Package com.authlete.common.dto

Class TokenIssueResponse

  • All Implemented Interfaces:
    Serializable
    public class TokenIssueResponse
extends ApiResponse
    Response from Authlete's /auth/token/issue endpoint.

    Authlete's /auth/token/issue endpoint returns JSON which can be mapped to this class. The service implementation should retrieve the value of "action" from the response and take the following steps according to the value.

    INTERNAL_SERVER_ERROR

    When the value of "action" is "INTERNAL_SERVER_ERROR", it means that the request from the service implementation was wrong or that an error occurred in Authlete.

    In either case, from the viewpoint of the client application, it is an error on the server side. Therefore, the service implementation should generate a response to the client application with the HTTP status of "500 Internal Server Error".

    getResponseContent() returns a JSON string which describes the error, so it can be used as the entity body of the response.

    The following illustrates the response which the service implementation should generate and return to the client application. 

     HTTP/1.1 500 Internal Server Error
 Content-Type: application/json
 Cache-Control: no-store
 Pragma: no-cache

 (The value returned from getResponseContent())
    OK

    When the value of "action" is "OK", it means that Authlete's /auth/token/issue API successfully generated an access token.

    The HTTP status of the response returned to the client application must be "200 OK" and the content type must be "application/json".

    getResponseContent() returns a JSON string which contains an access token, so it can be used as the entity body of the response.

    The following illustrates the response which the service implementation should generate and return to the client application. 

     HTTP/1.1 200 OK
 Content-Type: application/json
 Cache-Control: no-store
 Pragma: no-cache

 (The value returned from getResponseContent())
    Author:
    Takahiko Kawasaki
    See Also:
    Serialized Form

    • Constructor Detail

      • TokenIssueResponse

        public TokenIssueResponse()

    • Method Detail

      • setAction

        public void setAction​(TokenIssueResponse.Action action)
        Set the next action that the service implementation should take.

      • getResponseContent

        public String getResponseContent()
        Get the response content which can be used as the entity body of the response returned to the client application.

      • setResponseContent

        public void setResponseContent​(String responseContent)
        Set the response content which can be used as the entity body of the response returned to the client application.

      • summarize

        public String summarize()
        Get the summary of this instance.

      • getAccessToken

        public String getAccessToken()
        Get the newly issued access token. This method returns a non-null value only when getAction() returns TokenIssueResponse.Action.OK.

        If the service is configured to issue JWT-based access tokens, a JWT-based access token is issued additionally. In the case, getJwtAccessToken() returns the JWT-based access token.

        Returns:
        The newly issued access token.
        Since:
        1.34
        See Also:
        getJwtAccessToken()

      • setAccessToken

        public void setAccessToken​(String accessToken)
        Set the newly issued access token.
        Parameters:
        accessToken - The newly issued access token.
        Since:
        1.34

      • getAccessTokenExpiresAt

        public long getAccessTokenExpiresAt()
        Get the date in milliseconds since the Unix epoch (1970-01-01) at which the access token will expire.
        Returns:
        The expiration date in milliseconds since the Unix epoch (1970-01-01) at which the access token will expire.
        Since:
        1.34

      • setAccessTokenExpiresAt

        public void setAccessTokenExpiresAt​(long expiresAt)
        Set the date in milliseconds since the Unix epoch (1970-01-01) at which the access token will expire.
        Parameters:
        expiresAt - The expiration date in milliseconds since the Unix epoch (1970-01-01) at which the access token will expire.
        Since:
        1.34

      • getAccessTokenDuration

        public long getAccessTokenDuration()
        Get the duration of the access token in seconds.
        Returns:
        Duration in seconds.
        Since:
        1.34

      • setAccessTokenDuration

        public void setAccessTokenDuration​(long duration)
        Set the duration of the access token in seconds.
        Parameters:
        duration - Duration in seconds.
        Since:
        1.34

      • getRefreshToken

        public String getRefreshToken()
        Get the refresh token. This method returns a non-null value only when getAction() returns TokenIssueResponse.Action.OK and the service supports the refresh token flow.

