Package org.forgerock.http.oauth2

Interface AccessTokenResolver

All Known Implementing Classes:
CachingAccessTokenResolver, OpenAmAccessTokenResolver, TokenIntrospectionAccessTokenResolver
public interface AccessTokenResolver
Resolves a given token against a dedicated OAuth2 Identity Provider (OpenAM, Google, Facebook, ...). The AccessTokenResolver is responsible for validating the token (dates, iss, ...), except token scopes which are validated by the ResourceServerFilter.

  • Method Details

    • resolve

      @Deprecated(forRemoval=true, since="26.2.0") default Promise<AccessTokenInfo,AccessTokenException> resolve(Context context, String token)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Use resolve(Context, Supplier, String) instead.
      Resolves a given access token against an authorization server.
      Parameters:
      context - Context chain used to keep a relationship between requests (tracking)
      token - token identifier to be resolved
      Returns:
      a promise completed either with a valid AccessTokenInfo (well-formed, known by the server), or by an exception

    • resolve

      default Promise<AccessTokenInfo,AccessTokenException> resolve(Context context, Supplier<Request,IOException> request, String token)
      Resolves a given access token against an authorization server.
      Parameters:
      context - Context chain used to keep a relationship between requests (tracking)
      request - a supplier for the HTTP request the access token was presented on. The request should be defensively copied by the caller in case the resolver needs to consume the entity.
      token - token identifier to be resolved
      Returns:
      a promise completed either with a valid AccessTokenInfo (well-formed, known by the server), or by an exception