• Home
• org.eclipse.edc
• identity-trust-spi
• 0.9.0
• source code
• SecureTokenService.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.eclipse.edc.iam.identitytrust.spi.SecureTokenService Maven / Gradle / Ivy

/*
 *  Copyright (c) 2023 Bayerische Motoren Werke Aktiengesellschaft (BMW AG)
 *
 *  This program and the accompanying materials are made available under the
 *  terms of the Apache License, Version 2.0 which is available at
 *  https://www.apache.org/licenses/LICENSE-2.0
 *
 *  SPDX-License-Identifier: Apache-2.0
 *
 *  Contributors:
 *       Bayerische Motoren Werke Aktiengesellschaft (BMW AG) - initial API and implementation
 *
 */

package org.eclipse.edc.iam.identitytrust.spi;

import org.eclipse.edc.spi.iam.TokenRepresentation;
import org.eclipse.edc.spi.result.Result;
import org.jetbrains.annotations.Nullable;

import java.util.Map;

/**
 * A {@link SecureTokenService} is used to create self-signed ID tokens, that can contain a set of claims, and optionally, a
 * {@code bearerAccessScope}.
 */
public interface SecureTokenService {

    /**
     * Generates the self-signed ID token.
     *
     * @param claims            a set of claims, that are to be included in the SI token. MUST include {@code iss}, {@code sub} and {@code aud}.
     * @param bearerAccessScope if non-null, must be a space-separated list of scopes as per DCP specification
     *                          if bearerAccessScope != null -> creates a {@code token} claim, which is another JWT containing the scope as claims.
     *                          if bearerAccessScope == null -> creates a normal JWT using all the claims in the map
     */
    Result createToken(Map claims, @Nullable String bearerAccessScope);

}