com.authlete.common.dto.GMRequest Maven / Gradle / Ivy
/*
* Copyright (C) 2021 Authlete, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.authlete.common.dto;
import java.io.Serializable;
import com.authlete.common.types.GMAction;
/**
* Request to Authlete's {@code /api/gm} API.
*
*
*
* gmAction (REQUIRED)-
*
* The grant management action of the grant management request. Either
* {@link GMAction#QUERY QUERY} or {@link GMAction#REVOKE REVOKE}.
*
*
*
*
* grantId (REQUIRED)-
*
* The grant ID of the grant management request.
*
*
*
* accessToken (REQUIRED)-
*
* The access token included in the grant management request.
*
*
*
* clientCertificate (OPTIONAL)-
*
* The client certificate used in the TLS connection established between the
* client application and the grant management endpoint. See "RFC 8705 OAuth 2.0 Mutual-TLS
* Client Authentication and Certificate-Bound Access Tokens" for details.
*
*
*
* dpop (OPTIONAL)-
*
* The value of the {@code DPoP} HTTP header. See "OAuth 2.0
* Demonstrating Proof-of-Possession at the Application Layer (DPoP)" for
* details.
*
*
*
* htm (OPTIONAL)-
*
* The HTTP method of the grant management request. Either {@code "GET"} or
* {@code "DELETE"}. This parameter is used to validate the value of the
* {@code DPoP} HTTP header. See "OAuth 2.0
* Demonstrating Proof-of-Possession at the Application Layer (DPoP)" for
* details.
*
*
* API callers don't have to specify this parameter unless they have a special
* reason because the default value can be easily determined based on the value
* of {@code gmAction}.
*
*
*
* htu (OPTIONAL)-
*
* The URL of the grant management endpoint. This parameter is used to validate
* the value of the {@code DPoP} HTTP header. See "OAuth 2.0
* Demonstrating Proof-of-Possession at the Application Layer (DPoP)" for
* details.
*
*
* When omitted, a string built by concatenating (1) the
* {@code grantManagementEndpoint} property of the {@link Service}, (2) a slash
* ({@code /}) and (3) the grant ID is used as the default value.
*
*
*
*
*
*
* @see Grant Management for OAuth 2.0
*
* @since 3.1
*/
public class GMRequest implements Serializable
{
private static final long serialVersionUID = 1L;
/**
* A grant management action; either QUERY or REVOKE.
*/
private GMAction gmAction;
/**
* The grant ID.
*/
private String grantId;
/**
* The access token.
*/
private String accessToken;
/**
* The client certificate used in the TLS connection established
* between the client application and the grant management endpoint.
*/
private String clientCertificate;
/**
* The {@code DPoP} HTTP header.
*/
private String dpop;
/**
* The HTTP method of the grant management request.
*/
private String htm;
/**
* The URL of the grant management endpoint.
*/
private String htu;
/**
* Get the grant management action of the grant management request.
* Either {@link GMAction#QUERY QUERY} or {@link GMAction#REVOKE REVOKE}.
*
* @return
* The grant management action of the grant management request.
*/
public GMAction getGmAction()
{
return gmAction;
}
/**
* Set the grant management action of the grant management request.
* Either {@link GMAction#QUERY QUERY} or {@link GMAction#REVOKE REVOKE}.
*
* @param gmAction
* The grant management action of the grant management request.
*
* @return
* {@code this} object.
*/
public GMRequest setGmAction(GMAction gmAction)
{
this.gmAction = gmAction;
return this;
}
/**
* Get the grant ID of the grant management request.
*
* @return
* The grant ID.
*/
public String getGrantId()
{
return grantId;
}
/**
* Set the grant ID of the grant management request.
*
* @param grantId
* The grant ID.
*
* @return
* {@code this} object.
*/
public GMRequest setGrantId(String grantId)
{
this.grantId = grantId;
return this;
}
/**
* Get the access token which has come along with the grant management
* request from the client application.
