Source code

001package com.nimbusds.openid.connect.provider.spi.grants;
002
003
004import com.nimbusds.oauth2.sdk.GeneralException;
005import com.nimbusds.oauth2.sdk.Scope;
006import com.nimbusds.oauth2.sdk.client.ClientMetadata;
007import com.nimbusds.oauth2.sdk.id.ClientID;
008
009
010/**
011 * Service Provider Interface (SPI) for handling token requests with an OAuth
012 * 2.0 Client Credentials grant.
013 *
014 * <p>Related specifications:
015 *
016 * <ul>
017 *     <li>OAuth 2.0 (RFC 6749), sections 1.3.4 and 4.4.
018 * </ul>
019 */
020public interface ClientCredentialsGrantHandler extends GrantHandler {
021
022
023        /**
024         * Handles a Client Credentials grant request. The client is
025         * confidential and always authenticated.
026         *
027         * @param scope          The requested scope, {@code null} if not
028         *                       specified.
029         * @param clientID       The client identifier. Not {@code null}.
030         * @param clientMetadata The OAuth 2.0 client metadata. Not
031         *                       {@code null}.
032         *
033         * @return The client credentials grant authorisation response.
034         *
035         * @throws GeneralException If the grant is denied, or another
036         *                          exception was encountered.
037         */
038        public GrantAuthorization processGrant(final Scope scope,
039                                               final ClientID clientID,
040                                               final ClientMetadata clientMetadata)
041                throws GeneralException;
042}