Package com.nimbusds.oauth2.sdk

Class TokenRequest

  • All Implemented Interfaces:
    Message, Request
    @Immutable
public class TokenRequest
extends AbstractOptionallyIdentifiedRequest
    Token request. Used to obtain an access token and an optional refresh token at the Token endpoint of the authorisation server. Supports custom request parameters.

    Example token request with an authorisation code grant: 

     POST /token HTTP/1.1
 Host: server.example.com
 Content-Type: application/x-www-form-URIencoded
 Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW

 grant_type=authorization_code
 &code=SplxlOBeZQQYbYS6WxSbIA
 &redirect_uri=https%3A%2F%2Fclient.example.org%2Fcb

    Related specifications:

    • OAuth 2.0 (RFC 6749), sections 4.1.3, 4.3.2, 4.4.2 and 6.
    • Resource Indicators for OAuth 2.0 (RFC 8707)
    • OAuth 2.0 Incremental Authorization (draft-ietf-oauth-incremental-authz-00)

    • Constructor Detail

      • TokenRequest

        public TokenRequest​(URI uri,
                    ClientAuthentication clientAuth,
                    AuthorizationGrant authzGrant,
                    Scope scope)
        Creates a new token request with the specified client authentication.
        Parameters:
        uri - The URI of the token endpoint. May be null if the toHTTPRequest() method will not be used.
        clientAuth - The client authentication. Must not be null.
        authzGrant - The authorisation grant. Must not be null.
        scope - The requested scope, null if not specified.

      • TokenRequest

        public TokenRequest​(URI uri,
                    ClientAuthentication clientAuth,
                    AuthorizationGrant authzGrant,
                    Scope scope,
                    List<URI> resources,
                    Map<String,​List<String>> customParams)
        Creates a new token request with the specified client authentication and extension and custom parameters.
        Parameters:
        uri - The URI of the token endpoint. May be null if the toHTTPRequest() method will not be used.
        clientAuth - The client authentication. Must not be null.
        authzGrant - The authorisation grant. Must not be null.
        scope - The requested scope, null if not specified.
        resources - The resource URI(s), null if not specified.
        customParams - Custom parameters to be included in the request body, empty map or null if none.

      • TokenRequest

        public TokenRequest​(URI uri,
                    ClientAuthentication clientAuth,
                    AuthorizationGrant authzGrant)
        Creates a new token request with the specified client authentication.
        Parameters:
        uri - The URI of the token endpoint. May be null if the toHTTPRequest() method will not be used.
        clientAuth - The client authentication. Must not be null.
        authzGrant - The authorisation grant. Must not be null.

      • TokenRequest

        public TokenRequest​(URI uri,
                    ClientID clientID,
                    AuthorizationGrant authzGrant,
                    Scope scope)
        Creates a new token request, with no explicit client authentication (may be present in the grant depending on its type).
        Parameters:
        uri - The URI of the token endpoint. May be null if the toHTTPRequest() method will not be used.
        clientID - The client identifier, null if not specified.
        authzGrant - The authorisation grant. Must not be null.
        scope - The requested scope, null if not specified.

      • TokenRequest

        public TokenRequest​(URI uri,
                    ClientID clientID,
                    AuthorizationGrant authzGrant,
                    Scope scope,
                    List<URI> resources,
                    RefreshToken existingGrant,
                    Map<String,​List<String>> customParams)
        Creates a new token request, with no explicit client authentication (may be present in the grant depending on its type) and extension and custom parameters.
        Parameters:
        uri - The URI of the token endpoint. May be null if the toHTTPRequest() method will not be used.
        clientID - The client identifier, null if not specified.
        authzGrant - The authorisation grant. Must not be null.
        scope - The requested scope, null if not specified.
        resources - The resource URI(s), null if not specified.
        existingGrant - Existing refresh token for incremental authorisation of a public client, null if not specified.
        customParams - Custom parameters to be included in the request body, empty map or null if none.

      • TokenRequest

        public TokenRequest​(URI uri,
                    ClientID clientID,
                    AuthorizationGrant authzGrant)
        Creates a new token request, with no explicit client authentication (may be present in the grant depending on its type).
        Parameters:
        uri - The URI of the token endpoint. May be null if the toHTTPRequest() method will not be used.
        clientID - The client identifier, null if not specified.
        authzGrant - The authorisation grant. Must not be null.

      • TokenRequest

        public TokenRequest​(URI uri,
                    AuthorizationGrant authzGrant,
                    Scope scope)
        Creates a new token request, without client authentication and a specified client identifier.
        Parameters:
        uri - The URI of the token endpoint. May be null if the toHTTPRequest() method will not be used.
        authzGrant - The authorisation grant. Must not be null.
        scope - The requested scope, null if not specified.

      • TokenRequest

        public TokenRequest​(URI uri,
                    AuthorizationGrant authzGrant)
        Creates a new token request, without client authentication and a specified client identifier.
        Parameters:
        uri - The URI of the token endpoint. May be null if the toHTTPRequest() method will not be used.
        authzGrant - The authorisation grant. Must not be null.

    • Method Detail

      • getScope

        public Scope getScope()
        Returns the requested scope.
        Returns:
        The requested scope, null if not specified.

      • getResources

        public List<URIgetResources()
        Returns the resource server URI.
        Returns:
        The resource URI(s), null if not specified.

      • getExistingGrant

        public RefreshToken getExistingGrant()
        Returns the existing refresh token for incremental authorisation of a public client, null if not specified.
        Returns:
        The existing grant, null if not specified.

      • getCustomParameters

        public Map<String,​List<String>> getCustomParameters()
        Returns the additional custom parameters included in the request body.

        Example: 

         resource=http://xxxxxx/PartyOData
        Returns:
        The additional custom parameters as a unmodifiable map, empty map if none.

      • getCustomParameter

        public List<StringgetCustomParameter​(String name)
        Returns the specified custom parameter included in the request body.
        Parameters:
        name - The parameter name. Must not be null.
        Returns:
        The parameter value(s), null if not specified.

      • toHTTPRequest

        public HTTPRequest toHTTPRequest()
        Description copied from interface: Request
        Returns the matching HTTP request.
        Returns:
        The HTTP request.

      • parse

        public static TokenRequest parse​(HTTPRequest httpRequest)
                          throws ParseException
        Parses a token request from the specified HTTP request.
        Parameters:
        httpRequest - The HTTP request. Must not be null.
        Returns:
        The token request.
        Throws:
        ParseException - If the HTTP request couldn't be parsed to a token request.