Creates a new access token by authorized information.
Creates a new access token by authorized information.
This value is already authorized by system.
Access token returns to client.
Deletes an authorization code.
Deletes an authorization code.
Called when an AccessToken has been successfully issued via an authorization code.
If you don't support Authorization Code Grant, then you don't need to implement this method.
Client-sent authorization code
Find authorized information by authorization code.
Find authorized information by authorization code.
If you don't support Authorization Code Grant then doesn't need implementing.
Client sends authorization code which is registered by system.
Return authorized information that matched the code.
Find authorized information by refresh token.
Find authorized information by refresh token.
If you don't support Refresh Token Grant then doesn't need implementing.
Client sends refresh token which is created by system.
Return authorized information that matched the refresh token.
Authenticate the user that issued the authorization request.
Authenticate the user that issued the authorization request. Client credential, Password and Implicit Grant call this method.
client credential parsed from request
Request sent by client.
Returns stored access token by authorized information.
Returns stored access token by authorized information.
If want to create new access token then have to return None
This value is already authorized by system.
Access token returns to client.
Creates a new access token by refreshToken.
Creates a new access token by refreshToken.
This value is already authorized by system.
Access token returns to client.
Verify proper client with parameters for issue an access token.
Verify proper client with parameters for issue an access token. Note that per the OAuth Specification, a Client may be valid if it only contains a client ID but no client secret (common with Public Clients). However, if the registered client has a client secret value the specification requires that a client secret must always be provided and verified for that client ID.
client credential parsed from request
Request sent by client.
true if request is a regular client, false if request is a illegal client.
Provide Authorization phases support for using OAuth 2.0.
[Authorization phases]
Authorization Code Grant
Refresh Token Grant
Resource Owner Password Credentials Grant
Client Credentials Grant
Implicit Grant