*
* @return
* The access token.
*/
public String getAccessToken()
{
return accessToken;
}
/**
* Set the access token that has come along with the grant management
* request from the client application.
*
* @param accessToken
* The access token.
*
* @return
* {@code this} object.
*/
public GMRequest setAccessToken(String accessToken)
{
this.accessToken = accessToken;
return this;
}
/**
* Get the client certificate used in the TLS connection established
* between the client application and the grant management endpoint.
*
*
* This property is checked when the access token is bound to a client
* certificate. See RFC 8705 for details.
*
*
* @return
* The client certificate in PEM format.
*
* @see RFC 8705 OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens
*/
public String getClientCertificate()
{
return clientCertificate;
}
/**
* Set the client certificate used in the TLS connection established
* between the client application and the grant management endpoint.
*
*
* This property is checked when the access token is bound to a client
* certificate. See RFC 8705 for details.
*
*
* @param certificate
* The client certificate in PEM format.
*
* @return
* {@code this} object.
*
* @see RFC 8705 OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens
*/
public GMRequest setClientCertificate(String certificate)
{
this.clientCertificate = certificate;
return this;
}
/**
* Get the value of the {@code DPoP} header of the grant management request.
*
*
* This property is checked when the access token is bound to a public key.
*
*
* @return
* The value of the {@code DPoP} header.
*
* @see OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)
*/
public String getDpop()
{
return dpop;
}
/**
* Set the value of the {@code DPoP} header of the grant management request.
*
*
* This property is checked when the access token is bound to a public key.
*
*
* @param dpop
* The value of the {@code DPoP} header.
*
* @return
* {@code this} object.
*
* @see OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)
*/
public GMRequest setDpop(String dpop)
{
this.dpop = dpop;
return this;
}
/**
* Get the HTTP method of the grant management request.
*
*
* This property is used to validate the value of the {@code DPoP} header.
*
*
*
* When this property is omitted, {@code "GET"} is used as the default value
* in the case of {@code gmAction=}{@link GMAction#QUERY QUERY}. Likewise,
* {@code "DELETE"} is used as the default value in the case of
* {@code gmAction=}{@link GMAction#REVOKE REVOKE}.
*
*
* @return
* The HTTP method of the grant management request.
*
* @see OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)
*/
public String getHtm()
{
return htm;
}
/**
* Set the HTTP method of the grant management request.
*
*
* This property is used to validate the value of the {@code DPoP} header.
*
*
*
* When this property is omitted, {@code "GET"} is used as the default value
* in the case of {@code gmAction=}{@link GMAction#QUERY QUERY}. Likewise,
* {@code "DELETE"} is used as the default value in the case of
* {@code gmAction=}{@link GMAction#REVOKE REVOKE}.
*
*
* @param htm
* The HTTP method of the grant management request.
*
* @return
* {@code this} object.
*
* @see OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)
*/
public GMRequest setHtm(String htm)
{
this.htm = htm;
return this;
}
/**
* Get the URL of the grant management endpoint.
*
*
* This property is used to validate the value of the {@code DPoP} header.
*
*
*
* When this property is omitted, a string built by concatenating (1) the
* {@code grantManagementEndpoint} property of the {@link Service}, (2) a
* slash ({@code /}) and (3) the grant ID is used as the default value.
*
*
* @return
* The URL of the grant management endpoint.
*
* @see OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)
*/
public String getHtu()
{
return htu;
}
/**
* Set the URL of the grant management endpoint.
*
*
* This property is used to validate the value of the {@code DPoP} header.
*
*
*
* When this property is omitted, a string built by concatenating (1) the
* {@code grantManagementEndpoint} property of the {@link Service}, (2) a
* slash ({@code /}) and (3) the grant ID is used as the default value.
*
*
* @param htu
* The URL of the userinfo endpoint.
*
* @return
* {@code this} object.
*
* @see OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)
*/
public GMRequest setHtu(String htu)
{
this.htu = htu;
return this;
}
}