Class TokenController
java.lang.Object
org.wildfly.security.soteria.original.TokenController
Controller for Token endpoint
- Author:
- Gaurav Gupta, Rudy De Busscher
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionjakarta.ws.rs.core.ResponsegetTokens(jakarta.servlet.http.HttpServletRequest request) (4) A Client makes a token request to the token endpoint and the OpenId Provider responds with an ID Token and an Access Token.jakarta.ws.rs.core.ResponserefreshTokens(jakarta.security.enterprise.identitystore.openid.RefreshToken refreshToken) Makes a refresh request to the token endpoint and the OpenId Provider responds with a new (updated) Access Token and Refreshs Token.validateAccessToken(org.glassfish.soteria.mechanisms.openid.domain.AccessTokenImpl accessToken, com.nimbusds.jose.Algorithm idTokenAlgorithm, Map<String, Object> idTokenClaims) (5.2) Validate the Access Token and its claims and verify the signature.com.nimbusds.jwt.JWTClaimsSetvalidateIdToken(org.glassfish.soteria.mechanisms.openid.domain.IdentityTokenImpl idToken, jakarta.security.enterprise.authentication.mechanism.http.HttpMessageContext httpContext) (5.1) Validate Id Token's claims and verify ID Token's signature.com.nimbusds.jwt.JWTClaimsSetvalidateRefreshedIdToken(jakarta.security.enterprise.identitystore.openid.IdentityToken previousIdToken, org.glassfish.soteria.mechanisms.openid.domain.IdentityTokenImpl newIdToken) Validate Id Token received from Successful Refresh Response.
-
Constructor Details
-
TokenController
public TokenController()
-
-
Method Details
-
getTokens
public jakarta.ws.rs.core.Response getTokens(jakarta.servlet.http.HttpServletRequest request) (4) A Client makes a token request to the token endpoint and the OpenId Provider responds with an ID Token and an Access Token.- Parameters:
request-- Returns:
- a JSON object representation of OpenID Connect token response from the Token endpoint.
-
validateIdToken
public com.nimbusds.jwt.JWTClaimsSet validateIdToken(org.glassfish.soteria.mechanisms.openid.domain.IdentityTokenImpl idToken, jakarta.security.enterprise.authentication.mechanism.http.HttpMessageContext httpContext) (5.1) Validate Id Token's claims and verify ID Token's signature.- Parameters:
idToken-httpContext-- Returns:
- JWT Claims
-
validateRefreshedIdToken
public com.nimbusds.jwt.JWTClaimsSet validateRefreshedIdToken(jakarta.security.enterprise.identitystore.openid.IdentityToken previousIdToken, org.glassfish.soteria.mechanisms.openid.domain.IdentityTokenImpl newIdToken) Validate Id Token received from Successful Refresh Response.- Parameters:
previousIdToken-newIdToken-- Returns:
- JWT Claims
-
validateAccessToken
public Map<String,Object> validateAccessToken(org.glassfish.soteria.mechanisms.openid.domain.AccessTokenImpl accessToken, com.nimbusds.jose.Algorithm idTokenAlgorithm, Map<String, Object> idTokenClaims) (5.2) Validate the Access Token and its claims and verify the signature.- Parameters:
accessToken-idTokenAlgorithm-idTokenClaims-- Returns:
- JWT Claims
-
refreshTokens
public jakarta.ws.rs.core.Response refreshTokens(jakarta.security.enterprise.identitystore.openid.RefreshToken refreshToken) Makes a refresh request to the token endpoint and the OpenId Provider responds with a new (updated) Access Token and Refreshs Token.- Parameters:
refreshToken- Refresh Token received from previous token request.- Returns:
- a JSON object representation of OpenID Connect token response from the Token endpoint.
-