        If "Refresh Token Continuous Use" configuration parameter is NO (= `refreshTokenKept=false`), a new refresh token is issued and the old refresh token used in the refresh token flow is invalidated. On the contrary, if the configuration parameter is YES, the refresh token itself is not refreshed.

        Returns:
        The refresh token.
        Since:
        1.34

      • setRefreshToken

        public void setRefreshToken​(String refreshToken)
        Set the refresh token.
        Parameters:
        refreshToken - The refresh token.
        Since:
        1.34

      • getRefreshTokenExpiresAt

        public long getRefreshTokenExpiresAt()
        Get the date in milliseconds since the Unix epoch (1970-01-01) at which the refresh token will expire.
        Returns:
        The expiration date in milliseconds since the Unix epoch (1970-01-01) at which the refresh token will expire. If the refresh token is null, this method returns 0.
        Since:
        1.34

      • setRefreshTokenExpiresAt

        public void setRefreshTokenExpiresAt​(long expiresAt)
        Set the date in milliseconds since the Unix epoch (1970-01-01) at which the refresh token will expire.
        Parameters:
        expiresAt - The expiration date in milliseconds since the Unix epoch (1970-01-01) at which the refresh token will expire. If the refresh token is null, this method returns 0.
        Since:
        1.34

      • getRefreshTokenDuration

        public long getRefreshTokenDuration()
        Get the duration of the refresh token in seconds.
        Returns:
        Duration in seconds.
        Since:
        1.34

      • setRefreshTokenDuration

        public void setRefreshTokenDuration​(long duration)
        Set the duration of the refresh token in seconds.
        Parameters:
        duration - Duration in seconds.
        Since:
        1.34

      • getClientId

        public long getClientId()
        Get the client ID.
        Since:
        2.8

      • setClientId

        public void setClientId​(long clientId)
        Set the client ID.
        Since:
        2.8

      • getClientIdAlias

        public String getClientIdAlias()
        Get the client ID alias.

        If the client did not have an alias, this method returns null.

        Returns:
        The client ID alias.
        Since:
        2.8

      • setClientIdAlias

        public void setClientIdAlias​(String alias)
        Set the client ID alias.
        Parameters:
        alias - The client ID alias.
        Since:
        2.8

      • isClientIdAliasUsed

        public boolean isClientIdAliasUsed()
        Get the flag which indicates whether the client ID alias was used when the token request was made.
        Returns:
        true if the client ID alias was used when the token request was made.
        Since:
        2.8

      • setClientIdAliasUsed

        public void setClientIdAliasUsed​(boolean used)
        Set the flag which indicates whether the client ID alias was used when the token request was made.
        Parameters:
        used - true if the client ID alias was used when the token request was made.
        Since:
        2.8

      • getClientEntityId

        public URI getClientEntityId()
        Get the entity ID of the client.

        "Entity ID" is a technical term defined in OpenID Federation 1.0.

        Returns:
        The entity ID of the client.
        Since:
        3.37, Authlete 2.3
        See Also:
        OpenID Federation 1.0

      • setClientEntityId

        public void setClientEntityId​(URI entityId)
        Set the entity ID of the client.

        "Entity ID" is a technical term defined in OpenID Federation 1.0.

        Parameters:
        entityId - The entity ID of the client.
        Since:
        3.37, Authlete 2.3
        See Also:
        OpenID Federation 1.0

      • isClientEntityIdUsed

        public boolean isClientEntityIdUsed()
        Get the flag which indicates whether the entity ID of the client was used when the request for the access token was made.

        "Entity ID" is a technical term defined in OpenID Federation 1.0.

        Returns:
        true if the entity ID of the client was used when the request for the access token was made.
        Since:
        3.37, Authlete 2.3
        See Also:
        OpenID Federation 1.0

      • setClientEntityIdUsed

        public void setClientEntityIdUsed​(boolean used)
        Set the flag which indicates whether the entity ID of the client was used when the request for the access token was made.

        "Entity ID" is a technical term defined in OpenID Federation 1.0.

