org.forgerock.http.oauth2 (OpenAM Server Only 7.4.1 Documentation)

This package provides APIs for OAuth 2.0 services implementations.

Included in the package is an OAuth 2.0 token validation filter that acts as an OAuth 2 Resource Server.

It ensures that there is an existing bearer access token in the request's headers.
It resolves the token against an Authorization Server (using a AccessTokenResolver implementation).
It performs the token validation: checking expiration time and required scopes compliance.

Interface Summary
Interface	Description
AccessTokenResolver	Resolves a given token against a dedicated OAuth2 Identity Provider (OpenAM, Google, Facebook, ...).
ResourceAccess	A `ResourceAccess` encapsulates the logic of required scope selection.

Class Summary
Class	Description
AccessTokenInfo	Represents an OAuth2 Access Token.
ClientSecretBasicAuthenticationFilter	Deprecated. since 26.2.
ClientSecretPostAuthenticationFilter	A `Filter` implementation to add the credentials to request body for authenticating as per the OAuth 2.0 Authorization Framework specification.
EncryptedPrivateKeyJwtClientAuthenticationFilter	A `Filter` implementation to add the client credentials to request as signed then encrypted private key jwt as per the OpenID Connect Client Authentication specification.
EncryptedPrivateKeyJwtClientAuthenticationFilter.Builder	Builder class for creating the Encrypted PrivateKey Jwt ClientAuthentication Filter.
OAuth2	OAuth2 utility class.
OAuth2Context	An `OAuth2Context` could be used to store and retrieve an `AccessTokenInfo`.
OAuth2Error	Describes an error which occurred during an OAuth 2.0 authorization request or when performing an authorized request.
PrivateKeyJwtClientAuthenticationFilter	A `Filter` implementation for adding the client credentials to request as signed private key jwt as per the OpenID Connect Client Authentication specification.
PrivateKeyJwtClientAuthenticationFilter.Builder<T extends PrivateKeyJwtClientAuthenticationFilter.Builder<T>>	Builder class for creating the PrivateKey Jwt ClientAuthentication Filter.
ResourceServerFilter	Validates a `Request` that contains an OAuth 2.0 access token.

Exception Summary
Exception Description

AccessTokenException
Represents an exception whilst retrieving an OAuth2 access token.