Class OA2MPService

  • public class OA2MPService
    extends OA4MPService

    Created by Jeff Gaynor
    on 2/21/14 at 2:50 PM

    • Method Detail

      • getRequestedScopes

        public String getRequestedScopes()
        Override this if you need to request custom scopes (i.e. those not in the basic OA4MP specification) for a server. This returns a blank delimited list of scopes, e.g. "openid email profile". Note that if you override this method, and the server id OIDC, then the openid scope must always be included or the server will refuse to service the request. The basic operation is to take the basic scopes for the OA4MP OIDC spec and add any that are specified in the configuration file in the "scopes" element.
      • refresh

        public RTResponse refresh​(String identifier)
        This will take the identifier and make the necessary calls to the service to update the refresh token and access token. This returns the asset or null if no such asset exists.
        identifier -
      • getCert

        public OA2Asset getCert​(String id)
        Note that this requires the identifier, not a token.
        id -
      • exchangeRefreshToken

        public net.sf.json.JSONObject exchangeRefreshToken​(OA2Asset asset,
                                                           TokenImpl subjectToken,
                                                           Map additionalParameters,
                                                           boolean getAT,
                                                           boolean subjectTokenIsAT)
        Use this to either just get a new refresh token (getAT = false) or to use the refresh token to get a new access token (most usual case).
        asset -
        subjectToken -
        additionalParameters -
        getAT -
      • exchangeAccessToken

        public net.sf.json.JSONObject exchangeAccessToken​(OA2Asset asset,
                                                          AccessToken accessToken,
                                                          Map<String,​String> additionalParams)
        Use the access token to get another access token. This is certainly a supported case, but not a usual one. Mostly you use a refresh token to get another access token.
        asset -
        accessToken -
        additionalParams -
      • exchangeIt

        protected net.sf.json.JSONObject exchangeIt​(OA2Asset asset,
                                                    Map<String,​String> additionalParameters)
        Actual workhorse. Takes the token and the type then does the exchange.
        asset -
        additionalParameters -
      • getServiceClient

        public getServiceClient()
      • updateExchangedAsset

        protected void updateExchangedAsset​(OA2Asset asset,
                                            net.sf.json.JSONObject claims)
      • revoke

        public boolean revoke​(OA2Asset dummyAsset,
                              boolean revokeRT)
      • introspect

        public net.sf.json.JSONObject introspect​(OA2Asset asset,
                                                 boolean doRT)