        Parameters:
        used - true to indicate that the entity ID of the client was used when the request for the access token was made.
        Since:
        3.37, Authlete 2.3
        See Also:
        OpenID Federation 1.0

      • getSubject

        public String getSubject()
        Get the subject (= resource owner's ID) of the access token.
        Since:
        2.8

      • setSubject

        public void setSubject​(String subject)
        Set the subject (= resource owner's ID).
        Since:
        2.8

      • getScopes

        public String[] getScopes()
        Get the scopes covered by the access token.
        Since:
        2.8

      • setScopes

        public void setScopes​(String[] scopes)
        Set the scopes covered by the access token.
        Since:
        2.8

      • getProperties

        public Property[] getProperties()
        Get the extra properties associated with the access token. This method returns null when no extra property is associated with the issued access token.
        Returns:
        Extra properties associated with the issued access token.
        Since:
        2.8

      • setProperties

        public void setProperties​(Property[] properties)
        Set the extra properties associated with the access token.
        Parameters:
        properties - Extra properties.
        Since:
        2.8

      • getJwtAccessToken

        public String getJwtAccessToken()
        Get the newly issued access token in JWT format.

        If the authorization server is configured to issue JWT-based access tokens (= if Service.getAccessTokenSignAlg() returns a non-null value), a JWT-based access token is issued along with the original random-string one.

        Regarding the detailed format of the JWT-based access token, see the description of the Service class.

        Returns:
        The newly issued access token in JWT format. If the service is not configured to issue JWT-based access tokens, this method always returns null.
        Since:
        2.37
        See Also:
        getAccessToken()

      • setJwtAccessToken

        public void setJwtAccessToken​(String jwtAccessToken)
        Set the newly issued access token in JWT format.
        Parameters:
        jwtAccessToken - The newly issued access token in JWT format.
        Since:
        2.37

      • getAccessTokenResources

        public URI[] getAccessTokenResources()
        Get the target resources of the access token.

        See "Resource Indicators for OAuth 2.0" for details.

        Returns:
        The target resources of the access token.
        Since:
        2.62

      • setAccessTokenResources

        public void setAccessTokenResources​(URI[] resources)
        Set the target resources of the access token.

        See "Resource Indicators for OAuth 2.0" for details.

        Parameters:
        resources - The target resources of the access token.
        Since:
        2.62

      • getAuthorizationDetails

        public AuthzDetails getAuthorizationDetails()
        Get the authorization details. This represents the value of the "authorization_details" request parameter which is defined in "OAuth 2.0 Rich Authorization Requests".
        Returns:
        Authorization details.
        Since:
        2.56

      • setAuthorizationDetails

        public void setAuthorizationDetails​(AuthzDetails details)
        Set the authorization details. This represents the value of the "authorization_details" request parameter which is defined in "OAuth 2.0 Rich Authorization Requests".
        Parameters:
        details - Authorization details.
        Since:
        2.56

      • getServiceAttributes

        public Pair[] getServiceAttributes()
        Get the attributes of the service that the client application belongs to.

        This property is available since Authlete 2.2.

        Returns:
        The attributes of the service.
        Since:
        2.88

      • setServiceAttributes

        public void setServiceAttributes​(Pair[] attributes)
        Set the attributes of the service that the client application belongs to.

        This property is available since Authlete 2.2.

        Parameters:
        attributes - The attributes of the service.
        Since:
        2.88

      • getClientAttributes

        public Pair[] getClientAttributes()
        Get the attributes of the client.

        This property is available since Authlete 2.2.

        Returns:
        The attributes of the client.
        Since:
        2.88

      • setClientAttributes

        public void setClientAttributes​(Pair[] attributes)
        Set the attributes of the client.

        This property is available since Authlete 2.2.

        Parameters:
        attributes - The attributes of the client.
        Since:
        2.88

      • getRefreshTokenScopes

        public String[] getRefreshTokenScopes()
        Get the scopes associated with the refresh token.
        Returns:
        The scopes associated with the refresh token. May be null.
        Since:
        3.89, Authlete API 3.0

      • setRefreshTokenScopes

        public void setRefreshTokenScopes​(String[] refreshTokenScopes)
        Set the scopes associated with the refresh token.
        Parameters:
        refreshTokenScopes - The scopes associated with the refresh token.
        Since:
        3.89, Authlete API 3.0