Package org.forgerock.http.oauth2

Interface AccessTokenResolver

All Known Implementing Classes:

CachingAccessTokenResolver, OpenAmAccessTokenResolver, TokenIntrospectionAccessTokenResolver

public interface AccessTokenResolver

Resolves a given token against a dedicated OAuth2 Identity Provider (OpenAM, Google, Facebook, ...). The AccessTokenResolver is responsible for validating the token (dates, iss, ...), except token scopes which are validated by the ResourceServerFilter.

Method Summary

Modifier and Type	Method	Description
default Promise<AccessTokenInfo,AccessTokenException>	resolve(Context context, String token)	Deprecated, for removal: This API element is subject to removal in a future version. Use resolve(Context, Supplier, String) instead.
default Promise<AccessTokenInfo,AccessTokenException>	resolve(Context context, Supplier<Request,IOException> request, String token)	Resolves a given access token against an authorization server.

Method Detail

resolve

@Deprecated(forRemoval=true,
            since="26.2.0")
default Promise<AccessTokenInfo,AccessTokenException> resolve(Context context,
                                                                    String token)

Deprecated, for removal: This API element is subject to removal in a future version.

Use resolve(Context, Supplier, String) instead.

Resolves a given access token against an authorization server.

Parameters:

context - Context chain used to keep a relationship between requests (tracking)

token - token identifier to be resolved

Returns:

a promise completed either with a valid AccessTokenInfo (well-formed, known by the server), or by an exception

resolve

default Promise<AccessTokenInfo,AccessTokenException> resolve(Context context,
                                                                    Supplier<Request,IOException> request,
                                                                    String token)

Resolves a given access token against an authorization server.

Parameters:

context - Context chain used to keep a relationship between requests (tracking)

request - a supplier for the HTTP request the access token was presented on. The request should be defensively copied by the caller in case the resolver needs to consume the entity.

token - token identifier to be resolved

Returns:

a promise completed either with a valid AccessTokenInfo (well-formed, known by the server), or by an exception