Package org.oa4mp.client.loader

Class OA2MPService

  • public class OA2MPService
extends OA4MPService

    Created by Jeff Gaynor
    on 2/21/14 at 2:50 PM

    • Method Detail

      • getRequestedScopes

        public String getRequestedScopes()
        Override this if you need to request custom scopes (i.e. those not in the basic OA4MP specification) for a server. This returns a blank delimited list of scopes, e.g. "openid email profile". Note that if you override this method, and the server id OIDC, then the openid scope must always be included or the server will refuse to service the request. The basic operation is to take the basic scopes for the OA4MP OIDC spec and add any that are specified in the configuration file in the "scopes" element.
        Returns:

      • refresh

        public RTResponse refresh​(String identifier)
        This will take the identifier and make the necessary calls to the service to update the refresh token and access token. This returns the asset or null if no such asset exists.
        Parameters:
        identifier -

      • getCert

        public OA2Asset getCert​(String id)
        Note that this requires the identifier, not a token.
        Parameters:
        id -
        Returns:

      • exchangeRefreshToken

        public net.sf.json.JSONObject exchangeRefreshToken​(OA2Asset asset,
                                                   TokenImpl subjectToken,
                                                   Map additionalParameters,
                                                   int requestedTokenType,
                                                   String subjectType,
                                                   boolean isErsatz)
        Use this to either just get a new refresh token (getAT = false) or to use the refresh token to get a new access token (most usual case).
        Parameters:
        asset -
        subjectToken -
        additionalParameters -
        requestedTokenType -
        Returns:

      • exchangeIt

        protected net.sf.json.JSONObject exchangeIt​(OA2Asset asset,
                                            Map<String,​String> additionalParameters,
                                            boolean isErsatz)
        Actual workhorse. Takes the token and the type then does the exchange. This updates the asset and returns then entire response fromm the server.
        Parameters:
        asset -
        additionalParameters -
        Returns:

      • getServiceClient

        public edu.uiuc.ncsa.security.servlet.ServiceClient getServiceClient()

      • getRFC8623ServiceClient

        public edu.uiuc.ncsa.security.servlet.ServiceClient getRFC8623ServiceClient()

      • updateExchangedAsset

        protected void updateExchangedAsset​(OA2Asset asset,
                                    net.sf.json.JSONObject claims)

      • figureOutToken

        protected TokenImpl figureOutToken​(String rawToken,
                                   boolean isRT)
        Note that NO verification is done for this! It will take a raw string and a flag and return a token (access or refresh)
        Parameters:
        rawToken -
        isRT -
        Returns:

      • OLDupdateExchangedAsset

        protected void OLDupdateExchangedAsset​(OA2Asset asset,
                                       net.sf.json.JSONObject claims)

      • revoke

        public boolean revoke​(OA2Asset dummyAsset,
                      boolean revokeRT)

      • introspect

        public net.sf.json.JSONObject introspect​(OA2Asset asset,
                                         boolean doRT)

      • rfc6749_4_4

        public net.sf.json.JSONObject rfc6749_4_4​(OA2Asset asset,
                                          Map parameters,
                                          boolean useRFC7523)

      • rfc7523

        public net.sf.json.JSONObject rfc7523​(OA2Asset asset,
                                      Map parameters)