Class DefaultTokenIntrospectionResponseComposer
java.lang.Object
com.nimbusds.openid.connect.provider.spi.tokens.introspection.BaseTokenIntrospectionResponseComposer
com.nimbusds.openid.connect.provider.spi.tokens.introspection.DefaultTokenIntrospectionResponseComposer
- All Implemented Interfaces:
Lifecycle
,TokenIntrospectionResponseComposer
@ThreadSafe
public class DefaultTokenIntrospectionResponseComposer
extends BaseTokenIntrospectionResponseComposer
The default Connect2id server implementation of the SPI for composing token
introspection (RFC 7662) responses.
Outputs the following parameters, in addition to those output by the
parent BaseTokenIntrospectionResponseComposer
:
- "act" actor, in impersonation and delegation scenarios
- "dat" additional data
- custom top-level parameters
The following OpenID claims related access token parameters are not output as they are intended for the internal use, such as at the UserInfo endpoint, and therefore should not be exposed to external resources.
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptioncom.nimbusds.oauth2.sdk.TokenIntrospectionSuccessResponse
compose
(AccessTokenAuthorization tokenAuthz, TokenIntrospectionContext context) Composes a token introspection response.
-
Constructor Details
-
DefaultTokenIntrospectionResponseComposer
-
-
Method Details
-
compose
public com.nimbusds.oauth2.sdk.TokenIntrospectionSuccessResponse compose(AccessTokenAuthorization tokenAuthz, TokenIntrospectionContext context) Description copied from interface:TokenIntrospectionResponseComposer
Composes a token introspection response.If the access token was found to be invalid or expired the method should simply return
if (tokenAuthz == null) { return new TokenIntrospectionSuccessResponse.Builder(false) .build(); }
- Specified by:
compose
in interfaceTokenIntrospectionResponseComposer
- Overrides:
compose
in classBaseTokenIntrospectionResponseComposer
- Parameters:
tokenAuthz
- The access token authorisation,null
if the token was found to be invalid or expired (implies"active":false
).context
- The token introspection context. Notnull
.- Returns:
- The token introspection success response (for
"active":true
as well as"active":false
access tokens.
-