Interface AccessToken

All Superinterfaces:
org.forgerock.oauth2.core.tokenexchange.ExchangeableToken, IntrospectableToken, Token

@SupportedAll public interface AccessToken extends IntrospectableToken, org.forgerock.oauth2.core.tokenexchange.ExchangeableToken
Models an OAuth2 access token.
  • Method Details

    • getNonce

      String getNonce()
      Gets the token's nonce.
      Returns:
      The token's nonce.
    • setNonce

      void setNonce(String nonce)
      Sets the token's nonce. WARNING: changing native fields may result in loss of functionality.
      Parameters:
      nonce - The token's nonce.
    • removeNonce

      void removeNonce()
      Removes the nonce from the token. WARNING: removing native fields from the token may result in loss of functionality.
    • getTokenId

      String getTokenId()
      Description copied from interface: Token
      Gets the token's identifier.
      Specified by:
      getTokenId in interface Token
      Returns:
      The token's id.
    • setId

      void setId(String tokenId)
      Sets the token ID for this access token. WARNING: when using this method, make sure that the provided token ID has sufficient level of entropy and cannot be guessed easily. NB: when using client-side OAuth2 tokens, this method will throw UnsupportedOperationException.
      Parameters:
      tokenId - The token ID.
    • getClaims

      String getClaims()
      Gets the token's claims.
      Returns:
      The token's claims.
    • setClaims

      void setClaims(String claims)
      Sets the token's claims. WARNING: changing native fields may result in loss of functionality.
      Parameters:
      claims - The token's claims.
    • removeClaims

      void removeClaims()
      Removes the claims from the token. WARNING: removing native fields from the token may result in loss of functionality.
    • getTokenType

      String getTokenType()
      Gets the token's type.
      Returns:
      The token's type.
    • setTokenType

      void setTokenType(String tokenType)
      Sets the token's type. Out of the box only Bearer tokens are supported. WARNING: changing native fields may result in loss of functionality.
      Parameters:
      tokenType - The token's type.
    • removeTokenType

      void removeTokenType()
      Removes the token type from the token. WARNING: removing native fields from the token may result in loss of functionality.
    • getGrantType

      String getGrantType()
      Description copied from interface: IntrospectableToken
      Gets the grant type that was used to produce the token.
      Specified by:
      getGrantType in interface IntrospectableToken
      Returns:
      The grant type or null if grant type was not set.
    • setGrantType

      void setGrantType(String grantType)
      Sets the token's grant type. WARNING: changing native fields may result in loss of functionality.
      Parameters:
      grantType - The token's grant type.
    • removeGrantType

      void removeGrantType()
      Removes the grant type from the token. WARNING: removing native fields from the token may result in loss of functionality.
    • getConfirmationKey

      JsonValue getConfirmationKey()
      Get's the token's confirmation claim.
      Returns:
      the JSON confirmation key
    • setConfirmationKey

      void setConfirmationKey(JsonValue confirmationKey)
      Sets the token's confirmation claim. WARNING: changing native fields may result in loss of functionality.
      Parameters:
      confirmationKey - The token's confirmation claim.
    • removeConfirmationKey

      void removeConfirmationKey()
      Removes the confirmation key from the token. WARNING: removing native fields from the token may result in loss of functionality.
    • toMap

      Map<String,Object> toMap()
      Description copied from interface: Token
      Returns a Map of data associated with this token which the HTTP caller may be wish to receive.

      For example, when requesting an access token, the HTTP response body will contain JSON built using the result of calling this method. This response will include (amongst other things):

      • the access token reference
      • the access token type (BEARER)
      • the access token expiry time
      • the access token scopes
      • the refresh token reference (if one was created as part of the current HTTP call)
      Specified by:
      toMap in interface Token
      Returns:
      A Map of the token's key data.
    • addExtraData

      @Deprecated void addExtraData(String key, String value)
      Deprecated.
      Adds data to the token which will be returned by toMap().

      Any extra data added by this method is transient and will not be persisted.

      Parameters:
      key - The key.
      value - The value.
      See Also:
    • addExtraData

      void addExtraData(String key, Supplier<String> value)
      Stores additional data inside the token.
      Parameters:
      key - The key.
      value - The value supplier that returns the value to include inside the token.
      See Also:
    • addExtraJsonData

      void addExtraJsonData(String key, Supplier<JsonValue> value)
      Stores additional JSON data inside the token.
      Parameters:
      key - The key.
      value - The value supplier that returns the value to include inside the token.
      See Also:
    • getAuditTrackingId

