Package com.nimbusds.oauth2.sdk.token

Class BearerAccessToken

  • All Implemented Interfaces:
    Serializable, Comparable<Identifier>, net.minidev.json.JSONAware
    @Immutable
public class BearerAccessToken
extends AccessToken
    Bearer access token.

    Example bearer access token serialised to JSON: 

     {
   "access_token" : "2YotnFZFEjr1zCsicMWpAA",
   "token_type"   : "bearer",
   "expires_in"   : 3600,
   "scope"        : "read write"
 }

    The above example token serialised to a HTTP Authorization header: 

     Authorization: Bearer 2YotnFZFEjr1zCsicMWpAA

    Related specifications:

    • OAuth 2.0 (RFC 6749), sections 1.4 and 5.1.
    • OAuth 2.0 Bearer Token Usage (RFC 6750).
    • OAuth 2.0 Token Exchange (RFC 8693), section 3.
    See Also:
    Serialized Form

    • Constructor Detail

      • BearerAccessToken

        public BearerAccessToken()
        Creates a new minimal bearer access token with a randomly generated 256-bit (32-byte) value, Base64URL-encoded. The optional lifetime, scope and token type URI are left unspecified.

      • BearerAccessToken

        public BearerAccessToken​(int byteLength)
        Creates a new minimal bearer access token with a randomly generated value of the specified byte length, Base64URL-encoded. The optional lifetime, scope and token type URI are left unspecified.
        Parameters:
        byteLength - The byte length of the value to generate. Must be greater than one.

      • BearerAccessToken

        public BearerAccessToken​(long lifetime,
                         Scope scope)
        Creates a new bearer access token with a randomly generated 256-bit (32-byte) value, Base64URL-encoded. The optional token type URI is left unspecified.
        Parameters:
        lifetime - The lifetime in seconds, 0 if not specified.
        scope - The scope, null if not specified.

      • BearerAccessToken

        public BearerAccessToken​(int byteLength,
                         long lifetime,
                         Scope scope)
        Creates a new bearer access token with a randomly generated value of the specified byte length, Base64URL-encoded. The optional token type URI is left unspecified.
        Parameters:
        byteLength - The byte length of the value to generate. Must be greater than one.
        lifetime - The lifetime in seconds, 0 if not specified.
        scope - The scope, null if not specified.

      • BearerAccessToken

        public BearerAccessToken​(String value)
        Creates a new minimal bearer access token with the specified value. The optional lifetime, scope and token type URI are left unspecified.
        Parameters:
        value - The access token value. Must not be null or empty string.

      • BearerAccessToken

        public BearerAccessToken​(String value,
                         long lifetime,
                         Scope scope)
        Creates a new bearer access token with the specified value. The token type URI is left unspecified.
        Parameters:
        value - The access token value. Must not be null or empty string.
        lifetime - The lifetime in seconds, 0 if not specified.
        scope - The scope, null if not specified.

      • BearerAccessToken

        public BearerAccessToken​(String value,
                         long lifetime,
                         Scope scope,
                         TokenTypeURI issuedTokenType)
        Creates a new bearer access token with the specified value.
        Parameters:
        value - The access token value. Must not be null or empty string.
        lifetime - The lifetime in seconds, 0 if not specified.
        scope - The scope, null if not specified.
        issuedTokenType - The token type URI, null if not specified.

    • Method Detail

      • parse

        public static BearerAccessToken parse​(net.minidev.json.JSONObject jsonObject)
                               throws ParseException
        Parses a bearer access token from a JSON object access token response.
        Parameters:
        jsonObject - The JSON object to parse. Must not be null.
        Returns:
        The bearer access token.
        Throws:
        ParseException - If the JSON object couldn't be parsed to a bearer access token.

      • parse

        public static BearerAccessToken parse​(String header)
                               throws ParseException
        Parses an HTTP Authorization header for a bearer access token.
        Parameters:
        header - The HTTP Authorization header value to parse. May be null if the header is missing, in which case an exception will be thrown.
        Returns:
        The bearer access token.
        Throws:
        ParseException - If the HTTP Authorization header value couldn't be parsed to a bearer access token.

      • parse

        public static BearerAccessToken parse​(Map<String,​List<String>> parameters)
                               throws ParseException
        Parses a query or form parameters map for a bearer access token.
        Parameters:
        parameters - The query parameters. Must not be null.
        Returns:
        The bearer access token.
        Throws:
        ParseException - If a bearer access token wasn't found in the parameters.

      • parse

        public static BearerAccessToken parse​(HTTPRequest request)
                               throws ParseException
        Parses an HTTP request for a bearer access token.
        Parameters:
        request - The HTTP request to parse. Must not be null.
        Returns:
        The bearer access token.
        Throws:
        ParseException - If a bearer access token wasn't found in the HTTP request.