org.xdi.oxauth.client.TokenClient の継承関係図

org.xdi.oxauth.client.TokenClient 連携図

公開メンバ関数
	TokenClient (String url)

String	getHttpMethod ()

TokenResponse	execAuthorizationCode (String code, String redirectUri, String clientId, String clientSecret)

TokenResponse	execResourceOwnerPasswordCredentialsGrant (String username, String password, String scope, String clientId, String clientSecret)

TokenResponse	execClientCredentialsGrant (String scope, String clientId, String clientSecret)

TokenResponse	execExtensionGrant (String grantTypeUri, String assertion, String clientId, String clientSecret)

TokenResponse	execRefreshToken (String scope, String refreshToken, String clientId, String clientSecret)

TokenResponse	exec ()

String	getUrl ()

void	setUrl (String url)

T	getRequest ()

void	setRequest (T request)

V	getResponse ()

void	setResponse (V response)

ClientExecutor	getExecutor ()

void	setExecutor (ClientExecutor executor)

String	getRequestAsString ()

String	getResponseAsString ()

void	closeConnection ()

List< Cookie >	getCookies ()

Map< String, String >	getHeaders ()

静的公開メンバ関数
static void	putAllFormParameters (ClientRequest p_clientRequest, BaseRequest p_request)

限定公開メンバ関数
void	addReqParam (String p_key, HasParamName p_value)

void	addReqParam (String p_key, String p_value)

void	initClientRequest ()

限定公開変数類
T	request

V	response

ClientRequest	clientRequest

ClientResponse< String >	clientResponse

ClientExecutor	executor

静的非公開変数類
static final Logger	LOG = Logger.getLogger(TokenClient.class)

詳解

Encapsulates functionality to make token request calls to an authorization server via REST Services.

著者: Javier Rojas Blum

バージョン: June 28, 2017

構築子と解体子

◆ TokenClient()

org.xdi.oxauth.client.TokenClient.TokenClient ( String url )

inline

Constructs a token client by providing a REST url where the token service is located.

引数

url	The REST Service location.

                                    {
         super(url);
     }

関数詳解

◆ addReqParam() [1/2]

void org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.addReqParam	(	String	p_key,
		HasParamName	p_value
	)

inlineprotectedinherited

                                                                    {
         if (p_value != null) {
             addReqParam(p_key, p_value.getParamName());
         }
     }

◆ addReqParam() [2/2]

void org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.addReqParam	(	String	p_key,
		String	p_value
	)

inlineprotectedinherited

                                                              {
         if (Util.allNotBlank(p_key, p_value)) {
             if (request.getAuthorizationMethod() == AuthorizationMethod.FORM_ENCODED_BODY_PARAMETER) {
                 clientRequest.formParameter(p_key, p_value);
             } else {
                 clientRequest.queryParameter(p_key, p_value);
             }
         }
     }

◆ closeConnection()

void org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.closeConnection ( )

inlineinherited

                                   {
         try {
             if (clientResponse != null) {
                 clientResponse.releaseConnection();
             }
             if (clientRequest != null && clientRequest.getExecutor() != null) {
                 clientRequest.getExecutor().close();
             }
         } catch (Exception e) {
             LOG.error(e.getMessage(), e);
         }
     }

◆ exec()

TokenResponse org.xdi.oxauth.client.TokenClient.exec ( )

inline

Executes the call to the REST Service and processes the response.

戻り値: The token response.

                                 {
         // Prepare request parameters
         initClientRequest();
         if (request.getAuthenticationMethod() == AuthenticationMethod.CLIENT_SECRET_BASIC
                 && request.hasCredentials()) {
             clientRequest.header("Authorization", "Basic " + request.getEncodedCredentials());
         }
         clientRequest.header("Content-Type", request.getContentType());
         clientRequest.setHttpMethod(getHttpMethod());
 
