001package com.nimbusds.openid.connect.provider.spi.grants; 002 003 004import com.nimbusds.oauth2.sdk.GeneralException; 005import com.nimbusds.oauth2.sdk.Scope; 006import com.nimbusds.oauth2.sdk.client.ClientMetadata; 007import com.nimbusds.oauth2.sdk.id.ClientID; 008 009 010/** 011 * Service Provider Interface (SPI) for handling token requests with an OAuth 012 * 2.0 Client Credentials grant. 013 * 014 * <p>Related specifications: 015 * 016 * <ul> 017 * <li>OAuth 2.0 (RFC 6749), sections 1.3.4 and 4.4. 018 * </ul> 019 */ 020public interface ClientCredentialsGrantHandler extends GrantHandler { 021 022 023 /** 024 * Handles a Client Credentials grant request. The client is 025 * confidential and always authenticated. 026 * 027 * @param scope The requested scope, {@code null} if not 028 * specified. 029 * @param clientID The client identifier. Not {@code null}. 030 * @param clientMetadata The OAuth 2.0 client metadata. Not 031 * {@code null}. 032 * 033 * @return The client credentials grant authorisation response. 034 * 035 * @throws GeneralException If the grant is denied, or another 036 * exception was encountered. 037 */ 038 public GrantAuthorization processGrant(final Scope scope, 039 final ClientID clientID, 040 final ClientMetadata clientMetadata) 041 throws GeneralException; 042}