Package org.forgerock.oauth.clients.apple

Class AppleClient

java.lang.Object

org.forgerock.oauth.clients.oauth2.OAuth2Client<OpenIDConnectClientConfiguration>

org.forgerock.oauth.clients.oidc.OpenIDConnectClient

org.forgerock.oauth.clients.apple.AppleClient

All Implemented Interfaces:

OAuthClient

public class AppleClient
extends OpenIDConnectClient

Oauth 2.0 Client Implementation that supports Apple.

Field Summary

Fields

Modifier and Type	Field	Description
static final String	USER	Key for storing and retrieving the user info from the datastore.

Fields inherited from class org.forgerock.oauth.clients.oidc.OpenIDConnectClient

ACR_VALUES, AUD, CLAIMS, ID_TOKEN, NONCE, REQUEST, REQUEST_URI, SUB

Fields inherited from class org.forgerock.oauth.clients.oauth2.OAuth2Client

ACCEPT_HEADER, ACCESS_TOKEN, addExpireTime, APPLICATION_JSON, AUTHORIZATION_CODE, AUTHORIZATION_HEADER, BASIC_AUTH, BEARER_TOKEN, CLIENT_ID, CLIENT_SECRET, clock, CODE, DATA, EXPIRE_TIME, EXPIRES_IN, GRANT_TYPE, HTTP_GET, HTTP_POST, httpHandler, LANDING_PAGE, PKCE_CODE_CHALLENGE, PKCE_CODE_CHALLENGE_METHOD, PKCE_CODE_VERIFIER, random, REDIRECT_URI, REFRESH_TOKEN, RESPONSE_TYPE, SCOPE, STATE, TOKEN, TOKEN_TYPE, TOKEN_TYPE_HINT

Constructor Summary

Constructors

Constructor	Description
AppleClient(Handler httpHandler, AppleClientConfiguration config, Clock clock, SecureRandom random)	Constructs a AppleClient.
AppleClient(Handler httpHandler, AppleClientConfiguration config, Clock clock, SecureRandom random, OpenIdResolverService resolverService, OpenIdResolverServiceConfigurator serviceConfigurator)	Constructs a AppleClient.
AppleClient(Handler httpHandler, OpenIDConnectClientConfiguration config, Clock clock, SecureRandom random, OpenIdResolverService resolverService, OpenIdResolverServiceConfigurator serviceConfigurator)	Deprecated, for removal: This API element is subject to removal in a future version. use AppleClient(Handler, AppleClientConfiguration, Clock, SecureRandom, OpenIdResolverService, OpenIdResolverServiceConfigurator) instead.

Method Summary

Modifier and Type	Method	Description
Promise<UserInfo,OAuthException>	getUserInfo(DataStore dataStore)	Return the authenticated user's info from the external authentication server.
Promise<JsonValue,OAuthException>	handleNativePostAuth(Context context, DataStore dataStore, Map<String,List<String>> requestParameters)	Handle the data produced by the Auth Server as a result of a successful authentication and return the final redirect to the mobile device.
Promise<JsonValue,OAuthException>	handlePostAuth(DataStore dataStore, Map<String,List<String>> requestParameters)	Handle the data produced by the Auth Server as a result of a successful authentication and return the final redirect to the landing page specified in the OAuthClient.getAuthRedirect(DataStore, String, URI) call.

Methods inherited from class org.forgerock.oauth.clients.oidc.OpenIDConnectClient

buildQuery, createAuthRedirectUri, createAuthRedirectUri, createAuthRedirectUri, createNonce, createUserInfoFromIdTokenJwtClaims, getAuthRedirect, getJwtClaimsSet, getNonce, getSessionInfo, jwtClaimsAsJsonValue, mapToUserInfo, validateSub

Methods inherited from class org.forgerock.oauth.clients.oauth2.OAuth2Client

createAuthorizationState, createAuthRedirectUri, createPkceVerifier, createPostAuthResponse, createPostResponse, createRequestForIntrospectEndpoint, createRequestForTokenEndpoint, createRequestForTokenEndpoint, createRequestForTokenRefresh, createRequestForUserInfoEndpoint, getAccessToken, getAccessTokenInfo, getConfig, getFirstValueOrNull, getTokenEndpointHandler, mapToJsonValue, mapToUserInfo, refresh, storeResponse, throwIfNoClientSecret, validateClientId

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

USER

public static final String USER

Key for storing and retrieving the user info from the datastore.