         if (getRequest().getGrantType() != null) {
             clientRequest.formParameter("grant_type", getRequest().getGrantType());
         }
         if (StringUtils.isNotBlank(getRequest().getCode())) {
             clientRequest.formParameter("code", getRequest().getCode());
         }
         if (StringUtils.isNotBlank(getRequest().getCodeVerifier())) {
             clientRequest.formParameter("code_verifier", getRequest().getCodeVerifier());
         }
         if (StringUtils.isNotBlank(getRequest().getRedirectUri())) {
             clientRequest.formParameter("redirect_uri", getRequest().getRedirectUri());
         }
         if (StringUtils.isNotBlank(getRequest().getUsername())) {
             clientRequest.formParameter("username", getRequest().getUsername());
         }
         if (StringUtils.isNotBlank(getRequest().getPassword())) {
             clientRequest.formParameter("password", getRequest().getPassword());
         }
         if (StringUtils.isNotBlank(getRequest().getScope())) {
             clientRequest.formParameter("scope", getRequest().getScope());
         }
         if (StringUtils.isNotBlank(getRequest().getAssertion())) {
             clientRequest.formParameter("assertion", getRequest().getAssertion());
         }
         if (StringUtils.isNotBlank(getRequest().getRefreshToken())) {
             clientRequest.formParameter("refresh_token", getRequest().getRefreshToken());
         }
         if (getRequest().getAuthenticationMethod() == AuthenticationMethod.CLIENT_SECRET_POST) {
             if (getRequest().getAuthUsername() != null && !getRequest().getAuthUsername().isEmpty()) {
                 clientRequest.formParameter("client_id", getRequest().getAuthUsername());
             }
             if (getRequest().getAuthPassword() != null && !getRequest().getAuthPassword().isEmpty()) {
                 clientRequest.formParameter("client_secret", getRequest().getAuthPassword());
             }
         } else if (getRequest().getAuthenticationMethod() == AuthenticationMethod.CLIENT_SECRET_JWT ||
                 getRequest().getAuthenticationMethod() == AuthenticationMethod.PRIVATE_KEY_JWT) {
             clientRequest.formParameter("client_assertion_type", ClientAssertionType.JWT_BEARER);
             clientRequest.formParameter("client_assertion", getRequest().getClientAssertion());
             if (getRequest().getAuthUsername() != null && !getRequest().getAuthUsername().isEmpty()) {
                 clientRequest.formParameter("client_id", getRequest().getAuthUsername());
             }
         }
         for (String key : getRequest().getCustomParameters().keySet()) {
             clientRequest.formParameter(key, getRequest().getCustomParameters().get(key));
         }
 
         // Call REST Service and handle response
         try {
             clientResponse = clientRequest.post(String.class);
 
             final TokenResponse tokenResponse = new TokenResponse(clientResponse);
             tokenResponse.injectDataFromJson();
             setResponse(tokenResponse);
         } catch (Exception e) {
             LOG.error(e.getMessage(), e);
         } finally {
             closeConnection();
         }
 
         return getResponse();
     }

◆ execAuthorizationCode()

TokenResponse org.xdi.oxauth.client.TokenClient.execAuthorizationCode	(	String	code,
		String	redirectUri,
		String	clientId,
		String	clientSecret
	)

inline

Executes the call to the REST Service requesting the authorization and processes the response.

The authorization code is obtained by using an authorization server as an intermediary between the client and resource owner. Instead of requesting authorization directly from the resource owner, the client directs the resource owner to an authorization server (via its user- agent as defined in [RFC2616]), which in turn directs the resource owner back to the client with the authorization code.

Before directing the resource owner back to the client with the authorization code, the authorization server authenticates the resource owner and obtains authorization. Because the resource owner only authenticates with the authorization server, the resource owner's credentials are never shared with the client.

The authorization code provides a few important security benefits such as the ability to authenticate the client, and the transmission of the access token directly to the client without passing it through the resource owner's user-agent, potentially exposing it to others, including the resource owner.

引数

code	he authorization code received from the authorization server. This parameter is required.
redirectUri	The redirection URI. This parameter is required.
clientId	The client identifier.
clientSecret	The client secret.

戻り値: The token response.

                                                                                      {
         setRequest(new TokenRequest(GrantType.AUTHORIZATION_CODE));
         getRequest().setCode(code);
         getRequest().setRedirectUri(redirectUri);
         getRequest().setAuthUsername(clientId);
         getRequest().setAuthPassword(clientSecret);
 
         return exec();
     }

◆ execClientCredentialsGrant()

TokenResponse org.xdi.oxauth.client.TokenClient.execClientCredentialsGrant	(	String	scope,
		String	clientId,
		String	clientSecret
	)

inline

Executes the call to the REST Service requesting the authorization and processes the response.

