All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.authlete.common.dto.TokenIssueResponse Maven / Gradle / Ivy

/*
 * Copyright (C) 2014-2023 Authlete, Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.authlete.common.dto;


import java.net.URI;
import com.authlete.common.util.Utils;


/**
 * Response from Authlete's {@code /auth/token/issue} endpoint.
 *
 * 

* Authlete's {@code /auth/token/issue} endpoint returns JSON which can * be mapped to this class. The service implementation should retrieve * the value of {@code "action"} from the response and take the following * steps according to the value. *

* *
*
{@link Action#INTERNAL_SERVER_ERROR INTERNAL_SERVER_ERROR}
*
*

* When the value of {@code "action"} is {@code "INTERNAL_SERVER_ERROR"}, * it means that the request from the service implementation was wrong or * that an error occurred in Authlete. *

* *

* In either case, from the viewpoint of the client application, it is an * error on the server side. Therefore, the service implementation should * generate a response to the client application with the HTTP status of * {@code "500 Internal Server Error"}. *

* *

* {@link #getResponseContent()} returns a JSON string which describes * the error, so it can be used as the entity body of the response. *

* *

* The following illustrates the response which the service implementation * should generate and return to the client application. *

* *
 * HTTP/1.1 500 Internal Server Error
 * Content-Type: application/json
 * Cache-Control: no-store
 * Pragma: no-cache
 *
 * (The value returned from {@link #getResponseContent()})
*
* *
{@link Action#OK OK}
*
*

* When the value of {@code "action"} is {@code "OK"}, it means that * Authlete's {@code /auth/token/issue} API successfully generated * an access token. *

* *

* The HTTP status of the response returned to the client application * must be {@code "200 OK"} and the content type must be * {@code "application/json"}. *

* *

* {@link #getResponseContent()} returns a JSON string which contains * an access token, so it can be used as the entity body of the response. *

* *

* The following illustrates the response which the service implementation * should generate and return to the client application. *

* *
 * HTTP/1.1 200 OK
 * Content-Type: application/json
 * Cache-Control: no-store
 * Pragma: no-cache
 *
 * (The value returned from {@link #getResponseContent()})
*
*
* * @author Takahiko Kawasaki */ public class TokenIssueResponse extends ApiResponse { private static final long serialVersionUID = 10L; /** * The next action that the service implementation should take. */ public enum Action { /** * The request from the service implementation was wrong or * an error occurred in Authlete. The service implementation * should return {@code "500 Internal Server Error"} to the * client application. */ INTERNAL_SERVER_ERROR, /** * The token request from the client was valid. The service * implementation should return {@code "200 OK"} to the client * application with an access token. */ OK } private static final String SUMMARY_FORMAT = "action=%s, responseContent=%s, " + "accessToken=%s, accessTokenExpiresAt=%d, accessTokenDuration=%d, " + "refreshToken=%s, refreshTokenExpiresAt=%d, refreshTokenDuration=%d, " + "clientId=%d, clientIdAlias=%s, clientIdAliasUsed=%s, subject=%s, " + "scopes=%s, properties=%s, jwtAccessToken=%s"; /** * The next action that the service implementation should take. * @since Authlete 1.1 */ private Action action; /** * @since Authlete 1.1 */ private String responseContent; /** * @since Authlete 1.1 */ private String accessToken; /** * @since Authlete 1.1 */ private long accessTokenExpiresAt; /** * @since Authlete 1.1 */ private long accessTokenDuration; /** * @since Authlete 1.1 */ private String refreshToken; /** * @since Authlete 1.1 */ private long refreshTokenExpiresAt; /** * @since Authlete 1.1 */ private long refreshTokenDuration; /** * @since Authlete 1.1.9 */ private long clientId; /** * @since Authlete 1.1.9 */ private String clientIdAlias; /** * @since Authlete 1.1.9 */ private boolean clientIdAliasUsed; /** * @since Authlete 2.3.0 */ private URI clientEntityId; /** * @since Authlete 2.3.0 */ private boolean clientEntityIdUsed; /** * @since Authlete 1.1 */ private String subject; /** * @since Authlete 1.1 */ private String[] scopes; /** * @since Authlete 1.1 */ private Property[] properties; /** * @since Authlete 2.0.0 */ private String jwtAccessToken; /** * @since Authlete 2.2.1 */ private URI[] accessTokenResources; /** * @since Authlete 2.2.0 */ private AuthzDetails authorizationDetails; /** * @since Authlete 2.2.3 */ private Pair[] serviceAttributes; /** * @since Authlete 2.2.3 */ private Pair[] clientAttributes; /** * @since Authlete 3.0.0 */ private String[] refreshTokenScopes; /** * Get the next action that the service implementation should take. */ public Action getAction() { return action; } /** * Set the next action that the service implementation should take. */ public void setAction(Action action) { this.action = action; } /** * Get the response content which can be used as the entity body * of the response returned to the client application. */ public String getResponseContent() { return responseContent; } /** * Set the response content which can be used as the entity body * of the response returned to the client application. */ public void setResponseContent(String responseContent) { this.responseContent = responseContent; } /** * Get the summary of this instance. */ public String summarize() { return String.format(SUMMARY_FORMAT, action, responseContent, accessToken, accessTokenExpiresAt, accessTokenDuration, refreshToken, refreshTokenExpiresAt, refreshTokenDuration, clientId, clientIdAlias, clientIdAliasUsed, subject, Utils.join(scopes, " "), Utils.stringifyProperties(properties), jwtAccessToken); } /** * Get the newly issued access token. This method returns a non-null * value only when {@link #getAction()} returns {@link Action#OK}. * *

