Package com.authlete.jaxrs

Class BaseResourceEndpoint

    • Constructor Detail

      • BaseResourceEndpoint

        public BaseResourceEndpoint()

    • Method Detail

      • extractAccessToken

        public String extractAccessToken​(String authorization,
                                 String accessTokenInRequestParameters)
        Extract an access token from either Authorization header or request parameters.

        The first argument expects a value of Authorization header that complies with RFC 6750 (Bearer Token Usage). If the argument contains an access token, this method returns the access token without checking the second argument.

        The second argument expects a value of access_token request parameter. The value of this argument is returned when the first argument does not contain an access token.

        Parameters:
        authorization - A value of Authorization header whose scheme is Bearer or DPoP. For example, "Bearer SlAV32hkKG".
        accessTokenInRequestParameters - A value of access_token request parameter.
        Returns:
        An access token.

      • validateAccessToken

        public AccessTokenInfo validateAccessToken​(com.authlete.common.api.AuthleteApi api,
                                           String accessToken)
                                    throws javax.ws.rs.WebApplicationException
        Validate an access token. This method is an alias of validateAccessToken (api, accessToken, (Options)null).
        Parameters:
        api - Implementation of AuthleteApi interface.
        accessToken - An access token to validate.
        Returns:
        Information about the access token.
        Throws:
        javax.ws.rs.WebApplicationException - The access token is invalid. To be concrete, the access token does not exist or it has expired.

      • validateAccessToken

        public AccessTokenInfo validateAccessToken​(com.authlete.common.api.AuthleteApi api,
                                           String accessToken,
                                           com.authlete.common.api.Options options)
                                    throws javax.ws.rs.WebApplicationException
        Validate an access token. This method is an alias of validateAccessToken (api, accessToken, null, options).
        Parameters:
        api - Implementation of AuthleteApi interface.
        accessToken - An access token to validate.
        options - The request options for the /api/auth/introspection API.
        Returns:
        Information about the access token.
        Throws:
        javax.ws.rs.WebApplicationException - The access token is invalid. To be concrete, the access token does not exist or it has expired.
        Since:
        2.82

      • validateAccessToken

        public AccessTokenInfo validateAccessToken​(com.authlete.common.api.AuthleteApi api,
                                           String accessToken,
                                           String[] requiredScopes)
                                    throws javax.ws.rs.WebApplicationException
        Validate an access token. This method is an alias of validateAccessToken (api, accessToken, requiredScopes, (Options)null).
        Parameters:
        api - Implementation of AuthleteApi interface.
        accessToken - An access token to validate.
        requiredScopes - Scopes that must be associated with the access token. null is okay.
        Returns:
        Information about the access token.
        Throws:
        javax.ws.rs.WebApplicationException - The access token is invalid. To be concrete, one or more of the following conditions meet.
        1. The access token does not exist.
        2. The access token has expired.
        3. The access token does not cover the required scopes.

      • validateAccessToken

        public AccessTokenInfo validateAccessToken​(com.authlete.common.api.AuthleteApi api,
                                           String accessToken,
                                           String[] requiredScopes,
                                           com.authlete.common.api.Options options)
                                    throws javax.ws.rs.WebApplicationException
        Validate an access token. This method is an alias of validateAccessToken(api, accessToken, requiredScopes, null, options).
        Parameters:
        api - Implementation of AuthleteApi interface.
        accessToken - An access token to validate.
        requiredScopes - Scopes that must be associated with the access token. null is okay.
        options - The request options for the /api/auth/introspection API.
        Returns:
        Information about the access token.
        Throws:
        javax.ws.rs.WebApplicationException - The access token is invalid. To be concrete, one or more of the following conditions meet.
        1. The access token does not exist.
        2. The access token has expired.
        3. The access token does not cover the required scopes.
        Since:
        2.82

      • validateAccessToken

        public AccessTokenInfo validateAccessToken​(com.authlete.common.api.AuthleteApi api,
                                           String accessToken,
                                           String[] requiredScopes,
                                           String requiredSubject)
                                    throws javax.ws.rs.WebApplicationException
        Validate an access token. This method is an alias of validateAccessToken(api, accessToken, requiredScopes, requiredSubject, (Options)null).
        Parameters:
        api - Implementation of AuthleteApi interface.
        accessToken - An access token to validate.
        requiredScopes - Scopes that must be associated with the access token. null is okay.
        requiredSubject - Subject (= user's unique identifier) that must be associated with the access token. null is okay.
        Returns:
        Information about the access token.
        Throws:
        javax.ws.rs.WebApplicationException - The access token is invalid. To be concrete, one or more of the following conditions meet.
        1. The access token does not exist.
        2. The access token has expired.
        3. The access token does not cover the required scopes.

