Interface TokenIntrospectionResponseComposer
- All Superinterfaces:
Lifecycle
- All Known Implementing Classes:
BaseTokenIntrospectionResponseComposer
,DefaultTokenIntrospectionResponseComposer
Service Provider Interface (SPI) for composing token introspection (RFC
7662) responses. Implementations must be thread-safe.
The SPI may be used to respond differently to different resource servers making the same request. For instance, an authorisation server may limit which scopes from a given token are returned for each resource server to prevent a resource server from learning more about the larger network than is necessary for its operation.
See OAuth 2.0 Token Introspection (RFC 7662), section 2.2.
-
Method Summary
Modifier and TypeMethodDescriptioncom.nimbusds.oauth2.sdk.TokenIntrospectionSuccessResponse
compose
(@Nullable AccessTokenAuthorization tokenAuthz, TokenIntrospectionContext context) Composes a token introspection response.
-
Method Details
-
compose
com.nimbusds.oauth2.sdk.TokenIntrospectionSuccessResponse compose(@Nullable AccessTokenAuthorization tokenAuthz, TokenIntrospectionContext context) Composes a token introspection response.If the access token was found to be invalid or expired the method should simply return
if (tokenAuthz == null) { return new TokenIntrospectionSuccessResponse.Builder(false) .build(); }
- Parameters:
tokenAuthz
- The access token authorisation,null
if the token was found to be invalid or expired (implies"active":false
).context
- The token introspection context. Notnull
.- Returns:
- The token introspection success response (for
"active":true
as well as"active":false
access tokens.
-