* If the service is configured to issue JWT-based access tokens, * a JWT-based access token is issued additionally. In the case, * {@link #getJwtAccessToken()} returns the JWT-based access token. *

* * @return * The newly issued access token. * * @see #getJwtAccessToken() * * @since 1.34 */ public String getAccessToken() { return accessToken; } /** * Set the newly issued access token. * * @param accessToken * The newly issued access token. * * @since 1.34 */ public void setAccessToken(String accessToken) { this.accessToken = accessToken; } /** * Get the date in milliseconds since the Unix epoch (1970-01-01) * at which the access token will expire. * * @return * The expiration date in milliseconds since the Unix epoch * (1970-01-01) at which the access token will expire. * * @since 1.34 */ public long getAccessTokenExpiresAt() { return accessTokenExpiresAt; } /** * Set the date in milliseconds since the Unix epoch (1970-01-01) * at which the access token will expire. * * @param expiresAt * The expiration date in milliseconds since the Unix epoch * (1970-01-01) at which the access token will expire. * * @since 1.34 */ public void setAccessTokenExpiresAt(long expiresAt) { this.accessTokenExpiresAt = expiresAt; } /** * Get the duration of the access token in seconds. * * @return * Duration in seconds. * * @since 1.34 */ public long getAccessTokenDuration() { return accessTokenDuration; } /** * Set the duration of the access token in seconds. * * @param duration * Duration in seconds. * * @since 1.34 */ public void setAccessTokenDuration(long duration) { this.accessTokenDuration = duration; } /** * Get the refresh token. This method returns a non-null value only when * {@link #getAction()} returns {@link Action#OK} and the service supports * the refresh token * flow. * *

* If "Refresh Token Continuous Use" configuration parameter is NO * (= `refreshTokenKept=false`), a new refresh token is issued and the * old refresh token used in the refresh token flow is invalidated. * On the contrary, if the configuration parameter is YES, the refresh * token itself is not refreshed. *

