Authlete
Properties | List of all members
TokenIssueResponse Class Reference

Response from Authlete's /api/auth/token/issue API. More...

Inheritance diagram for TokenIssueResponse:
ApiResponse

Properties

TokenIssueAction Action [get, set]
 The next action that the token endpoint implementation should take. More...
 
string ResponseContent [get, set]
 The response content which can be used as the entity body of the response to the client application. More...
 
string AccessToken [get, set]
 The newly issued access token. This property returns a non-null value only when the Action property returns TokenIssueAction.OK. More...
 
long AccessTokenExpiresAt [get, set]
 The date at which the access token will expire. The value is expressed in milliseconds since the Unix epoch (1970-Jan-1). More...
 
long AccessTokenDuration [get, set]
 The duration of the access token in seconds. More...
 
string RefreshToken [get, set]
 The newly issued refresh token. This property returns a non-null value only when the Action property returns TokenIssueAction.OK and the service is configured to support the refresh token flow. More...
 
long RefreshTokenExpiresAt [get, set]
 The date at which the refresh token will expire. The value is expressed in milliseconds since the Unix epoch (1970-Jan-1). More...
 
long RefreshTokenDuration [get, set]
 The duration of the refresh token in seconds. More...
 
long ClientId [get, set]
 The ID of the client application associated with the access token. More...
 
string ClientIdAlias [get, set]
 The client ID alias. If no alias is assigned to the client application, this property returns null. More...
 
bool IsClientIdAliasUsed [get, set]
 The flag which indicates whether the client ID alias was used when the token request was made. More...
 
string Subject [get, set]
 The subject (= unique identifier) of the user (= resource owner) of the access token. More...
 
string[] Scopes [get, set]
 The scopes covered by the access token. More...
 
Property[] Properties [get, set]
 Extra properties associated with the access token. More...
 
string JwtAccessToken [get, set]
 The newly issued access token in JWT format. More...
 
string[] AccessTokenResources [get, set]
 The target resources of the access token. More...
 
- Properties inherited from ApiResponse
string ResultCode [get, set]
 The code of the result of an Authlete API call. For example, "A004001". More...
 
string ResultMessage [get, set]
 The message of the result of an Authlete API call. For example, "[A001202] /client/get/list, Authorization header is missing." More...
 

Detailed Description

Response from Authlete's /api/auth/token/issue API.

Authlete's /api/auth/token/issue API returns JSON which can be mapped to this class. The token endpoint implementation should retrieve the value of the "action" response parameter (which can be obtained via the Action property of this class) from the response and take the following steps according to the value.

When the value of the Action property is TokenIssueAction.INTERNAL_SERVER_ERROR, it means that the request from your system was wrong or that an error occurred in Authlete. In either case, from a viewpoint of the client application, it is an error on the server side. Therefore, the token endpoint implementation should generate a response to the client application with the HTTP status of "500 Internal Server Error".

In this case, the ResponseContent property returns a JSON string which describes the error, so it can be used as the entity body of the response. The following illustrates the response which the token endpoint implementation should generate and return to the client application.

HTTP/1.1 500 Internal Server Error
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache
(The value returned from ResponseContent)

When the value of the Action property is TokenIssueAction.OK, it means that Authlete's /api/auth/token/issue API successfully generated an access token. The HTTP status of the response returned to the client application must be "200 OK" and the content type must be "application/json".

In this case, the ResponseContent property returns a JSON string which contains the issued access token, so it can be used as the entity body of the response. The following illustrates the response which the token endpoint implementation should generate and return to the client application.

HTTP/1.1 200 OK
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache
(The value returned from ResponseContent)

Property Documentation

◆ AccessToken

string AccessToken
getset

The newly issued access token. This property returns a non-null value only when the Action property returns TokenIssueAction.OK.

◆ AccessTokenDuration

long AccessTokenDuration
getset

The duration of the access token in seconds.

◆ AccessTokenExpiresAt

long AccessTokenExpiresAt
getset

The date at which the access token will expire. The value is expressed in milliseconds since the Unix epoch (1970-Jan-1).

◆ AccessTokenResources

string [] AccessTokenResources
getset

The target resources of the access token.

See RFC 8707 (Resource Indicators for OAuth 2.0) for details.

Since version 1.4.0.

◆ Action

TokenIssueAction Action
getset

The next action that the token endpoint implementation should take.

◆ ClientId

long ClientId
getset

The ID of the client application associated with the access token.

◆ ClientIdAlias

string ClientIdAlias
getset

The client ID alias. If no alias is assigned to the client application, this property returns null.

◆ IsClientIdAliasUsed

bool IsClientIdAliasUsed
getset

The flag which indicates whether the client ID alias was used when the token request was made.

◆ JwtAccessToken

string JwtAccessToken
getset

The newly issued access token in JWT format.

If the authorization server is configured to issue JWT-based access tokens (= if the AccessTokenSignAlg property of the Service holds a non-null value), a JWT-based access token is issued along with the original random-string one.

Regarding the detailed format of the JWT-based access token, see the description of the Service class.

Since version 1.3.0.

◆ Properties

Property [] Properties
getset

Extra properties associated with the access token.

◆ RefreshToken

string RefreshToken
getset

The newly issued refresh token. This property returns a non-null value only when the Action property returns TokenIssueAction.OK and the service is configured to support the refresh token flow.

If "Refresh Token Continuous Use" conifiguration parameter of the service is NO (= refreshTokenKept=false), a new refresh token is issued and the old refresh token used in the refresh token flow is invalidated. On the contrary, if the configuration parameter is YES, the refresh token itself is not refreshed.

◆ RefreshTokenDuration

long RefreshTokenDuration
getset

The duration of the refresh token in seconds.

◆ RefreshTokenExpiresAt

long RefreshTokenExpiresAt
getset

The date at which the refresh token will expire. The value is expressed in milliseconds since the Unix epoch (1970-Jan-1).

◆ ResponseContent

string ResponseContent
getset

The response content which can be used as the entity body of the response to the client application.

◆ Scopes

string [] Scopes
getset

The scopes covered by the access token.

◆ Subject

string Subject
getset

The subject (= unique identifier) of the user (= resource owner) of the access token.

The documentation for this class was generated from the following file:
Authlete.Dto.BackchannelAuthenticationIssueAction.OK
@ OK
The implementation of the backchannel authentication endpoint should return a 200 OK response to the ...
Authlete.Dto.TokenIssueResponse.ResponseContent
string ResponseContent
The response content which can be used as the entity body of the response to the client application.
Definition: TokenIssueResponse.cs:111