The client can request an access token using only its client credentials when the client is requesting access to the protected resources under its control, or those of another resource owner which has been previously arranged with the authorization server. The client credentials grant type must only be used by confidential clients.

引数

scope	The scope of the access request. This parameter is optional.
clientId	The client identifier.
clientSecret	The client secret.

戻り値: The token response.

                                                                 {
         setRequest(new TokenRequest(GrantType.CLIENT_CREDENTIALS));
         getRequest().setScope(scope);
         getRequest().setAuthUsername(clientId);
         getRequest().setAuthPassword(clientSecret);
 
         return exec();
     }

◆ execExtensionGrant()

TokenResponse org.xdi.oxauth.client.TokenClient.execExtensionGrant	(	String	grantTypeUri,
		String	assertion,
		String	clientId,
		String	clientSecret
	)

inline

Executes the call to the REST Service requesting the authorization and processes the response.

The client uses an extension grant type by specifying the grant type using an absolute URI (defined by the authorization server) as the value of the grant_type parameter of the token endpoint, and by adding any additional parameters necessary.

引数

grantTypeUri	Absolute URI.
assertion	Assertion grant type.
clientId	The client identifier.
clientSecret	The client secret.

戻り値: The token response.

                                                                                   {
         GrantType grantType = GrantType.fromString(grantTypeUri);
         setRequest(new TokenRequest(grantType));
         getRequest().setAssertion(assertion);
         getRequest().setAuthUsername(clientId);
         getRequest().setAuthPassword(clientSecret);
 
         return exec();
     }

◆ execRefreshToken()

TokenResponse org.xdi.oxauth.client.TokenClient.execRefreshToken	(	String	scope,
		String	refreshToken,
		String	clientId,
		String	clientSecret
	)

inline

Executes the call to the REST Service requesting the authorization and processes the response.

If the authorization server issued a refresh token to the client, the client can make a request to the token endpoint for a new access token.

引数

scope	The scope of the access request. This value is optional.
refreshToken	The refresh token issued to the client. This value is required.
clientId	The client identifier.
clientSecret	The client secret.

戻り値: The token response.

                                                                                 {
         setRequest(new TokenRequest(GrantType.REFRESH_TOKEN));
         getRequest().setScope(scope);
         getRequest().setRefreshToken(refreshToken);
         getRequest().setAuthUsername(clientId);
         getRequest().setAuthPassword(clientSecret);
 
         return exec();
     }

◆ execResourceOwnerPasswordCredentialsGrant()

TokenResponse org.xdi.oxauth.client.TokenClient.execResourceOwnerPasswordCredentialsGrant	(	String	username,
		String	password,
		String	scope,
		String	clientId,
		String	clientSecret
	)

inline

Executes the call to the REST Service requesting the authorization and processes the response.

The resource owner password credentials grant type is suitable in cases where the resource owner has a trust relationship with the client, such as its device operating system or a highly privileged application. The authorization server should take special care when enabling this grant type, and only allow it when other flows are not viable.

The grant type is suitable for clients capable of obtaining the resource owner's credentials (username and password, typically using an interactive form). It is also used to migrate existing clients using direct authentication schemes such as HTTP Basic or Digest authentication to OAuth by converting the stored credentials to an access token.

引数

username	The resource owner username. This parameter is required.
password	The resource owner password. This parameter is required.
scope	The scope of the access request. This parameter is optional.
clientId	The client identifier.
clientSecret	The client secret.

戻り値: The token response.

