Package org.forgerock.secrets.oauth2

Class ResourceOwnerPasswordGrantTypeHandler

java.lang.Object
org.forgerock.secrets.oauth2.GrantTypeHandler
org.forgerock.secrets.oauth2.ResourceOwnerPasswordGrantTypeHandler
public class ResourceOwnerPasswordGrantTypeHandler extends GrantTypeHandler
A grant type handler that can obtain an access token using the Resource Owner Password Credentials (ROPC) grant. While this grant type should generally not be used for users, it can be quite useful for use with service accounts.

  • Constructor Details

    • ResourceOwnerPasswordGrantTypeHandler

      public ResourceOwnerPasswordGrantTypeHandler(String clientId, CredentialPair<GenericSecret> ownerCredentials, Collection<String> scope)
      Initialises the grant type handler with the given resource owner credentials.
      Parameters:
      clientId - the client id of the client requesting an access token.
      ownerCredentials - the credentials of the resource owner.
      scope - the scope of the request. May be null to request default scopes for this client.

    • ResourceOwnerPasswordGrantTypeHandler

      @Deprecated(since="26.6.0", forRemoval=true) public ResourceOwnerPasswordGrantTypeHandler(String clientId, String username, SecretReference<GenericSecret> password, Collection<String> scope)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Use ResourceOwnerPasswordGrantTypeHandler(String, CredentialPair, Collection) instead.
      Initialises the grant type handler with the given credentials.
      Parameters:
      clientId - the client id of the client requesting an access token.
      username - the username of the resource owner.
      password - a SecretReference to retrieve the password for the resource owner.
      scope - the scope of the request. May be null to request default scopes for this client.

    • ResourceOwnerPasswordGrantTypeHandler

      public ResourceOwnerPasswordGrantTypeHandler(String clientId, CredentialPair<GenericSecret> ownerCredentials)
      Initialises the grant type handler with the given credentials and the default scope for this client.
      Parameters:
      clientId - the client id of the client requesting an access token.
      ownerCredentials - the credentials of the resource owner.

    • ResourceOwnerPasswordGrantTypeHandler

      @Deprecated(since="26.6.0", forRemoval=true) public ResourceOwnerPasswordGrantTypeHandler(String clientId, String username, SecretReference<GenericSecret> password)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Use ResourceOwnerPasswordGrantTypeHandler(String, CredentialPair) instead.
      Initialises the grant type handler with the given credentials and the default scope for this client.
      Parameters:
      clientId - the client id of the client requesting an access token.
      username - the username of the resource owner.
      password - a SecretReference to retrieve the password for the resource owner.

  • Method Details

    • handle

      protected Promise<Form,NoSuchSecretException> handle(Request tokenEndpointRequest, Form form)
      Description copied from class: GrantTypeHandler
      Handles the request by adding appropriate parameters to the OAuth 2.0 token endpoint request.
      Overrides:
      handle in class GrantTypeHandler
      Parameters:
      tokenEndpointRequest - the original token endpoint request.
      form - the POST body to add parameters to.
      Returns:
      a promise for the token endpoint request with parameters appropriate for this grant type.