Package com.nimbusds.oauth2.sdk

Class TokenRevocationRequest

java.lang.Object

com.nimbusds.oauth2.sdk.AbstractRequest

com.nimbusds.oauth2.sdk.AbstractOptionallyAuthenticatedRequest

com.nimbusds.oauth2.sdk.AbstractOptionallyIdentifiedRequest

com.nimbusds.oauth2.sdk.TokenRevocationRequest

All Implemented Interfaces:

Message, Request

@Immutable
public final class TokenRevocationRequest
extends AbstractOptionallyIdentifiedRequest

Token revocation request. Used to revoke an issued access or refresh token.

Example token revocation request for a confidential client:

 POST /revoke HTTP/1.1
 Host: server.example.com
 Content-Type: application/x-www-form-urlencoded
 Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW

 token=45ghiukldjahdnhzdauz&token_type_hint=refresh_token
 

Example token revocation request for a public client:

 POST /revoke HTTP/1.1
 Host: server.example.com
 Content-Type: application/x-www-form-urlencoded

 token=45ghiukldjahdnhzdauz&token_type_hint=refresh_token&client_id=123456
 

Related specifications:

• OAuth 2.0 Token Revocation (RFC 7009), section 2.1.

Constructor Summary

Constructors

Constructor	Description
TokenRevocationRequest(URI uri, ClientAuthentication clientAuth, Token token)	Creates a new token revocation request for a confidential client.
TokenRevocationRequest(URI uri, ClientID clientID, Token token)	Creates a new token revocation request for a public client.

Method Summary

Modifier and Type	Method	Description
Token	getToken()	Returns the token to revoke.
static TokenRevocationRequest	parse(HTTPRequest httpRequest)	Parses a token revocation request from the specified HTTP request.
HTTPRequest	toHTTPRequest()	Returns the matching HTTP request.

Methods inherited from class com.nimbusds.oauth2.sdk.AbstractOptionallyIdentifiedRequest

getClientID

Methods inherited from class com.nimbusds.oauth2.sdk.AbstractOptionallyAuthenticatedRequest

getClientAuthentication

Methods inherited from class com.nimbusds.oauth2.sdk.AbstractRequest

getEndpointURI

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

TokenRevocationRequest

public TokenRevocationRequest(URI uri,
                              ClientAuthentication clientAuth,
                              Token token)

Creates a new token revocation request for a confidential client.

Parameters:

uri - The URI of the token revocation endpoint. May be null if the toHTTPRequest() method will not be used.

clientAuth - The client authentication. Must not be null.

token - The access or refresh token to revoke. Must not be null.

TokenRevocationRequest

public TokenRevocationRequest(URI uri,
                              ClientID clientID,
                              Token token)

Creates a new token revocation request for a public client.

Parameters:

uri - The URI of the token revocation endpoint. May be null if the toHTTPRequest() method will not be used.

clientID - The client ID. Must not be null.

token - The access or refresh token to revoke. Must not be null.

Method Detail

getToken

public Token getToken()

Returns the token to revoke. The instanceof operator can be used to infer the token type. If it's neither AccessToken nor RefreshToken the token_type_hint has not been provided as part of the token revocation request.

Returns:

The token.

toHTTPRequest

public HTTPRequest toHTTPRequest()

Description copied from interface: Request

Returns the matching HTTP request.

Returns:

The HTTP request.

parse

public static TokenRevocationRequest parse(HTTPRequest httpRequest)
                                    throws ParseException

Parses a token revocation request from the specified HTTP request.

Parameters:

httpRequest - The HTTP request. Must not be null.

Returns:

The token revocation request.

Throws:

ParseException - If the HTTP request couldn't be parsed to a token revocation request.