ImplicitGrant (Jans authentication server 1.1.0 API)

java.lang.Object
- io.jans.as.server.model.common.AbstractAuthorizationGrant
- - io.jans.as.server.model.common.AuthorizationGrant
  - - io.jans.as.server.model.common.ImplicitGrant

All Implemented Interfaces:

IAuthorizationGrant
```
public class ImplicitGrant
extends AuthorizationGrant
```
The implicit grant is a simplified authorization code flow optimized for clients implemented in a browser using a scripting language such as JavaScript. In the implicit flow, instead of issuing the client an authorization code, the client is issued an access token directly (as the result of the resource owner authorization). The grant type is implicit as no intermediate credentials (such as an authorization code) are issued (and later used to obtain an access token).

When issuing an implicit grant, the authorization server does not authenticate the client. In some cases, the client identity can be verified via the redirection URI used to deliver the access token to the client. The access token may be exposed to the resource owner or other applications with access to the resource owner's user-agent.

Implicit grants improve the responsiveness and efficiency of some clients (such as a client implemented as an in-browser application) since it reduces the number of round trips required to obtain an access token. However, this convenience should be weighed against the security implications of using implicit grants, especially when the authorization code grant type is available.

Version:

September 30, 2021

Author:

Javier Rojas Blum, Yuriy Movchan

Field Summary
- Fields inherited from class io.jans.as.server.model.common.AbstractAuthorizationGrant
  accessTokens, appConfiguration, refreshTokens, scopeChecker, txTokens

Constructor Summary

Constructors
Constructor	Description
`ImplicitGrant()`
`ImplicitGrant(io.jans.as.common.model.common.User user, io.jans.as.common.model.registration.Client client, Date authenticationTime)`	Constructs an implicit grant.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`RefreshToken`	`createRefreshToken(ExecutionContext executionContext)`	The authorization server MUST NOT issue a refresh token.
`io.jans.as.model.common.GrantType`	`getGrantType()`
`void`	`init(io.jans.as.common.model.common.User user, io.jans.as.common.model.registration.Client client, Date authenticationTime)`

Methods inherited from class io.jans.as.server.model.common.AuthorizationGrant
asToken, asToken, asToken, asToken, asToken, asTokenEntity, checkExpiredTokens, checkScopesPolicy, createAccessToken, createAccessTokenAsJwt, createIdToken, createRefreshToken, createRefreshToken, getScopesAsString, getSub, init, isCachedWithNoPersistence, isImplicitFlow, persist, persist, revokeAllTokens, save, setIsCachedWithNoPersistence

Methods inherited from class io.jans.as.server.model.common.AbstractAuthorizationGrant
getAccessToken, getAccessTokenLifetimeInSeconds, getAccessTokens, getAccessTokensCodes, getAcrValues, getAuthenticationTime, getAuthorizationCode, getAuthorizationGrantType, getAuthzDetails, getAuthzDetailsAsString, getClaims, getClient, getClientDn, getClientId, getCodeChallenge, getCodeChallengeMethod, getDpopJkt, getGrantId, getIdToken, getJwtAuthorizationRequest, getLongLivedAccessToken, getNonce, getRefreshToken, getRefreshTokens, getRefreshTokensCodes, getScopes, getSessionDn, getTokenBindingHash, getTokenEntity, getTxToken, getTxTokens, getUser, getUserDn, getUserId, getX5ts256, setAccessTokens, setAcrValues, setAuthenticationTime, setAuthorizationCode, setAuthzDetails, setClaims, setCodeChallenge, setCodeChallengeMethod, setDpopJkt, setGrantId, setIdToken, setJwtAuthorizationRequest, setLongLivedAccessToken, setNonce, setRefreshTokens, setScopes, setSessionDn, setTokenBindingHash, setTokenEntity, setTxTokens, setX5ts256, toString

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

- Constructor Detail
  - ImplicitGrant
```
public ImplicitGrant()
```
  - ImplicitGrant
```
public ImplicitGrant(io.jans.as.common.model.common.User user,
                     io.jans.as.common.model.registration.Client client,
                     Date authenticationTime)
```
    Constructs an implicit grant.
    
    Parameters:
    
    user - The resource owner.
    
    client - An application making protected resource requests on behalf of the resource owner and with its authorization.
    
    authenticationTime - The Claim Value is the number of seconds from 1970-01-01T0:0:0Z as measured in UTC until the date/time that the End-User authentication occurred.
- Method Detail
  - getGrantType
```
public io.jans.as.model.common.GrantType getGrantType()
```
  - init
```
public void init(io.jans.as.common.model.common.User user,
                 io.jans.as.common.model.registration.Client client,
                 Date authenticationTime)
```
  - createRefreshToken
```
public RefreshToken createRefreshToken(ExecutionContext executionContext)
```
    The authorization server MUST NOT issue a refresh token.
    
    Specified by:
    
    createRefreshToken in interface IAuthorizationGrant
    
    Overrides:
    
    createRefreshToken in class AuthorizationGrant