Composes a token introspection response.If the access token was found to be invalid or expired the method should simply return
if (tokenAuthz == null) { return new TokenIntrospectionSuccessResponse.Builder(false) .build(); }- Parameters:
tokenAuthz- The access token authorisation,nullif the token was found to be invalid or expired (implies"active":false).context- The token introspection context. Notnull.- Returns:
- The token introspection success response (for
"active":trueas well as"active":falseaccess tokens.
-