Interface AccessTokenProvider


  • @ProviderType
    public interface AccessTokenProvider
    Interface for an OAuth 2.0 access token provider using Authorization Grants as defined in the Assertion Framework for OAuth 2.0 Client Authentication and Authorization Grants (see RFC 7523).
    Since:
    3.1
    See Also:
    AccessTokenRequestCustomizer
    • Method Detail

      • getAccessToken

        String getAccessToken​(ResourceResolver resolver,
                              String userId,
                              Map<String,​?> claims)
                       throws CryptoException,
                              IOException,
                              NullPointerException

        Return a valid access token or throws an exception. A new access token is obtained from the authorization server if needed, by generating a JWT and using it as authorization grant. Custom claims may be added via the claim parameter. The custom claims do override the claims computed by a AccessTokenProvider implementation.

        An implementation may or may not reuse the access tokens.

        Parameters:
        resolver - The resource resolver to access the user associated to the userId
        userId - The user identifier which has access to the required asymmetric cryptographic material
        claims - An optional map of JWT claims that overrides the claims computed by a AccessTokenProvider implementation. Providing an empty map or null uses the default AccessTokenProvider implementation claims
        Returns:
        A valid JWT access token or throws an Exception (does not return null)
        Throws:
        CryptoException - If an error occurred while generating/signing the JWT claim
        IOException - If an error occurred while communicating with the authorization server
        NullPointerException - If the resolver or the userId is null