org.xdi.oxauth.model.common.AuthorizationMethod 連携図
公開変数類 | |
| AUTHORIZATION_REQUEST_HEADER_FIELD | |
| FORM_ENCODED_BODY_PARAMETER | |
詳解
メンバ詳解
◆ AUTHORIZATION_REQUEST_HEADER_FIELD
| org.xdi.oxauth.model.common.AuthorizationMethod.AUTHORIZATION_REQUEST_HEADER_FIELD |
When sending the access token in the "Authorization" request header field defined by HTTP/1.1, Part 7 [I-D.ietf-httpbis-p7-auth], the client uses the "Bearer" authentication scheme to transmit the access token.
◆ FORM_ENCODED_BODY_PARAMETER
| org.xdi.oxauth.model.common.AuthorizationMethod.FORM_ENCODED_BODY_PARAMETER |
When sending the access token in the HTTP request entity-body, the client adds the access token to the request body using the "access_token" parameter. The client MUST NOT use this method unless all of the following conditions are met:
- The HTTP request entity-header includes the "Content-Type" header field set to "application/x-www-form-urlencoded".
- The entity-body follows the encoding requirements of the "application/x-www-form-urlencoded" content-type as defined by HTML 4.01 [W3C.REC-html401-19991224].
- The HTTP request entity-body is single-part.
- The content to be encoded in the entity-body MUST consist entirely of ASCII [USASCII] characters.
- The HTTP request method is one for which the request body has defined semantics. In particular, this means that the "GET" method MUST NOT be used.
The entity-body MAY include other request-specific parameters, in which case, the "access_token" parameter MUST be properly separated from the request-specific parameters using "&" character(s) (ASCII code 38).
次のファイルからこの列挙についての詳解を抽出しました:
- D:/AppData/OpenId/gluu/src/oxAuth/Model/src/main/java/org/xdi/oxauth/model/common/AuthorizationMethod.java