      • validateAccessToken

        public AccessTokenInfo validateAccessToken​(com.authlete.common.api.AuthleteApi api,
                                           String accessToken,
                                           String[] requiredScopes,
                                           String requiredSubject,
                                           com.authlete.common.api.Options options)
                                    throws javax.ws.rs.WebApplicationException
        Validate an access token. This method is an alias of validateAccessToken(api, accessToken, requiredScopes, requiredSubject, null, null).
        Parameters:
        api - Implementation of AuthleteApi interface.
        accessToken - An access token to validate.
        requiredScopes - Scopes that must be associated with the access token. null is okay.
        requiredSubject - Subject (= user's unique identifier) that must be associated with the access token. null is okay.
        options - The request options for the /api/auth/introspection API.
        Returns:
        Information about the access token.
        Throws:
        javax.ws.rs.WebApplicationException - The access token is invalid. To be concrete, one or more of the following conditions meet.
        1. The access token does not exist.
        2. The access token has expired.
        3. The access token does not cover the required scopes.
        Since:
        2.82

      • validateAccessToken

        public AccessTokenInfo validateAccessToken​(com.authlete.common.api.AuthleteApi api,
                                           String accessToken,
                                           String[] requiredScopes,
                                           String requiredSubject,
                                           String clientCertificate)
                                    throws javax.ws.rs.WebApplicationException
        Validate an access token. This method is an alias of validateAccessToken(api, accessToken, requiredScopes, requiredSubject, clientCertificate, null).
        Parameters:
        api - Implementation of AuthleteApi interface.
        accessToken - An access token to validate.
        requiredScopes - Scopes that must be associated with the access token. null is okay.
        requiredSubject - Subject (= user's unique identifier) that must be associated with the access token. null is okay.
        clientCertificate - TLS Certificate of the client presented during a call to the resource server, used with TLS-bound access tokens. Can be null if no certificate is presented.
        Returns:
        Information about the access token.
        Throws:
        javax.ws.rs.WebApplicationException - The access token is invalid. To be concrete, one or more of the following conditions meet.
        1. The access token does not exist.
        2. The access token has expired.
        3. The access token does not cover the required scopes.
        4. The access token is not associated with the required subject.
        5. The access token is bound to a client certificate, but the given one does not match.
        Since:
        2.8

      • validateAccessToken

        public AccessTokenInfo validateAccessToken​(com.authlete.common.api.AuthleteApi api,
                                           String accessToken,
                                           String[] requiredScopes,
                                           String requiredSubject,
                                           String clientCertificate,
                                           com.authlete.common.api.Options options)
                                    throws javax.ws.rs.WebApplicationException
        Validate an access token. This method is an alias of the validateAccessToken(AuthleteApi, AccessTokenValidator.Params) method.
        Parameters:
        api - Implementation of AuthleteApi interface.
        accessToken - An access token to validate.
        requiredScopes - Scopes that must be associated with the access token. null is okay.
        requiredSubject - Subject (= user's unique identifier) that must be associated with the access token. null is okay.
        clientCertificate - TLS Certificate of the client presented during a call to the resource server, used with TLS-bound access tokens. Can be null if no certificate is presented.
        options - The request options for the /api/auth/introspection API.
        Returns:
        Information about the access token.
        Throws:
        javax.ws.rs.WebApplicationException - The access token is invalid. To be concrete, one or more of the following conditions meet.
        1. The access token does not exist.
        2. The access token has expired.
        3. The access token does not cover the required scopes.
        4. The access token is not associated with the required subject.
        5. The access token is bound to a client certificate, but the given one does not match.
        Since:
        2.82

      • validateAccessToken

        public AccessTokenInfo validateAccessToken​(com.authlete.common.api.AuthleteApi api,
                                           AccessTokenValidator.Params params)
                                    throws javax.ws.rs.WebApplicationException
        Validate an access token. This method is an alias of validateAccessToken (api, params, null).
        Parameters:
        api - Implementation of AuthleteApi interface.
        params - Parameters needed for access token validation.
        Returns:
        Information about the access token.
        Throws:
        javax.ws.rs.WebApplicationException - The Access Token is invalid.
        Since:
        2.27

      • validateAccessToken

        public AccessTokenInfo validateAccessToken​(com.authlete.common.api.AuthleteApi api,
                                           AccessTokenValidator.Params params,
                                           com.authlete.common.api.Options options)
                                    throws javax.ws.rs.WebApplicationException
        Validate an access token.
        Parameters:
        api - Implementation of AuthleteApi interface.
        params - Parameters needed for access token validation.
        options - The request options for the /api/auth/introspection API.
        Returns:
        Information about the access token.
        Throws:
        javax.ws.rs.WebApplicationException - The Access Token is invalid.
        Since:
        2.82

      • validateAccessToken

        public com.authlete.common.dto.IntrospectionResponse validateAccessToken​(com.authlete.common.api.AuthleteApi api,
                                                                         com.authlete.common.dto.IntrospectionRequest request)
                                                                  throws javax.ws.rs.WebApplicationException
        Throws:
        javax.ws.rs.WebApplicationException

      • validateAccessToken

        public com.authlete.common.dto.IntrospectionResponse validateAccessToken​(com.authlete.common.api.AuthleteApi api,
                                                                         com.authlete.common.dto.IntrospectionRequest request,
                                                                         com.authlete.common.api.Options options)
                                                                  throws javax.ws.rs.WebApplicationException
        Throws:
        javax.ws.rs.WebApplicationException