Package com.nimbusds.openid.connect.provider.spi.grants

Class TokenExchangeAuthorization

java.lang.Object
com.nimbusds.openid.connect.provider.spi.grants.GrantAuthorization
com.nimbusds.openid.connect.provider.spi.grants.SubjectAuthorization
com.nimbusds.openid.connect.provider.spi.grants.TokenExchangeAuthorization
@Immutable public class TokenExchangeAuthorization extends SubjectAuthorization
Authorisation produced by a TokenExchangeGrantHandler.

Supported issued token types:

  • Access token (TokenTypeURI.ACCESS_TOKEN)

  • Constructor Details

    • TokenExchangeAuthorization

      public TokenExchangeAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, com.nimbusds.oauth2.sdk.Scope scope, AccessTokenSpec accessTokenSpec, ClaimsSpec claimsSpec, @Nullable net.minidev.json.JSONObject data)
      Creates a new token exchange authorisation specifying the issue of an own (local) access token.
      Parameters:
      subject - The subject (end-user) identifier. Must not be null.
      scope - The authorised scope. Must not be null.
      accessTokenSpec - The access token specification. Must not be null.
      claimsSpec - The OpenID claims specification. Must not be null.
      data - Additional data as a JSON object, null if not specified.

    • TokenExchangeAuthorization

      public TokenExchangeAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, com.nimbusds.oauth2.sdk.Scope scope, boolean longLived, AccessTokenSpec accessTokenSpec, RefreshTokenSpec refreshTokenSpec, ClaimsSpec claimsSpec, @Nullable net.minidev.json.JSONObject data)
      Creates a new token exchange authorisation specifying the issue of an own (local) access token with an optional refresh token.
      Parameters:
      subject - The subject (end-user) identifier. Must not be null.
      scope - The authorised scope. Must not be null.
      longLived - Controls the authorisation lifetime. true for a long-lived (implies persistence), false for a short-lived (transient).
      accessTokenSpec - The access token specification. Must not be null.
      refreshTokenSpec - The refresh token specification. Must not be null.
      claimsSpec - The OpenID claims specification. Must not be null.
      data - Additional data as a JSON object, null if not specified.

    • TokenExchangeAuthorization

      public TokenExchangeAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, com.nimbusds.oauth2.sdk.Scope scope, boolean longLived, AccessTokenSpec accessTokenSpec, RefreshTokenSpec refreshTokenSpec, IDTokenSpec idTokenSpec, ClaimsSpec claimsSpec, @Nullable net.minidev.json.JSONObject data)
      Creates a new token exchange authorisation specifying the issue of an own (local) access token with an optional refresh token and ID token.
      Parameters:
      subject - The subject (end-user) identifier. Must not be null.
      scope - The authorised scope. Must not be null.
      longLived - Controls the authorisation lifetime. true for a long-lived (implies persistence), false for a short-lived (transient).
      accessTokenSpec - The access token specification. Must not be null.
      refreshTokenSpec - The refresh token specification. Must not be null.
      idTokenSpec - The ID token specification. Must not be null.
      claimsSpec - The OpenID claims specification. Must not be null.
      data - Additional data as a JSON object, null if not specified.

  • Method Details

    • getTokenType

      public com.nimbusds.oauth2.sdk.token.TokenTypeURI getTokenType()
      Returns the type of the issued token.
      Returns:
      The type of the issued token.

    • isLongLived

      public boolean isLongLived()
      Returns the authorisation lifetime.
      Returns:
      true for a long-lived authorisation (implies persistence), false for a short-lived (transient).

    • getRefreshTokenSpec

      public RefreshTokenSpec getRefreshTokenSpec()
      Returns the refresh token specification.
      Returns:
      The refresh token specification.

    • toJSONObject

      public net.minidev.json.JSONObject toJSONObject()
      Description copied from class: GrantAuthorization
      Returns a JSON object representation of this authorisation.
      Overrides:
      toJSONObject in class SubjectAuthorization
      Returns:
      The JSON object representation.

    • parse

      public static TokenExchangeAuthorization parse(net.minidev.json.JSONObject jsonObject) throws com.nimbusds.oauth2.sdk.ParseException
      Parses a token exchange authorisation from the specified JSON object.
      Parameters:
      jsonObject - The JSON object to parse. Must not be null.
      Returns:
      The token exchange authorisation.
      Throws:
      com.nimbusds.oauth2.sdk.ParseException - If parsing failed.

    • parse

      public static TokenExchangeAuthorization parse(String json) throws com.nimbusds.oauth2.sdk.ParseException
      Parses a token exchange authorisation from the specified JSON object string.
      Parameters:
      json - The JSON object string to parse. Must not be null.
      Returns:
      The token exchange authorisation.
      Throws:
      com.nimbusds.oauth2.sdk.ParseException - If parsing failed.