Package com.nimbusds.oauth2.sdk.tokenexchange

Class TokenExchangeGrant

java.lang.Object
com.nimbusds.oauth2.sdk.AuthorizationGrant
com.nimbusds.oauth2.sdk.tokenexchange.TokenExchangeGrant
@Immutable public class TokenExchangeGrant extends AuthorizationGrant
OAuth 2.0 token exchange grant.

Related specifications:

  • OAuth 2.0 Token Exchange (RFC 8693)

  • Field Details

  • Constructor Details

    • TokenExchangeGrant

      public TokenExchangeGrant(Token subjectToken, TokenTypeURI subjectTokenType)
      Creates a new token exchange grant.
      Parameters:
      subjectToken - The subject token representing the identity of the party on behalf of whom the request is being made. Must not be null.
      subjectTokenType - Identifier for the type of the subject token. Must not be null.

    • TokenExchangeGrant

      public TokenExchangeGrant(Token subjectToken, TokenTypeURI subjectTokenType, Token actorToken, TokenTypeURI actorTokenType, TokenTypeURI requestedTokenType, List<Audience> audience)
      Creates a new token exchange grant.
      Parameters:
      subjectToken - The subject token representing the identity of the party on behalf of whom the request is being made. Must not be null.
      subjectTokenType - Identifier for the type of the subject token. Must not be null.
      actorToken - Optional token representing the identity of the acting party, null if not specified.
      actorTokenType - Identifier for the type of the actor token, if present.
      requestedTokenType - Optional identifier for the requested type of security token, null if not specified.
      audience - Optional audience for the requested security token, null if not specified.

  • Method Details

    • getSubjectToken

      public Token getSubjectToken()
      Returns the subject token representing the identity of the party on behalf of whom the request is being made.
      Returns:
      The subject token.

    • getSubjectTokenType

      public TokenTypeURI getSubjectTokenType()
      Returns the identifier for the type of the subject token.
      Returns:
      The subject token type identifier.

    • getActorToken

      public Token getActorToken()
      Returns the optional token representing the identity of the acting party.
      Returns:
      The actor token, null if not specified.

    • getActorTokenType

      public TokenTypeURI getActorTokenType()
      Returns the identifier for the type of the optional actor token, if present.
      Returns:
      The actor token type identifier, null if not present.

    • getRequestedTokenType

      public TokenTypeURI getRequestedTokenType()
      Returns the optional identifier for the requested type of security token.
      Returns:
      The requested token type, null if not specified.

    • getAudience

      public List<Audience> getAudience()
      Returns the optional audience for the requested security token.
      Returns:
      The audience, null if not specified.

    • toParameters

      public Map<String,List<String>> toParameters()
      Description copied from class: AuthorizationGrant
      Returns the request body parameters for the authorisation grant.
      Specified by:
      toParameters in class AuthorizationGrant
      Returns:
      The parameters.

    • parse

      public static TokenExchangeGrant parse(Map<String,List<String>> params) throws ParseException
      Parses a token exchange grant from the specified request body parameters.

      Example: 

       grant_type=urn:ietf:params:oauth:grant-type:token-exchange
 resource=https://backend.example.com/api
 subject_token=accVkjcJyb4BWCxGsndESCJQbdFMogUC5PbRDqceLTC
 subject_token_type=urn:ietf:params:oauth:token-type:access_token
      Parameters:
      params - The parameters.
      Returns:
      The token exchange grant.
      Throws:
      ParseException - If parsing failed.

    • equals

      public boolean equals(Object o)
      Overrides:
      equals in class Object

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object