* * @return * The refresh token. * * @since 1.34 */ public String getRefreshToken() { return refreshToken; } /** * Set the refresh token. * * @param refreshToken * The refresh token. * * @since 1.34 */ public void setRefreshToken(String refreshToken) { this.refreshToken = refreshToken; } /** * Get the date in milliseconds since the Unix epoch (1970-01-01) * at which the refresh token will expire. * * @return * The expiration date in milliseconds since the Unix epoch * (1970-01-01) at which the refresh token will expire. * If the refresh token is null, this method returns 0. * * @since 1.34 */ public long getRefreshTokenExpiresAt() { return refreshTokenExpiresAt; } /** * Set the date in milliseconds since the Unix epoch (1970-01-01) * at which the refresh token will expire. * * @param expiresAt * The expiration date in milliseconds since the Unix epoch * (1970-01-01) at which the refresh token will expire. * If the refresh token is null, this method returns 0. * * @since 1.34 */ public void setRefreshTokenExpiresAt(long expiresAt) { this.refreshTokenExpiresAt = expiresAt; } /** * Get the duration of the refresh token in seconds. * * @return * Duration in seconds. * * @since 1.34 */ public long getRefreshTokenDuration() { return refreshTokenDuration; } /** * Set the duration of the refresh token in seconds. * * @param duration * Duration in seconds. * * @since 1.34 */ public void setRefreshTokenDuration(long duration) { this.refreshTokenDuration = duration; } /** * Get the client ID. * * @since 2.8 */ public long getClientId() { return clientId; } /** * Set the client ID. * * @since 2.8 */ public void setClientId(long clientId) { this.clientId = clientId; } /** * Get the client ID alias. * *

* If the client did not have an alias, this method returns * {@code null}. *

* * @return * The client ID alias. * * @since 2.8 */ public String getClientIdAlias() { return clientIdAlias; } /** * Set the client ID alias. * * @param alias * The client ID alias. * * @since 2.8 */ public void setClientIdAlias(String alias) { this.clientIdAlias = alias; } /** * Get the flag which indicates whether the client ID alias was used * when the token request was made. * * @return * {@code true} if the client ID alias was used when the token * request was made. * * @since 2.8 */ public boolean isClientIdAliasUsed() { return clientIdAliasUsed; } /** * Set the flag which indicates whether the client ID alias was used * when the token request was made. * * @param used * {@code true} if the client ID alias was used when the token * request was made. * * @since 2.8 */ public void setClientIdAliasUsed(boolean used) { this.clientIdAliasUsed = used; } /** * Get the entity ID of the client. * *

* "Entity ID" is a technical term defined in OpenID * Federation 1.0. *

* * @return * The entity ID of the client. * * @since 3.37 * @since Authlete 2.3 * * @see OpenID Federation 1.0 */ public URI getClientEntityId() { return clientEntityId; } /** * Set the entity ID of the client. * *

* "Entity ID" is a technical term defined in OpenID * Federation 1.0. *

* * @param entityId * The entity ID of the client. * * @since 3.37 * @since Authlete 2.3 * * @see OpenID Federation 1.0 */ public void setClientEntityId(URI entityId) { this.clientEntityId = entityId; } /** * Get the flag which indicates whether the entity ID of the client was * used when the request for the access token was made. * *

* "Entity ID" is a technical term defined in OpenID * Federation 1.0. *

* * @return * {@code true} if the entity ID of the client was used when the * request for the access token was made. * * @since 3.37 * @since Authlete 2.3 * * @see OpenID Federation 1.0 */ public boolean isClientEntityIdUsed() { return clientEntityIdUsed; } /** * Set the flag which indicates whether the entity ID of the client was * used when the request for the access token was made. * *

* "Entity ID" is a technical term defined in OpenID * Federation 1.0. *

* * @param used * {@code true} to indicate that the entity ID of the client was * used when the request for the access token was made. * * @since 3.37 * @since Authlete 2.3 * * @see OpenID Federation 1.0 */ public void setClientEntityIdUsed(boolean used) { this.clientEntityIdUsed = used; } /** * Get the subject (= resource owner's ID) of the access token. * * @since 2.8 */ public String getSubject() { return subject; } /** * Set the subject (= resource owner's ID). * * @since 2.8 */ public void setSubject(String subject) { this.subject = subject; } /** * Get the scopes covered by the access token. * * @since 2.8 */ public String[] getScopes() { return scopes; } /** * Set the scopes covered by the access token. * * @since 2.8 */ public void setScopes(String[] scopes) { this.scopes = scopes; } /** * Get the extra properties associated with the access token. * This method returns {@code null} when no extra property is * associated with the issued access token. * * @return * Extra properties associated with the issued access token. * * @since 2.8 */ public Property[] getProperties() { return properties; } /** * Set the extra properties associated with the access token. * * @param properties * Extra properties. * * @since 2.8 */ public void setProperties(Property[] properties) { this.properties = properties; } /** * Get the newly issued access token in JWT format. * *