                                                   {
         setRequest(new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS));
         getRequest().setUsername(username);
         getRequest().setPassword(password);
         getRequest().setScope(scope);
         getRequest().setAuthUsername(clientId);
         getRequest().setAuthPassword(clientSecret);
 
         return exec();
     }

◆ getCookies()

List<Cookie> org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.getCookies ( )

inlineinherited

                                      {
         return cookies;
     }

◆ getExecutor()

ClientExecutor org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.getExecutor ( )

inlineinherited

                                         {
         return executor;
     }

◆ getHeaders()

Map<String, String> org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.getHeaders ( )

inlineinherited

                                             {
         return headers;
     }

◆ getHttpMethod()

String org.xdi.oxauth.client.TokenClient.getHttpMethod ( )

inline

                                   {
         return HttpMethod.POST;
     }

◆ getRequest()

T org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.getRequest ( )

inlineinherited

                           {
         return request;
     }

◆ getRequestAsString()

String org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.getRequestAsString ( )

inlineinherited

                                        {
         StringBuilder sb = new StringBuilder();
 
         try {
             URL theUrl = new URL(url);
 
             if (getHttpMethod().equals(HttpMethod.POST)) {
                 sb.append(HttpMethod.POST).append(" ").append(theUrl.getPath()).append(" HTTP/1.1");
                 if (StringUtils.isNotBlank(request.getContentType())) {
                     sb.append("\n");
                     sb.append("Content-Type: ").append(request.getContentType());
                 }
                 if (StringUtils.isNotBlank(request.getMediaType())) {
                     sb.append("\n");
                     sb.append("Accept: ").append(request.getMediaType());
                 }
                 sb.append("\n");
                 sb.append("Host: ").append(theUrl.getHost());
 
                 if (request instanceof AuthorizationRequest) {
                     AuthorizationRequest authorizationRequest = (AuthorizationRequest) request;
                     if (authorizationRequest.isUseNoRedirectHeader()) {
                         sb.append("\n");
                         sb.append("X-Gluu-NoRedirect: true");
                     }
                 }
                 if (request.getAuthorizationMethod() == null) {
                     if (request.getAuthenticationMethod() == null
                             || request.getAuthenticationMethod() == AuthenticationMethod.CLIENT_SECRET_BASIC) {
                         if (request.hasCredentials()) {
                             String encodedCredentials = request.getEncodedCredentials();
                             sb.append("\n");
                             sb.append("Authorization: Basic ").append(encodedCredentials);
                         }
                     }
                 } else if (request.getAuthorizationMethod() == AuthorizationMethod.AUTHORIZATION_REQUEST_HEADER_FIELD) {
                     if (request instanceof UserInfoRequest) {
                         String accessToken = ((UserInfoRequest) request).getAccessToken();
                         sb.append("\n");
                         sb.append("Authorization: Bearer ").append(accessToken);
                     }
                 }
 
                 sb.append("\n");
                 sb.append("\n");
                 sb.append(request.getQueryString());
             } else if (getHttpMethod().equals(HttpMethod.GET)) {
                 sb.append("GET ").append(theUrl.getPath());
                 if (StringUtils.isNotBlank(request.getQueryString())) {
                     sb.append("?").append(request.getQueryString());
                 }
                 sb.append(" HTTP/1.1");
                 sb.append("\n");
                 sb.append("Host: ").append(theUrl.getHost());
 
                 if (request instanceof AuthorizationRequest) {
                     AuthorizationRequest authorizationRequest = (AuthorizationRequest) request;
                     if (authorizationRequest.isUseNoRedirectHeader()) {
                         sb.append("\n");
                         sb.append("X-Gluu-NoRedirect: true");
                     }
                 }
                 if (request.getAuthorizationMethod() == null) {
                     if (request.hasCredentials()) {
                         String encodedCredentials = request.getEncodedCredentials();
                         sb.append("\n");
                         sb.append("Authorization: Basic ").append(encodedCredentials);
                     } else if (request instanceof RegisterRequest) {
                         RegisterRequest r = (RegisterRequest) request;
                         String registrationAccessToken = r.getRegistrationAccessToken();
                         sb.append("\n");
                         sb.append("Authorization: Bearer ").append(registrationAccessToken);
                     }
                 } else if (request.getAuthorizationMethod() == AuthorizationMethod.AUTHORIZATION_REQUEST_HEADER_FIELD) {
                     if (request instanceof UserInfoRequest) {
                         String accessToken = ((UserInfoRequest) request).getAccessToken();
                         sb.append("\n");
                         sb.append("Authorization: Bearer ").append(accessToken);
                     }
                 }
             }
         } catch (MalformedURLException e) {
             LOG.error(e.getMessage(), e);
         }
 
         return sb.toString();
     }

◆ getResponse()

