Package com.mastercard.developer.oauth2.core

Class OAuth2Handler

java.lang.Object

com.mastercard.developer.oauth2.core.OAuth2Handler

public final class OAuth2Handler
extends Object

Acts as an orchestrator for adding OAuth2 authentication to API requests. This class uses the adapter pattern (HttpAdapter) to work with different HTTP clients, making it client-agnostic.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static final record	OAuth2Handler.AccessTokenResponse	Model for the response from an OAuth2 token endpoint.

Constructor Summary

Constructors

Constructor	Description
OAuth2Handler(OAuth2Config config)	Creates a new instance of this class with the given configuration.

Method Summary

Modifier and Type	Method	Description
static String	createAccessTokenRequestBody(String clientId, String scope, String clientAssertion)	Creates a URL-encoded request body for an OAuth2 client credentials token request.
static String	createClientAssertion(OAuth2Config config)	Creates a private_key_jwt client assertion for OAuth2 token requests.
static String	createResourceRequestDPoP(OAuth2Config config, String dpopKeyId, String htm, String resourceUrl, String accessToken, String nonceOrNull)	Creates a DPoP proof token for resource access requests.
static String	createTokenRequestDPoP(OAuth2Config config, String dpopKeyId, String nonceOrNull)	Creates a DPoP proof token for OAuth2 token endpoint requests.
<Request, Response> Response	execute(Request request, HttpAdapter<Request,Response> adapter)	Main entry point that coordinates the entire OAuth2 flow for each intercepted request.
static OAuth2Handler.AccessTokenResponse	parseAccessTokenJson(String accessTokenResponse)	Parses an OAuth2 token response JSON.

Methods inherited from class java.lang.Object

clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

OAuth2Handler

public OAuth2Handler(OAuth2Config config)

Creates a new instance of this class with the given configuration.

Method Details

execute

public <Request,
Response> Response execute(Request request,
 HttpAdapter<Request,Response> adapter)
                                    throws Exception

Main entry point that coordinates the entire OAuth2 flow for each intercepted request.

Throws:

Exception

createClientAssertion

public static String createClientAssertion(OAuth2Config config)

Creates a private_key_jwt client assertion for OAuth2 token requests. The assertion is signed with the client's private key. See: Private Key JWT

createTokenRequestDPoP

public static String createTokenRequestDPoP(OAuth2Config config,
 String dpopKeyId,
 String nonceOrNull)

Creates a DPoP proof token for OAuth2 token endpoint requests. This token proves possession of the DPoP key pair when requesting an access token.

createResourceRequestDPoP

public static String createResourceRequestDPoP(OAuth2Config config,
 String dpopKeyId,
 String htm,
 String resourceUrl,
 String accessToken,
 String nonceOrNull)

Creates a DPoP proof token for resource access requests. This token proves possession of the DPoP key pair and binds it to the access token.

parseAccessTokenJson

public static OAuth2Handler.AccessTokenResponse parseAccessTokenJson(String accessTokenResponse)

Parses an OAuth2 token response JSON. Example:

 {
   "access_token": "eyJ4NXQjUzI1NiI6Ii1sb...LTE69XYj5oPIq4PZf2WaMxLow",
   "token_type": "DPoP",
   "expires_in": 900,
   "scope": "service:scope1 service:scope2"
 }
 

See: RFC 6749 Section 5.1

createAccessTokenRequestBody

public static String createAccessTokenRequestBody(String clientId,
 String scope,
 String clientAssertion)

Creates a URL-encoded request body for an OAuth2 client credentials token request.