Module one.jpro.platform.auth.core
Package one.jpro.platform.auth.core.oauth2

Class OAuth2API

java.lang.Object
one.jpro.platform.auth.core.oauth2.OAuth2API
public class OAuth2API extends Object
OAuth2 API provides the required functionalities to interact with an OAuth2 provider.

  • Field Details

    • options

      @NotNull protected final @NotNull OAuth2Options options

  • Constructor Details

    • OAuth2API

      public OAuth2API(@NotNull @NotNull OAuth2Options options)
      Creates an OAuth2 API object.
      Parameters:
      options - the OAuth2 options

  • Method Details

    • getOptions

      @NotNull public @NotNull OAuth2Options getOptions()
      Returns the options used to configure this API.
      Returns:
      an OAuth2 options object

    • authorizeURL

      public String authorizeURL(@NotNull @NotNull OAuth2Credentials credentials)
      The client sends the end-user's browser to this endpoint to request their authentication and consent. This endpoint is used in the code and implicit OAuth 2.0 flows which require end-user interaction.
      Parameters:
      credentials - the credentials to be used to authorize the user.
      Returns:
      the url to be used to authorize the user.
      See Also:

    • token

      public CompletableFuture<org.json.JSONObject> token(String grantType, org.json.JSONObject params)
      Post an OAuth 2.0 grant (code, refresh token, resource owner password credentials, client credentials) to obtain an ID and / or access token.
      Parameters:
      grantType - the grant type.
      params - the parameters to be sent.
      See Also:

    • tokenIntrospection

      public CompletableFuture<org.json.JSONObject> tokenIntrospection(String tokenType, String token)
      Determine the active state of an OAuth 2.0 token and to determine meta-information about this token.
      Parameters:
      tokenType - the type of the token to be introspected.
      token - the token to be introspected.
      See Also:

    • tokenRevocation

      public CompletableFuture<Void> tokenRevocation(@NotNull @NotNull String tokenType, @NotNull @NotNull String token)
      Revoke an obtained access or refresh token.
      Parameters:
      tokenType - the type of the token to be revoked.
      token - the token to be revoked.
      See Also:

    • userInfo

      public CompletableFuture<org.json.JSONObject> userInfo(String accessToken)
      Retrieve user information and other attributes for a logged-in end-user.
      Parameters:
      accessToken - the access token
      Returns:
      the user information wrapped in a JSON object
      See Also:

    • jwkSet

      public CompletableFuture<org.json.JSONObject> jwkSet()
      Retrieve the public server JSON Web Key (JWK) required to verify the authenticity of issued ID and access tokens.

    • discover

      public CompletableFuture<OpenIDAuthenticationProvider> discover(javafx.stage.Stage stage, OAuth2Options config)
      The discovery will use the given site in the configuration options and attempt to load the well-known descriptor.
      Parameters:
      stage - the JavaFX application stage
      config - the initial options, it should contain the site url
      Returns:
      an OAuth2 provider configured with the discovered option values
      See Also:

    • logout

      public CompletableFuture<Void> logout(@NotNull @NotNull String accessToken, @Nullable @Nullable String refreshToken)
      Logout the user from the OAuth2 provider.
      Parameters:
      accessToken - the access token
      refreshToken - the refresh token

    • fetch

      protected CompletableFuture<HttpResponse<String>> fetch(HttpMethod method, String path, org.json.JSONObject headers, String payload)
      Base method to fetch the required information from the OAuth2 provider.
      Parameters:
      method - the HTTP method to use
      path - the path to fetch
      headers - the headers to send
      payload - the payload to send
      Returns:
      an asynchronous http response wrapped in a completable future