Class OAuth2TokenIntrospectionAuthorizerBuilder
java.lang.Object
com.linecorp.armeria.server.auth.oauth2.OAuth2TokenIntrospectionAuthorizerBuilder
Builds a
OAuth2TokenIntrospectionAuthorizer
instance.-
Field Summary
-
Method Summary
Modifier and TypeMethodDescriptionaccessTokenType
(String accessTokenType) Access Token type permitted by this authorizer, as per [RFC6749], Section 7.1.build()
Builds a new instance ofOAuth2TokenIntrospectionAuthorizer
using configured parameters.Provides caching facility for OAuth 2.0OAuth2TokenDescriptor
in order to avoid continuous Token Introspection as per [RFC7662], Section 2.2.clientAuthorization
(Supplier<String> authorizationSupplier, String authorizationType) Provides client authorization for the OAuth 2.0 Introspection requests based on encoded authorization token and authorization type, as per [RFC6749], Section 2.3.clientBasicAuthorization
(Supplier<String> authorizationSupplier) Provides client authorization for the OAuth 2.0 Introspection requests based on encoded authorization token andBasic
authorization type, as per [RFC6749], Section 2.3.clientCredentials
(Supplier<? extends Map.Entry<String, String>> credentialsSupplier) Provides client authorization for the OAuth 2.0 Introspection requests based on client credentials andBasic
authorization type, as per [RFC6749], Section 2.3.clientCredentials
(Supplier<? extends Map.Entry<String, String>> credentialsSupplier, String authorizationType) Provides client authorization for the OAuth 2.0 Introspection requests based on client credentials and authorization type, as per [RFC6749], Section 2.3.permittedScope
(Iterable<String> scope) AnIterable
of case-sensitive scope strings permitted by this authorizer.permittedScope
(String... scope) An array of case-sensitive scope strings permitted by this authorizer.An HTTP Realm - a name designating of the protected area.
-
Field Details
-
DEFAULT_CACHE_SPEC
- See Also:
-
-
Method Details
-
clientAuthorization
public OAuth2TokenIntrospectionAuthorizerBuilder clientAuthorization(Supplier<String> authorizationSupplier, String authorizationType) Provides client authorization for the OAuth 2.0 Introspection requests based on encoded authorization token and authorization type, as per [RFC6749], Section 2.3.- Parameters:
authorizationSupplier
- A supplier of encoded client authorization token.authorizationType
- One of the registered HTTP authentication schemes as per HTTP Authentication Scheme Registry.
-
clientBasicAuthorization
public OAuth2TokenIntrospectionAuthorizerBuilder clientBasicAuthorization(Supplier<String> authorizationSupplier) Provides client authorization for the OAuth 2.0 Introspection requests based on encoded authorization token andBasic
authorization type, as per [RFC6749], Section 2.3.- Parameters:
authorizationSupplier
- A supplier of encoded client authorization token.
-
clientCredentials
public OAuth2TokenIntrospectionAuthorizerBuilder clientCredentials(Supplier<? extends Map.Entry<String, String>> credentialsSupplier, String authorizationType) Provides client authorization for the OAuth 2.0 Introspection requests based on client credentials and authorization type, as per [RFC6749], Section 2.3.- Parameters:
credentialsSupplier
- A supplier of client credentials.authorizationType
- One of the registered HTTP authentication schemes as per HTTP Authentication Scheme Registry.
-
clientCredentials
public OAuth2TokenIntrospectionAuthorizerBuilder clientCredentials(Supplier<? extends Map.Entry<String, String>> credentialsSupplier) Provides client authorization for the OAuth 2.0 Introspection requests based on client credentials andBasic
authorization type, as per [RFC6749], Section 2.3.- Parameters:
credentialsSupplier
- A supplier of client credentials.
-
accessTokenType
Access Token type permitted by this authorizer, as per [RFC6749], Section 7.1. The authorizer will accept any type if empty. OPTIONAL. -
realm
An HTTP Realm - a name designating of the protected area. OPTIONAL. -
permittedScope
AnIterable
of case-sensitive scope strings permitted by this authorizer. The authorizer will accept any scope if empty. -
permittedScope
An array of case-sensitive scope strings permitted by this authorizer. The authorizer will accept any scope if empty. -
cacheSpec
Provides caching facility for OAuth 2.0OAuth2TokenDescriptor
in order to avoid continuous Token Introspection as per [RFC7662], Section 2.2. Sets the Caffeine specification string of the cache that stores the tokens. If not set, "maximumSize=1024,expireAfterWrite=1h" is used by default. -
build
Builds a new instance ofOAuth2TokenIntrospectionAuthorizer
using configured parameters.
-