Class AuthorizeClient
- java.lang.Object
-
- io.jans.as.client.BaseClient<AuthorizationRequest,AuthorizationResponse>
-
- io.jans.as.client.AuthorizeClient
-
public class AuthorizeClient extends BaseClient<AuthorizationRequest,AuthorizationResponse>
Encapsulates functionality to make authorization request calls to an authorization server via REST Services.- Version:
- November 12, 2021
- Author:
- Javier Rojas Blum
-
-
Field Summary
-
Fields inherited from class io.jans.as.client.BaseClient
clientResponse, executor, request, requestForm, response, resteasyClient, webTarget
-
-
Constructor Summary
Constructors Constructor Description AuthorizeClient(java.lang.String url)
Constructs an authorize client by providing a REST url where the authorize service is located.
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description AuthorizationResponse
exec()
Executes the call to the REST Service and processes the response.AuthorizationResponse
exec(org.jboss.resteasy.client.jaxrs.ClientHttpEngine engine)
Deprecated.Engine should be shared between clientsAuthorizationResponse
execAuthorizationCodeGrant(java.lang.String clientId, java.util.List<java.lang.String> scopes, java.lang.String redirectUri, java.lang.String nonce, java.lang.String state, java.lang.String req, java.lang.String reqUri, io.jans.as.model.common.Display display, java.util.List<io.jans.as.model.common.Prompt> prompt)
The authorization code grant type is used to obtain both access tokens and refresh tokens and is optimized for confidential clients.AuthorizationResponse
execImplicitGrant(java.lang.String clientId, java.util.List<java.lang.String> scopes, java.lang.String redirectUri, java.lang.String nonce, java.lang.String state, java.lang.String req, java.lang.String reqUri, io.jans.as.model.common.Display display, java.util.List<io.jans.as.model.common.Prompt> prompt)
Deprecated.java.lang.String
getHttpMethod()
-
Methods inherited from class io.jans.as.client.BaseClient
addReqParam, addReqParam, applyCookies, closeConnection, getCookies, getExecutor, getHeaders, getRequest, getRequestAsString, getResponse, getResponseAsString, getUrl, initClient, prepareAuthorizatedClientRequest, setExecutor, setRequest, setResponse, setUrl
-
-
-
-
Method Detail
-
getHttpMethod
public java.lang.String getHttpMethod()
- Specified by:
getHttpMethod
in classBaseClient<AuthorizationRequest,AuthorizationResponse>
-
execAuthorizationCodeGrant
public AuthorizationResponse execAuthorizationCodeGrant(java.lang.String clientId, java.util.List<java.lang.String> scopes, java.lang.String redirectUri, java.lang.String nonce, java.lang.String state, java.lang.String req, java.lang.String reqUri, io.jans.as.model.common.Display display, java.util.List<io.jans.as.model.common.Prompt> prompt)
The authorization code grant type is used to obtain both access tokens and refresh tokens and is optimized for confidential clients. As a redirection-based flow, the client must be capable of interacting with the resource owner's user-agent (typically a web browser) and capable of receiving incoming requests (via redirection) from the authorization server.- Parameters:
clientId
- The client identifier. This parameter is required.scopes
- The scope of the access request. This parameter is optional.redirectUri
- The redirection URI. This parameter is optional.nonce
- A string value used to associate a user agent session with an ID Token, and to mitigate replay attacks. forgery. This parameter is recommended.state
- An opaque value used by the client to maintain state between the request and callback. The authorization server includes this value when redirecting the user-agent back to the client. The parameter should be used for preventing cross-site request forgery.req
- A JWT encoded OpenID Request Object.reqUri
- An URL that points to an OpenID Request Object.display
- An ASCII string value that specifies how the Authorization Server displays the authentication page to the End-User.prompt
- A space delimited list of ASCII strings that can contain the values login, consent, select_account, and none.- Returns:
- The authorization response.
-
execImplicitGrant
@Deprecated public AuthorizationResponse execImplicitGrant(java.lang.String clientId, java.util.List<java.lang.String> scopes, java.lang.String redirectUri, java.lang.String nonce, java.lang.String state, java.lang.String req, java.lang.String reqUri, io.jans.as.model.common.Display display, java.util.List<io.jans.as.model.common.Prompt> prompt)
Deprecated.The implicit grant type is used to obtain access tokens (it does not support the issuance of refresh tokens) and is optimized for public clients known to operate a particular redirection URI. These clients are typically implemented in a browser using a scripting language such as JavaScript.
As a redirection-based flow, the client must be capable of interacting with the resource owner's user-agent (typically a web browser) and capable of receiving incoming requests (via redirection) from the authorization server.
Unlike the authorization code grant type in which the client makes separate requests for authorization and access token, the client receives the access token as the result of the authorization request.
The implicit grant type does not include client authentication, and relies on the presence of the resource owner and the registration of the redirection URI. Because the access token is encoded into the redirection URI, it may be exposed to the resource owner and other applications residing on its device.
- Parameters:
clientId
- The client identifier. This parameter is required.scopes
- The scope of the access request. This parameter is optional.redirectUri
- The redirection URI. This parameter is optional.nonce
- A string value used to associate a user agent session with an ID Token, and to mitigate replay attacks. forgery. This parameter is recommended.state
- An opaque value used by the client to maintain state between the request and callback. The authorization server includes this value when redirecting the user-agent back to the client. The parameter should be used for preventing cross-site request forgery.req
- A JWT encoded OpenID Request Object.reqUri
- An URL that points to an OpenID Request Object.display
- An ASCII string value that specifies how the Authorization Server displays the authentication page to the End-User.prompt
- A space delimited list of ASCII strings that can contain the values login, consent, select_account, and none.- Returns:
- The authorization response.
-
exec
public AuthorizationResponse exec()
Executes the call to the REST Service and processes the response.- Returns:
- The authorization response.
-
exec
@Deprecated public AuthorizationResponse exec(org.jboss.resteasy.client.jaxrs.ClientHttpEngine engine)
Deprecated.Engine should be shared between clients
-
-