Class ClientCredentialsOAuth2ClientFilterHeaplet
- java.lang.Object
-
- org.forgerock.openig.heap.GenericHeaplet
-
- org.forgerock.openig.filter.oauth2.client.ClientCredentialsOAuth2ClientFilterHeaplet
-
- All Implemented Interfaces:
Heaplet
public class ClientCredentialsOAuth2ClientFilterHeaplet extends GenericHeaplet
Creates and initializes aFilter
supporting the transformation of client credentials to an access_token. This filter also supports refresh of the access_token as required. The configured client credentials are used to obtain the access_token, which is then added into the request's Authorization header.The
ClientCredentialsOAuth2ClientFilterHeaplet
has the following configuration:{ "type": "ClientCredentialsOAuth2ClientFilter", "config": { <inherited configuration settings from BearerTokenOAuth2ClientFilterHeaplet> "clientSecretId" : secret-id [Deprecated since 7.2 - see (1).] "secretsProvider" : secrets provider [Deprecated since 7.2 - see (1).] "handler" : handler [Deprecated since 7.2 - see (2).] } }
clientSecretId
andsecretsProvider
are deprecated and supplied for backward compatibility only. If used, then both must be provided to obtain the client secret which authenticates usingclient_secret_basic
. Please prefer adding a client authentication filter to yourhandler
configuration instead. See client-secret based authentication filter heapletsClientSecretBasicAuthenticationFilterHeaplet
andClientSecretPostAuthenticationFilterHeaplet
handler
has been deprecated and supplied for backward compatibility only. Please prefer to useendpointHandler
instead.
- See Also:
- RFC 6749 - Client Credentials Grant
-
-
Constructor Summary
Constructors Constructor Description ClientCredentialsOAuth2ClientFilterHeaplet()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected String
clientId()
Object
create()
Called to request the heaplet create an object.protected GrantTypeHandler
createGrantTypeHandler()
protected JsonValue
getEndpointHandlerConfig()
protected Handler
getOrDefaultEndpointHandler()
protected Set<String>
scopes()
-
Methods inherited from class org.forgerock.openig.heap.GenericHeaplet
create, destroy, endpointRegistry, evaluatedWithHeapProperties, expression, getConfig, getHeap, getSecretService, getSecretsProvider, getType, initialBindings, meterRegistryHolder, start
-
-
-
-
Method Detail
-
createGrantTypeHandler
protected GrantTypeHandler createGrantTypeHandler()
-
getEndpointHandlerConfig
protected JsonValue getEndpointHandlerConfig()
-
getOrDefaultEndpointHandler
protected Handler getOrDefaultEndpointHandler() throws HeapException
- Throws:
HeapException
-
create
public Object create() throws HeapException
Description copied from class:GenericHeaplet
Called to request the heaplet create an object. Called byHeaplet.create(Name, JsonValue, Heap)
after initializing the protected field members. Implementations should parse configuration but not acquire resources, start threads, or log any initialization messages. These tasks should be performed by theGenericHeaplet.start()
method.- Specified by:
create
in classGenericHeaplet
- Returns:
- The created object.
- Throws:
HeapException
- if an exception occurred during creation of the heap object or any of its dependencies.
-
clientId
protected String clientId()
-
-