trait AuthorizationHandler[U] extends AnyRef
Provide Authorization phases support for using OAuth 2.0.
[Authorization phases]
Authorization Code Grant
- validateClient(request)
- findAuthInfoByCode(code)
- deleteAuthCode(code)
- getStoredAccessToken(authInfo)
- refreshAccessToken(authInfo, token)
- createAccessToken(authInfo)
Refresh Token Grant
- validateClient(clientCredential, grantType)
- findAuthInfoByRefreshToken(refreshToken)
- refreshAccessToken(authInfo, refreshToken)
Resource Owner Password Credentials Grant
- validateClient(request)
- findUser(request)
- getStoredAccessToken(authInfo)
- refreshAccessToken(authInfo, token)
- createAccessToken(authInfo)
Client Credentials Grant
- validateClient(request)
- findUser(request)
- getStoredAccessToken(authInfo)
- refreshAccessToken(authInfo, token)
- createAccessToken(authInfo)
Implicit Grant
- validateClient(request)
- findUser(request)
- getStoredAccessToken(authInfo)
- createAccessToken(authInfo)
- Alphabetic
- By Inheritance
- AuthorizationHandler
- AnyRef
- Any
- Hide All
- Show All
- Public
- Protected
Abstract Value Members
- abstract def createAccessToken(authInfo: AuthInfo[U]): Future[AccessToken]
Creates a new access token by authorized information.
Creates a new access token by authorized information.
- authInfo
This value is already authorized by system.
- returns
Access token returns to client.
- abstract def deleteAuthCode(code: String): Future[Unit]
Deletes an authorization code.
Deletes an authorization code.
Called when an AccessToken has been successfully issued via an authorization code.
If you don't support Authorization Code Grant, then you don't need to implement this method.
- code
Client-sent authorization code
- abstract def findAuthInfoByCode(code: String): Future[Option[AuthInfo[U]]]
Find authorized information by authorization code.
Find authorized information by authorization code.
If you don't support Authorization Code Grant then doesn't need implementing.
- code
Client sends authorization code which is registered by system.
- returns
Return authorized information that matched the code.
- abstract def findAuthInfoByRefreshToken(refreshToken: String): Future[Option[AuthInfo[U]]]
Find authorized information by refresh token.
Find authorized information by refresh token.
If you don't support Refresh Token Grant then doesn't need implementing.
- refreshToken
Client sends refresh token which is created by system.
- returns
Return authorized information that matched the refresh token.
- abstract def findUser(maybeCredential: Option[ClientCredential], request: AuthorizationRequest): Future[Option[U]]
Authenticate the user that issued the authorization request.
Authenticate the user that issued the authorization request. Client credential, Password and Implicit Grant call this method.
- maybeCredential
client credential parsed from request
- request
Request sent by client.
- abstract def getStoredAccessToken(authInfo: AuthInfo[U]): Future[Option[AccessToken]]
Returns stored access token by authorized information.
Returns stored access token by authorized information.
If want to create new access token then have to return None
- authInfo
This value is already authorized by system.
- returns
Access token returns to client.
- abstract def refreshAccessToken(authInfo: AuthInfo[U], refreshToken: String): Future[AccessToken]
Creates a new access token by refreshToken.
Creates a new access token by refreshToken.
- authInfo
This value is already authorized by system.
- returns
Access token returns to client.
- abstract def validateClient(maybeCredential: Option[ClientCredential], request: AuthorizationRequest): Future[Boolean]
Verify proper client with parameters for issue an access token.
Verify proper client with parameters for issue an access token. Note that per the OAuth Specification, a Client may be valid if it only contains a client ID but no client secret (common with Public Clients). However, if the registered client has a client secret value the specification requires that a client secret must always be provided and verified for that client ID.
- maybeCredential
client credential parsed from request
- request
Request sent by client.
- returns
true if request is a regular client, false if request is a illegal client.
Concrete Value Members
- final def !=(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
- final def ##: Int
- Definition Classes
- AnyRef → Any
- final def ==(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
- final def asInstanceOf[T0]: T0
- Definition Classes
- Any
- def clone(): AnyRef
- Attributes
- protected[lang]
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.CloneNotSupportedException]) @IntrinsicCandidate() @native()
- final def eq(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
- def equals(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef → Any
- final def getClass(): Class[_ <: AnyRef]
- Definition Classes
- AnyRef → Any
- Annotations
- @IntrinsicCandidate() @native()
- def hashCode(): Int
- Definition Classes
- AnyRef → Any
- Annotations
- @IntrinsicCandidate() @native()
- final def isInstanceOf[T0]: Boolean
- Definition Classes
- Any
- final def ne(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
- final def notify(): Unit
- Definition Classes
- AnyRef
- Annotations
- @IntrinsicCandidate() @native()
- final def notifyAll(): Unit
- Definition Classes
- AnyRef
- Annotations
- @IntrinsicCandidate() @native()
- final def synchronized[T0](arg0: => T0): T0
- Definition Classes
- AnyRef
- def toString(): String
- Definition Classes
- AnyRef → Any
- final def wait(arg0: Long, arg1: Int): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.InterruptedException])
- final def wait(arg0: Long): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.InterruptedException]) @native()
- final def wait(): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.InterruptedException])
Deprecated Value Members
- def finalize(): Unit
- Attributes
- protected[lang]
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.Throwable]) @Deprecated
- Deprecated
(Since version 9)