Package com.authlete.jaxrs.spi

Class DeviceCompleteRequestHandlerSpiAdapter

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      String getAcr()
      Get the authentication context class reference (ACR) that was satisfied when the end-user was authenticated.
      String getErrorDescription()
      Get the description of the error.
      URI getErrorUri()
      Get the URI of a document which describes the error in detail.
      com.authlete.common.dto.Property[] getProperties()
      Get extra properties to associate with an access token.
      com.authlete.common.dto.DeviceCompleteRequest.Result getResult()
      Get the result of end-user authentication and authorization.
      String[] getScopes()
      Get scopes to be associated with the access token.
      long getUserAuthenticatedAt()
      Get the time when the end-user was authenticated.
      Object getUserClaim​(String claimName)
      Get the value of a claim of the user.
      String getUserSubject()
      Get the subject (= unique identifier) of the end-user.
      javax.ws.rs.core.Response onInvalidRequest()
      Return a response to the end-user when the value of action parameter contained in the response from Authlete /api/device/complete API is INVALID_REQUEST, which means the API call is invalid and probably, the authorization server implementation has some bugs.
      javax.ws.rs.core.Response onServerError()
      Return a response to the end-user when the value of action parameter contained in the response from Authlete /api/device/complete API is SERVER_ERROR, which means an error occurred on Authlete side.
      javax.ws.rs.core.Response onSuccess()
      Return a response to the end-user when the value of action parameter contained in the response from Authlete /api/device/complete API is SUCCESS, which means the API call has been processed successfully.
      javax.ws.rs.core.Response onUserCodeExpired()
      Return a response to the end-user when the value of action parameter contained in the response from Authlete /api/device/complete API is USER_CODE_EXPIRED, which means the user code has expired.
      javax.ws.rs.core.Response onUserCodeNotExist()
      Return a response to the end-user when the value of action parameter contained in the response from Authlete /api/device/complete API is USER_CODE_NOT_EXIST, which means the user code does not exist.

    • Constructor Detail

      • DeviceCompleteRequestHandlerSpiAdapter

        public DeviceCompleteRequestHandlerSpiAdapter()

    • Method Detail

      • getUserSubject

        public String getUserSubject()
        Description copied from interface: DeviceCompleteRequestHandlerSpi
        Get the subject (= unique identifier) of the end-user. It must consist of only ASCII letters and its length must not exceed 100.

        In a typical case, the subject is a primary key or another unique ID of the record that represents the end-user in your user database.

        Specified by:
        getUserSubject in interface DeviceCompleteRequestHandlerSpi
        Returns:
        The subject (= unique identifier) of the end-user.

      • getScopes

        public String[] getScopes()
        Description copied from interface: DeviceCompleteRequestHandlerSpi
        Get scopes to be associated with the access token. If this method returns a non-null value, the set of scopes will be used instead of the scopes specified in the original device authorization request.
        Specified by:
        getScopes in interface DeviceCompleteRequestHandlerSpi
        Returns:
        Scopes to replace the scopes specified in the original device authorization request with. When null is returned from this method, replacement is not performed.

      • getProperties

        public com.authlete.common.dto.Property[] getProperties()
        Description copied from interface: DeviceCompleteRequestHandlerSpi
        Get extra properties to associate with an access token.

        This method is expected to return an array of extra properties. The following is an example that returns an array containing one extra property. 

         @Override
 public Property[] getProperties()
 {
     return new Property[] {
         new Property("example_parameter", "example_value")
     };
 }

        Extra properties returned from this method will appear as top-level entries in a JSON response from an authorization server as shown in 5.1. Successful Response in RFC 6749.

        Note that there is an upper limit on the total size of extra properties. On the server side, the properties will be (1) converted to a multidimensional string array, (2) converted to JSON, (3) encrypted by AES/CBC/PKCS5Padding, (4) encoded by base64url, and then stored into the database. The length of the resultant string must not exceed 65,535 in bytes. This is the upper limit, but we think it is big enough.

        Specified by:
        getProperties in interface DeviceCompleteRequestHandlerSpi
        Returns:
        Extra properties. If null is returned, any extra property will not be associated.

      • getErrorUri

        public URI getErrorUri()
        Description copied from interface: DeviceCompleteRequestHandlerSpi
        Get the URI of a document which describes the error in detail. This corresponds to the error_uri property in the response to the client.
        Specified by:
        getErrorUri in interface DeviceCompleteRequestHandlerSpi
        Returns:
        The URI of a document which describes the error in detail.

      • onSuccess

        public javax.ws.rs.core.Response onSuccess()
        Description copied from interface: DeviceCompleteRequestHandlerSpi
        Return a response to the end-user when the value of action parameter contained in the response from Authlete /api/device/complete API is SUCCESS, which means the API call has been processed successfully. Typically, the authorization server should return a successful response to the web browser the end-user is using.
        Specified by:
        onSuccess in interface DeviceCompleteRequestHandlerSpi
        Returns:
        A response to the end-user.

      • onInvalidRequest

        public javax.ws.rs.core.Response onInvalidRequest()
        Description copied from interface: DeviceCompleteRequestHandlerSpi
        Return a response to the end-user when the value of action parameter contained in the response from Authlete /api/device/complete API is INVALID_REQUEST, which means the API call is invalid and probably, the authorization server implementation has some bugs.
        Specified by:
        onInvalidRequest in interface DeviceCompleteRequestHandlerSpi
        Returns:
        A response to the end-user.

      • onUserCodeExpired

        public javax.ws.rs.core.Response onUserCodeExpired()
        Description copied from interface: DeviceCompleteRequestHandlerSpi
        Return a response to the end-user when the value of action parameter contained in the response from Authlete /api/device/complete API is USER_CODE_EXPIRED, which means the user code has expired. Typically, the authorization server implementation should tell the end-user that the user code has expired and urge her to re-initiate a device flow.
        Specified by:
        onUserCodeExpired in interface DeviceCompleteRequestHandlerSpi
        Returns:
        A response to the end-user.

      • onUserCodeNotExist

        public javax.ws.rs.core.Response onUserCodeNotExist()
        Description copied from interface: DeviceCompleteRequestHandlerSpi
        Return a response to the end-user when the value of action parameter contained in the response from Authlete /api/device/complete API is USER_CODE_NOT_EXIST, which means the user code does not exist. Typically, the authorization server implementation should tell the end-user that the user code has been invalidated and urge her to re-initiate a device flow.
        Specified by:
        onUserCodeNotExist in interface DeviceCompleteRequestHandlerSpi
        Returns:
        A response to the end-user.

      • onServerError

        public javax.ws.rs.core.Response onServerError()
        Description copied from interface: DeviceCompleteRequestHandlerSpi
        Return a response to the end-user when the value of action parameter contained in the response from Authlete /api/device/complete API is SERVER_ERROR, which means an error occurred on Authlete side. Typically, the authorization server implementation should tell the end-user that something wrong happened and urge her to re-initiate a device flow.
        Specified by:
        onServerError in interface DeviceCompleteRequestHandlerSpi
        Returns:
        A response to the end-user.