Class OAuthTokenEndpoint
public class OAuthTokenEndpoint extends WResource
The token endpoint is used by the client to obtain an OAuthAccessToken
by presenting
its authorization grant. This implementation only supports the "authorization_code"
grant type. The client ID and secret can be passed with Basic auth or by POST request parameters.
When something goes wrong, the reply will include a JSON object with an "error"
attribute.
This endpoint is implemented as a WResource
, so it's usually deployed using
WServer#addResource()
.
For more information refer to the specification: https://tools.ietf.org/rfc/rfc6749.txt
When the scope includes "openid" an ID Token
will be included as specified
by the OpenID Connect standard.
This class relies on a correct implementation of several function in the AbstractUserDatabase
. Namely AbstractUserDatabase#idpClientFindWithId()
, AbstractUserDatabase#idpClientAuthMethod()
, AbstractUserDatabase#idpVerifySecret()
, AbstractUserDatabase#idpClientId()
, AbstractUserDatabase#idpTokenFindWithValue()
, AbstractUserDatabase#idpTokenAdd()
, AbstractUserDatabase#idpTokenRemove()
,
AbstractUserDatabase#idpTokenRedirectUri()
, AbstractUserDatabase::idpTokenAuthClient, AbstractUserDatabase#idpTokenUser()
, and
AbstractUserDatabase#idpTokenScope()
.
Must be deployed using TLS.
-
Nested Class Summary
Nested classes/interfaces inherited from class eu.webtoolkit.jwt.WResource
WResource.DispositionType
Nested classes/interfaces inherited from class eu.webtoolkit.jwt.WObject
WObject.FormData
-
Constructor Summary
Constructors Constructor Description OAuthTokenEndpoint(AbstractUserDatabase db, java.lang.String issuer)
Constructor. -
Method Summary
Modifier and Type Method Description void
handleRequest(WebRequest request, WebResponse response)
Handles a request.void
setAccessExpSecs(int seconds)
Sets the amount of seconds after which generated access tokens expire.void
setIdExpSecs(int seconds)
Sets the amount of seconds after which generated id tokens expire.Methods inherited from class eu.webtoolkit.jwt.WResource
dataChanged, dataExceeded, dataReceived, generateUrl, getDispositionType, getInternalPath, getSuggestedFileName, getUrl, setChanged, setDispositionType, setInternalPath, setTakesUpdateLock, setUploadProgress, suggestFileName, suggestFileName, takesUpdateLock, write, write
Methods inherited from class eu.webtoolkit.jwt.WObject
addChild, getId, getObjectName, remove, setFormData, setObjectName, tr
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Constructor Details
-
OAuthTokenEndpoint
Constructor.The issuer argument is used for the "iss" attribute in the ID
Token
when the scope includes "openid".
-
-
Method Details
-
handleRequest
Description copied from class:WResource
Handles a request.Reimplement this method so that a proper response is generated for the given request. From the request object you can access request parameters and whether the request is a continuation request. In the response object, you should set the mime type and stream the output data.
- Specified by:
handleRequest
in classWResource
- Parameters:
request
- The request informationresponse
- The response object
-
setAccessExpSecs
public void setAccessExpSecs(int seconds)Sets the amount of seconds after which generated access tokens expire.Defaults to 3600 seconds.
-
setIdExpSecs
public void setIdExpSecs(int seconds)Sets the amount of seconds after which generated id tokens expire.Defaults to 3600 seconds.
-