V org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.getResponse ( )

inlineinherited

                            {
         return response;
     }

◆ getResponseAsString()

String org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.getResponseAsString ( )

inlineinherited

                                         {
         StringBuilder sb = new StringBuilder();
 
         if (response != null) {
             sb.append("HTTP/1.1 ").append(response.getStatus());
             if (response.getHeaders() != null) {
                 for (String key : response.getHeaders().keySet()) {
                     sb.append("\n")
                             .append(key)
                             .append(": ")
                             .append(response.getHeaders().get(key).get(0));
                 }
             }
             if (response.getEntity() != null) {
                 sb.append("\n");
                 sb.append("\n");
                 sb.append(response.getEntity());
             }
         }
         return sb.toString();
     }

◆ getUrl()

String org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.getUrl ( )

inlineinherited

                            {
         return url;
     }

◆ initClientRequest()

void org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.initClientRequest ( )

inlineprotectedinherited

                                        {
         if (this.executor == null) {
             this.clientRequest = new ClientRequest(getUrl());
         } else {
             this.clientRequest = new ClientRequest(getUrl(), this.executor);
         }
         for (Cookie cookie : cookies) {
             clientRequest.cookie(cookie);
         }
         for (Map.Entry<String, String> headerEntry : headers.entrySet()) {
             clientRequest.header(headerEntry.getKey(), headerEntry.getValue());
         }
     }

◆ putAllFormParameters()

static void org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.putAllFormParameters	(	ClientRequest	p_clientRequest,
		BaseRequest	p_request
	)

inlinestaticinherited

                                                                                                   {
         if (p_clientRequest != null && p_request != null) {
             final Map<String, String> parameters = p_request.getParameters();
             if (parameters != null && !parameters.isEmpty()) {
                 for (Map.Entry<String, String> e : parameters.entrySet()) {
                     p_clientRequest.formParameter(e.getKey(), e.getValue());
                 }
             }
         }
     }

◆ setExecutor()

void org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.setExecutor ( ClientExecutor executor )

inlineinherited

                                                      {
         this.executor = executor;
     }

◆ setRequest()

void org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.setRequest ( T request )

inlineinherited

                                       {
         this.request = request;
     }

◆ setResponse()

void org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.setResponse ( V response )

inlineinherited

                                         {
         this.response = response;
     }

◆ setUrl()

void org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.setUrl ( String url )

inlineinherited

                                    {
         this.url = url;
     }

メンバ詳解

◆ clientRequest

ClientRequest org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.clientRequest

protectedinherited

◆ clientResponse

ClientResponse<String> org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.clientResponse

protectedinherited

◆ executor

ClientExecutor org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.executor

protectedinherited

◆ LOG

final Logger org.xdi.oxauth.client.TokenClient.LOG = Logger.getLogger(TokenClient.class)

staticprivate

◆ request

T org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.request

protectedinherited

◆ response

V org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.response

protectedinherited

このクラス詳解は次のファイルから抽出されました:

D:/AppData/OpenId/gluu/src/oxAuth/Client/src/main/java/org/xdi/oxauth/client/TokenClient.java

公開メンバ関数

静的公開メンバ関数

限定公開メンバ関数

限定公開変数類

静的非公開変数類

詳解

構築子と解体子

◆ TokenClient()

関数詳解

◆ addReqParam() [1/2]

◆ addReqParam() [2/2]

◆ closeConnection()

◆ exec()

◆ execAuthorizationCode()

◆ execClientCredentialsGrant()

◆ execExtensionGrant()

◆ execRefreshToken()

◆ execResourceOwnerPasswordCredentialsGrant()

◆ getCookies()

◆ getExecutor()

◆ getHeaders()

◆ getHttpMethod()

◆ getRequest()

◆ getRequestAsString()

◆ getResponse()

◆ getResponseAsString()

◆ getUrl()

◆ initClientRequest()

◆ putAllFormParameters()

◆ setExecutor()

◆ setRequest()

◆ setResponse()

◆ setUrl()

メンバ詳解

◆ clientRequest

◆ clientResponse

◆ executor

◆ LOG

◆ request

◆ response