* If the authorization server is configured to issue JWT-based access * tokens (= if {@link Service#getAccessTokenSignAlg()} returns a non-null * value), a JWT-based access token is issued along with the original * random-string one. *

* *

* Regarding the detailed format of the JWT-based access token, see the * description of the {@link Service} class. *

* * @return * The newly issued access token in JWT format. If the service is * not configured to issue JWT-based access tokens, this method * always returns null. * * @see #getAccessToken() * * @since 2.37 */ public String getJwtAccessToken() { return jwtAccessToken; } /** * Set the newly issued access token in JWT format. * * @param jwtAccessToken * The newly issued access token in JWT format. * * @since 2.37 */ public void setJwtAccessToken(String jwtAccessToken) { this.jwtAccessToken = jwtAccessToken; } /** * Get the target resources of the access token. * *

* See "Resource Indicators for OAuth 2.0" for details. *

* * @return * The target resources of the access token. * * @since 2.62 */ public URI[] getAccessTokenResources() { return accessTokenResources; } /** * Set the target resources of the access token. * *

* See "Resource Indicators for OAuth 2.0" for details. *

* * @param resources * The target resources of the access token. * * @since 2.62 */ public void setAccessTokenResources(URI[] resources) { this.accessTokenResources = resources; } /** * Get the authorization details. This represents the value of the * {@code "authorization_details"} request parameter which is defined in * "OAuth 2.0 Rich Authorization Requests". * * @return * Authorization details. * * @since 2.56 */ public AuthzDetails getAuthorizationDetails() { return authorizationDetails; } /** * Set the authorization details. This represents the value of the * {@code "authorization_details"} request parameter which is defined in * "OAuth 2.0 Rich Authorization Requests". * * @param details * Authorization details. * * @since 2.56 */ public void setAuthorizationDetails(AuthzDetails details) { this.authorizationDetails = details; } /** * Get the attributes of the service that the client application belongs to. * *

* This property is available since Authlete 2.2. *

* * @return * The attributes of the service. * * @since 2.88 */ public Pair[] getServiceAttributes() { return serviceAttributes; } /** * Set the attributes of the service that the client application belongs to. * *

* This property is available since Authlete 2.2. *

* * @param attributes * The attributes of the service. * * @since 2.88 */ public void setServiceAttributes(Pair[] attributes) { this.serviceAttributes = attributes; } /** * Get the attributes of the client. * *

* This property is available since Authlete 2.2. *

* * @return * The attributes of the client. * * @since 2.88 */ public Pair[] getClientAttributes() { return clientAttributes; } /** * Set the attributes of the client. * *

* This property is available since Authlete 2.2. *

* * @param attributes * The attributes of the client. * * @since 2.88 */ public void setClientAttributes(Pair[] attributes) { this.clientAttributes = attributes; } /** * Get the scopes associated with the refresh token. * * @return * The scopes associated with the refresh token. May be {@code null}. * * @since 3.89 * @since Authlete API 3.0 */ public String[] getRefreshTokenScopes() { return refreshTokenScopes; } /** * Set the scopes associated with the refresh token. * * @param refreshTokenScopes * The scopes associated with the refresh token. * * @since 3.89 * @since Authlete API 3.0 */ public void setRefreshTokenScopes(String[] refreshTokenScopes) { this.refreshTokenScopes = refreshTokenScopes; } }




© 2015 - 2025 Weber Informatics LLC | Privacy Policy