Interface ClientAuthenticationInterceptor
-
- All Superinterfaces:
Lifecycle
@ThreadSafe public interface ClientAuthenticationInterceptor extends Lifecycle
Service Provider Interface (SPI) for intercepting successful and failed client authentications at all Connect2id server endpoints where such authentication occurs, such as the token, token introspection, token revocation and pushed authorisation request (PAR) endpoints.Successful client authentications can be subjected to additional checks and rejected with an
InvalidClientException
to produce an OAuth 2.0invalid_client
error.Implementations must be thread-safe. Interceptors that emit events should use a separate thread for blocking operations.
-
-
Method Summary
All Methods Instance Methods Default Methods Modifier and Type Method Description default void
interceptError(com.nimbusds.oauth2.sdk.auth.ClientAuthentication clientAuth, com.nimbusds.oauth2.sdk.auth.verifier.InvalidClientException exception, ClientAuthenticationContext ctx)
Intercepts a failed client authentication.default void
interceptSuccess(com.nimbusds.oauth2.sdk.auth.ClientAuthentication clientAuth, ClientAuthenticationContext ctx)
Intercepts a successful client authentication.
-
-
-
Method Detail
-
interceptSuccess
default void interceptSuccess(com.nimbusds.oauth2.sdk.auth.ClientAuthentication clientAuth, ClientAuthenticationContext ctx) throws com.nimbusds.oauth2.sdk.auth.verifier.InvalidClientException
Intercepts a successful client authentication. The default implementation takes no action.- Parameters:
clientAuth
- The client authentication. Notnull
.ctx
- The client authentication context. Notnull
.- Throws:
com.nimbusds.oauth2.sdk.auth.verifier.InvalidClientException
- To reject the client authentication with aninvalid_client
error. The exception message will be logged internally and will not be exposed to the client in theinvalid_client
error description.
-
interceptError
default void interceptError(com.nimbusds.oauth2.sdk.auth.ClientAuthentication clientAuth, com.nimbusds.oauth2.sdk.auth.verifier.InvalidClientException exception, ClientAuthenticationContext ctx)
Intercepts a failed client authentication. The default implementation takes no action.- Parameters:
clientAuth
- The client authentication. Notnull
.exception
- The invalid client exception. Notnull
.ctx
- The client authentication context. Notnull
.
-
-