Class JwtBearerGrantTypeHandler

java.lang.Object
org.forgerock.secrets.oauth2.GrantTypeHandler
org.forgerock.secrets.oauth2.JwtBearerGrantTypeHandler

public class JwtBearerGrantTypeHandler extends GrantTypeHandler
Implements the JWT bearer assertion grant type. This can be used to obtain an access token based on a signed JWT from a trusted issuer. This handler obtains JWTs as GenericSecrets from the Secrets API.
  • Constructor Details

    • JwtBearerGrantTypeHandler

      public JwtBearerGrantTypeHandler(SecretReference<GenericSecret> jwtReference, String clientId, Collection<String> scope)
      Constructs the handler with the given source of JWTs, for the given client and scope.
      Parameters:
      jwtReference - the reference to retrieve fresh JWT bearer grant authorizations from.
      clientId - the ID of the client. May be null.
      scope - the scope of the requested access token.
    • JwtBearerGrantTypeHandler

      public JwtBearerGrantTypeHandler(SecretReference<GenericSecret> jwtReference, Collection<String> scope)
      Constructs the handler with the given source of JWTs, for the given scope.
      Parameters:
      jwtReference - the reference to retrieve fresh JWT bearer grant authorizations from.
      scope - the scope of the requested access token.
    • JwtBearerGrantTypeHandler

      public JwtBearerGrantTypeHandler(SecretReference<GenericSecret> jwtReference)
      Constructs the handler with the given source of JWTs.
      Parameters:
      jwtReference - the reference to retrieve fresh JWT bearer grant authorizations from.
  • Method Details

    • handle

      protected Promise<Form,NoSuchSecretException> handle(Request tokenEndpointRequest, Form form)
      Description copied from class: GrantTypeHandler
      Handles the request by adding appropriate parameters to the OAuth 2.0 token endpoint request.
      Overrides:
      handle in class GrantTypeHandler
      Parameters:
      tokenEndpointRequest - the original token endpoint request.
      form - the POST body to add parameters to.
      Returns:
      a promise for the token endpoint request with parameters appropriate for this grant type.