Package org.forgerock.openig.filter.oauth2

package org.forgerock.openig.filter.oauth2

This package contains the OAuth2 Token validation filter that acts as an OAuth 2 Resource Server.

• It ensure that there is an existing bearer access token in the request's headers.
• It resolves it against a given Authorization Server (that must provide a token-info endpoint).
  • Produced AccessTokenInfo are cached for future re-use.
  • Produced AccessTokenInfo are stored in the AttributesContext for downstream handlers/filters.
• It performs token validation: checking expiration time and required scopes compliance.

Related Packages

Package	Description
org.forgerock.openig.filter	Filters the requests and/or responses of HTTP.
org.forgerock.openig.filter.oauth2.client	OAuth 2.0 Client filter implementation.
org.forgerock.openig.filter.oauth2.cnf	JWT confirmation key support for access tokens.
org.forgerock.openig.filter.oauth2.decoration	Decoration for the oauth2 package: AccessTokenResolver, etc.
org.forgerock.openig.filter.allow	Filters the HTTP request using a declarative configuration model based on a chain of predicates to validate.
org.forgerock.openig.filter.circuitbreaker	This package contains the components used to implement circuit breaking.
org.forgerock.openig.filter.finance	Support for financial APIs (Open Banking, PSD2, Berlin Group, ...).
org.forgerock.openig.filter.jwt	This package contains the components used to implement some JWT related filter.
org.forgerock.openig.filter.throttling	This package contains the components used to implement a throttling rate support.

Classes

Class	Description
CacheAccessTokenResolverTypeProvider	Provide a TypeDefinitionProvider for CacheAccessTokenResolver.
CaffeineCacheAccessTokenResolver	A CaffeineCacheAccessTokenResolver is a delegating AccessTokenResolver that uses a write-through Caffeine cache to enable fast AccessTokenInfo resolution.
CaffeineCacheAccessTokenResolver.Builder	Builder of CaffeineCacheAccessTokenResolver.
CaffeineCacheAccessTokenResolver.Heaplet	Creates and initializes an CaffeineCacheAccessTokenResolver in the heap environment.
OAuth2ClassAliasResolver	Register all the aliases supported by the openig-oauth2 module.
OAuth2DefaultDeclarationProvider	Declares the Heap objects needed by this module in the main IG heap.
OAuth2FailureContext	Context implementation to hold OAuth2 error details, should a failure occur during OAuth2 scenarios.
OAuth2ResourceServerFilterHeaplet	Validates a Request that contains an OAuth 2.0 access token.
OAuth2ResourceServerFilterTypeProvider	Provide a TypeDefinitionProvider for OAuth2ResourceServer.
OAuth2TokenExchangeContext	Context supporting OAuth2 token exchange scenarios, this manages the resulting exchange token.
OAuth2TokenExchangeFilter	Filter supporting OAuth2 token exchange scenarios.
OAuth2TokenExchangeFilter.Heaplet	Creates and initialises an OAuth2TokenExchangeFilter in a heap environment.
RequestFormResourceAccessTypeProvider	Provide the RequestFormResourceAccess's TypeDefinition.
ResourceAccessConfigSupport	Utility class providing ResourceAccess configuration support.
ResourceAccessTypeDefinitions	Class aggregating ResourceAccess TypeDefinitions.
ScriptableAccessTokenResolver	A Scriptable access token resolver.
ScriptableAccessTokenResolver.Heaplet	Creates and initializes a scriptable access token resolver in a heap environment.
ScriptableResourceAccess	A scriptable resource access.
ScriptableResourceAccess.Heaplet	Creates and initializes a scriptable object in a heap environment.
StatelessAccessTokenResolver	A StatelessAccessTokenResolver that locally resolves and validates stateless access_tokens issued by AM.
StatelessAccessTokenResolver.Heaplet	Creates and initializes a stateless access token resolver in the heap environment.
TokenIntrospectionAccessTokenResolverHeaplet	Creates and initializes an TokenIntrospectionAccessTokenResolver in a heap environment.
TokenIntrospectionAccessTokenResolverTypeDefinitionProvider	Provide TokenIntrospectionAccessTokenResolverHeaplet's TypeDefinition.