Package org.forgerock.secrets.oauth2
Class AccessTokenSecretStore.Builder
java.lang.Object
org.forgerock.secrets.oauth2.AccessTokenSecretStore.Builder
- Enclosing class:
- AccessTokenSecretStore
Builder object for the access token secret store. You must at least configure the
forPurpose(Purpose)
,
withClock(Clock)
, withInitialGrantTypeHandler(GrantTypeHandler)
, and
withTokenEndpoint(URI)
options, otherwise an exception will be thrown when building the object.-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionbuild()
Builds the access token secret store.forPurpose
(Purpose<GenericSecret> purpose) Configures the purpose for which this access token store is to be used.withClientSecretBasicAuth
(String clientId, SecretReference<GenericSecret> clientSecretRef) Deprecated, for removal: This API element is subject to removal in a future version.withClientSecretBasicAuth
(CredentialPair<GenericSecret> credentials) Configures the token store to supply client credentials via HTTP Basic Authentication.withClientSecretPostAuth
(String clientId, SecretReference<GenericSecret> clientSecretRef) Deprecated, for removal: This API element is subject to removal in a future version.usewithClientSecretPostAuth(CredentialPair)
insteadwithClientSecretPostAuth
(CredentialPair<GenericSecret> credentials) Configures the token store to supply client credentials via client_secret_post method.The clock to use for determining when an access token has expired.withHandler
(Handler handler) Configures theHandler
to use for sending requests to the token endpoint.withInitialGrantTypeHandler
(GrantTypeHandler grantType) Configures the initial grant type handler to use for calling the token endpoint.withTokenEndpoint
(String tokenEndpoint) Configures the URI of the OAuth 2 token endpoint to call to obtain access tokens.withTokenEndpoint
(URI tokenEndpoint) Configures the URI of the OAuth 2 token endpoint to call to obtain access tokens.
-
Constructor Details
-
Builder
public Builder()
-
-
Method Details
-
forPurpose
Configures the purpose for which this access token store is to be used.- Parameters:
purpose
- the purpose for which access tokens are being used.- Returns:
- this builder object.
-
withHandler
Configures theHandler
to use for sending requests to the token endpoint.- Parameters:
handler
- the client handler.- Returns:
- this builder object.
-
withClientSecretBasicAuth
@Deprecated(since="26.6.0", forRemoval=true) public AccessTokenSecretStore.Builder withClientSecretBasicAuth(String clientId, SecretReference<GenericSecret> clientSecretRef) Deprecated, for removal: This API element is subject to removal in a future version.usewithClientSecretBasicAuth(CredentialPair)
insteadConfigures the token store to supply client credentials via HTTP Basic Authentication.- Parameters:
clientId
- the client id.clientSecretRef
- a reference to the client secret.- Returns:
- this builder object.
-
withClientSecretBasicAuth
public AccessTokenSecretStore.Builder withClientSecretBasicAuth(CredentialPair<GenericSecret> credentials) Configures the token store to supply client credentials via HTTP Basic Authentication.- Parameters:
credentials
- the client credentials.- Returns:
- this builder object.
-
withClientSecretPostAuth
@Deprecated(since="26.6.0", forRemoval=true) public AccessTokenSecretStore.Builder withClientSecretPostAuth(String clientId, SecretReference<GenericSecret> clientSecretRef) Deprecated, for removal: This API element is subject to removal in a future version.usewithClientSecretPostAuth(CredentialPair)
insteadConfigures the token store to supply client credentials via client_secret_post method.- Parameters:
clientId
- the client id.clientSecretRef
- a reference to retrieve the client secret.- Returns:
- this builder object.
-
withClientSecretPostAuth
public AccessTokenSecretStore.Builder withClientSecretPostAuth(CredentialPair<GenericSecret> credentials) Configures the token store to supply client credentials via client_secret_post method.- Parameters:
credentials
- the client credentials.- Returns:
- this builder object.
-
withInitialGrantTypeHandler
Configures the initial grant type handler to use for calling the token endpoint. If the response from the token endpoint includes a refresh token, then the store will switch to using a refresh token grant from then on.- Parameters:
grantType
- the initial grant type handler.- Returns:
- this object.
-
withClock
The clock to use for determining when an access token has expired.- Parameters:
clock
- the clock.- Returns:
- this builder object.
-
withTokenEndpoint
Configures the URI of the OAuth 2 token endpoint to call to obtain access tokens.- Parameters:
tokenEndpoint
- the token endpoint URI.- Returns:
- this builder object.
-
withTokenEndpoint
Configures the URI of the OAuth 2 token endpoint to call to obtain access tokens.- Parameters:
tokenEndpoint
- the token endpoint URI.- Returns:
- this builder object.
-
build
Builds the access token secret store.- Returns:
- the access token secret store.
- Throws:
HttpApplicationException
- if noHttpClientHandler
is available.NullPointerException
- if any mandatory configuration options have not been configured.
-
withClientSecretBasicAuth(CredentialPair)
instead