See Also:

• Constant Field Values

Constructor Details

AppleClient

public AppleClient(Handler httpHandler,
 AppleClientConfiguration config,
 Clock clock,
 SecureRandom random)

Constructs a AppleClient.

Parameters:

httpHandler - handler used to make http calls to auth and resource servers

config - configuration used to drive the oauth flow

clock - Clock instance

random - used to generate opaque, cryptographically secure strings

AppleClient

@Deprecated(since="26.2.0",
            forRemoval=true)
public AppleClient(Handler httpHandler,
 OpenIDConnectClientConfiguration config,
 Clock clock,
 SecureRandom random,
 OpenIdResolverService resolverService,
 OpenIdResolverServiceConfigurator serviceConfigurator)

Deprecated, for removal: This API element is subject to removal in a future version.

use AppleClient(Handler, AppleClientConfiguration, Clock, SecureRandom, OpenIdResolverService, OpenIdResolverServiceConfigurator) instead.

Constructs a AppleClient.

Parameters:

httpHandler - handler used to make http calls to auth and resource servers

config - configuration used to drive the oauth flow

clock - Clock instance

random - used to generate opaque, cryptographically secure strings

resolverService - OpenIdResolverServiceImpl. OpenID resolvers instance that also contains the JwksStoreCache. By providing the same instance of resolvers for every OpenIdConnectClient the same JwksCache will be used

serviceConfigurator - OpenIdResolverServiceConfigurator

AppleClient

public AppleClient(Handler httpHandler,
 AppleClientConfiguration config,
 Clock clock,
 SecureRandom random,
 OpenIdResolverService resolverService,
 OpenIdResolverServiceConfigurator serviceConfigurator)

Constructs a AppleClient.

Parameters:

httpHandler - handler used to make http calls to auth and resource servers

config - configuration used to drive the oauth flow

clock - Clock instance

random - used to generate opaque, cryptographically secure strings

resolverService - OpenIdResolverServiceImpl. OpenID resolvers instance that also contains the JwksStoreCache. By providing the same instance of resolvers for every OpenIdConnectClient the same JwksCache will be used

serviceConfigurator - OpenIdResolverServiceConfigurator

Method Details

handlePostAuth

public Promise<JsonValue,OAuthException> handlePostAuth(DataStore dataStore,
 Map<String,List<String>> requestParameters)

Description copied from interface: OAuthClient

Handle the data produced by the Auth Server as a result of a successful authentication and return the final redirect to the landing page specified in the OAuthClient.getAuthRedirect(DataStore, String, URI) call. Validate the request as secure. The returned JsonValue response will also contain the data passed to OAuthClient.getAuthRedirect(DataStore, String, URI).

Specified by:

handlePostAuth in interface OAuthClient

Overrides:

handlePostAuth in class OpenIDConnectClient

Parameters:

dataStore - The data store that contains information about the OAuth interaction.

requestParameters - The request parameters containing the data produced by the external authentication server.

Returns:

Promise, with a type of JsonValue, containing the landing page and the data value that was stored in the data store during the OAuthClient.getAuthRedirect(DataStore, String, URI) call; Promise, with a type of OAuthException, when an error occurs.

handleNativePostAuth

public Promise<JsonValue,OAuthException> handleNativePostAuth(Context context,
 DataStore dataStore,
 Map<String,List<String>> requestParameters)

Description copied from interface: OAuthClient

Handle the data produced by the Auth Server as a result of a successful authentication and return the final redirect to the mobile device. Validate the request as secure. The returned JsonValue response will also contain the data passed to OAuthClient.getAuthRedirect(DataStore, String, URI).

Specified by:

handleNativePostAuth in interface OAuthClient

Overrides:

handleNativePostAuth in class OpenIDConnectClient

Parameters:

context - Context chain used to keep a relationship between requests (tracking)

dataStore - The data store that contains information about the OAuth interaction.

requestParameters - The parameters containing the data sent by the external mobile device.

Returns:

Promise, with a type of JsonValue, containing the data value that was stored in the data store during the OAuthClient.getAuthRedirect(DataStore, String, URI) call; Promise, with a type of OAuthException, when an error occurs.

getUserInfo

public Promise<UserInfo,OAuthException> getUserInfo(DataStore dataStore)

Description copied from interface: OAuthClient

Return the authenticated user's info from the external authentication server.

Specified by:

getUserInfo in interface OAuthClient

Overrides:

getUserInfo in class OpenIDConnectClient

Parameters:

dataStore - The data store that contains information about the OAuth interaction.

Returns:

Promise, with a type of UserInfo, containing the available user info. Promise, with a type of OAuthException, when an error occurs.