      String getAuditTrackingId()
      Description copied from interface: Token
      Get the audit tracking ID for this token.
      Specified by:
      getAuditTrackingId in interface Token
      Returns:
      The tracking ID.
    • setAuditTrackingId

      void setAuditTrackingId(String auditTrackingId)
      Sets the token's audit tracking ID. WARNING: changing native fields may result in loss of functionality.
      Parameters:
      auditTrackingId - The token's audit tracking ID.
    • removeAuditTrackingId

      void removeAuditTrackingId()
      Removes the audit tracking ID from the token. WARNING: removing native fields from the token may result in loss of functionality.
    • getPermissions

      JsonValue getPermissions()
      Get the UMA permissions contained in the token.
      Returns:
      The permissions object.
    • setPermissions

      void setPermissions(JsonValue permissions)
      Set the UMA permissions contained in the token. WARNING: changing native fields may result in loss of functionality.
      Parameters:
      permissions - The permissions object.
    • removePermissions

      void removePermissions()
      Removes the UMA permissions from the token. WARNING: removing native fields from the token may result in loss of functionality.
    • getAuthGrantId

      String getAuthGrantId()
      Get the grant ID associated with this token.
      Returns:
      The grant ID.
    • setAuthGrantId

      void setAuthGrantId(String authGrantId)
      Sets the grant ID associated with this token. WARNING: changing native fields may result in loss of functionality.
      Parameters:
      authGrantId - The grant ID.
    • removeAuthGrantId

      void removeAuthGrantId()
      Removes the authorization grant ID from the token. WARNING: removing native fields from the token may result in loss of functionality.
    • setExpiryTime

      void setExpiryTime(long expiryTime)
      Sets the expiration time.
      Parameters:
      expiryTime - The expiration time in milliseconds.
    • setRealm

      void setRealm(String realm)
      Sets the realm for this access token. WARNING: changing native fields may result in loss of functionality.
      Parameters:
      realm - The realm.
    • removeRealm

      void removeRealm()
      Removes the realm from the token. WARNING: removing native fields from the token may result in loss of functionality.
    • setClientId

      void setClientId(String clientId)
      Sets the client ID for this access token. WARNING: changing native fields may result in loss of functionality.
      Parameters:
      clientId - The client ID.
    • removeClientId

      void removeClientId()
      Removes the client ID from the token. WARNING: removing native fields from the token may result in loss of functionality.
    • setResourceOwnerId

      void setResourceOwnerId(String resourceOwnerId)
      Sets the resource owner ID for this access token. WARNING: changing native fields may result in loss of functionality.
      Parameters:
      resourceOwnerId - The resource owner ID.
    • removeResourceOwnerId

      void removeResourceOwnerId()
      Removes the resource owner ID from the token. WARNING: removing native fields from the token may result in loss of functionality.
    • setScope

      void setScope(Set<String> scopes)
      Sets the scopes for this access token. WARNING: changing native fields may result in loss of functionality.
      Parameters:
      scopes - The scopes.
    • removeScopes

      void removeScopes()
      Removes the scopes from the token. WARNING: removing native fields from the token may result in loss of functionality.
    • setAuthTime

      void setAuthTime(long authTime)
      Sets when this access token was created. WARNING: changing native fields may result in loss of functionality.
      Parameters:
      authTime - The time this access token was created in seconds.
    • removeAuthTime

      void removeAuthTime()
      Removes the auth time from the token. WARNING: removing native fields from the token may result in loss of functionality.
    • setAuthLevel

      void setAuthLevel(Integer authLevel)
      Sets the authentication level associated with this access token. WARNING: changing native fields may result in loss of functionality.
      Parameters:
      authLevel - The authentication level associated with this access token.
    • removeAuthLevel

      void removeAuthLevel()
      Removes the authentication level from the token. WARNING: removing native fields from the token may result in loss of functionality.
    • setTokenName

      void setTokenName(String tokenName)
      Sets the token name for this token. WARNING: changing native fields may result in loss of functionality.
      Parameters:
      tokenName - The name of the token.
    • removeTokenName

      void removeTokenName()
      Removes the token name from the token. WARNING: removing native fields from the token may result in loss of functionality.
    • setField

      void setField(String field, Object value)
      Sets a field on this access token that will be either stored in CTS, or will be part of the client-side JWT.
      Parameters:
      field - The name of the field to set.
      value - The value to associate with the field. May not be null.
    • setFields

      default void setFields(Map<String,Object> fields)
      Sets multiple fields on this access token in one go. The fields will be either stored in CTS, or will be part of the client-side JWT.
      Parameters:
      fields - The fields to add to the access token.
    • setMayAct

      void setMayAct(JsonValue value)
    • setAct

      void setAct(JsonValue value)
    • getGrant

      default org.forgerock.oauth2.core.Grant getGrant()
      Gets the grant that represents the original authorization.
      Returns:
      The grant.