Package io.jans.as.client

Class AuthorizeClient

  • public class AuthorizeClient
extends BaseClient<AuthorizationRequest,​AuthorizationResponse>
    Encapsulates functionality to make authorization request calls to an authorization server via REST Services.
    Version:
    November 12, 2021
    Author:
    Javier Rojas Blum

    • Constructor Detail

      • AuthorizeClient

        public AuthorizeClient​(String url)
        Constructs an authorize client by providing a REST url where the authorize service is located.
        Parameters:
        url - The REST Service location.

    • Method Detail

      • execAuthorizationCodeGrant

        public AuthorizationResponse execAuthorizationCodeGrant​(String clientId,
                                                        List<String> scopes,
                                                        String redirectUri,
                                                        String nonce,
                                                        String state,
                                                        String req,
                                                        String reqUri,
                                                        io.jans.as.model.common.Display display,
                                                        List<io.jans.as.model.common.Prompt> prompt)
        The authorization code grant type is used to obtain both access tokens and refresh tokens and is optimized for confidential clients. As a redirection-based flow, the client must be capable of interacting with the resource owner's user-agent (typically a web browser) and capable of receiving incoming requests (via redirection) from the authorization server.
        Parameters:
        clientId - The client identifier. This parameter is required.
        scopes - The scope of the access request. This parameter is optional.
        redirectUri - The redirection URI. This parameter is optional.
        nonce - A string value used to associate a user agent session with an ID Token, and to mitigate replay attacks. forgery. This parameter is recommended.
        state - An opaque value used by the client to maintain state between the request and callback. The authorization server includes this value when redirecting the user-agent back to the client. The parameter should be used for preventing cross-site request forgery.
        req - A JWT encoded OpenID Request Object.
        reqUri - An URL that points to an OpenID Request Object.
        display - An ASCII string value that specifies how the Authorization Server displays the authentication page to the End-User.
        prompt - A space delimited list of ASCII strings that can contain the values login, consent, select_account, and none.
        Returns:
        The authorization response.

      • execImplicitGrant

        @Deprecated
public AuthorizationResponse execImplicitGrant​(String clientId,
                                               List<String> scopes,
                                               String redirectUri,
                                               String nonce,
                                               String state,
                                               String req,
                                               String reqUri,
                                               io.jans.as.model.common.Display display,
                                               List<io.jans.as.model.common.Prompt> prompt)
        Deprecated.

        The implicit grant type is used to obtain access tokens (it does not support the issuance of refresh tokens) and is optimized for public clients known to operate a particular redirection URI. These clients are typically implemented in a browser using a scripting language such as JavaScript.

        As a redirection-based flow, the client must be capable of interacting with the resource owner's user-agent (typically a web browser) and capable of receiving incoming requests (via redirection) from the authorization server.

        Unlike the authorization code grant type in which the client makes separate requests for authorization and access token, the client receives the access token as the result of the authorization request.

        The implicit grant type does not include client authentication, and relies on the presence of the resource owner and the registration of the redirection URI. Because the access token is encoded into the redirection URI, it may be exposed to the resource owner and other applications residing on its device.

        Parameters:
        clientId - The client identifier. This parameter is required.
        scopes - The scope of the access request. This parameter is optional.
        redirectUri - The redirection URI. This parameter is optional.
        nonce - A string value used to associate a user agent session with an ID Token, and to mitigate replay attacks. forgery. This parameter is recommended.
        state - An opaque value used by the client to maintain state between the request and callback. The authorization server includes this value when redirecting the user-agent back to the client. The parameter should be used for preventing cross-site request forgery.
        req - A JWT encoded OpenID Request Object.
        reqUri - An URL that points to an OpenID Request Object.
        display - An ASCII string value that specifies how the Authorization Server displays the authentication page to the End-User.
        prompt - A space delimited list of ASCII strings that can contain the values login, consent, select_account, and none.
        Returns:
        The authorization response.

      • exec

        public AuthorizationResponse exec()
        Executes the call to the REST Service and processes the response.
        Returns:
        The authorization response.

      • exec

        @Deprecated
public AuthorizationResponse exec​(org.jboss.resteasy.client.jaxrs.ClientHttpEngine engine)
        Deprecated.
        Engine should be shared between clients