org.forgerock.http.oauth2 (Wren Security Commons HTTP - OAuth 2.0 Resource Server Support 23.0.0-SNAPSHOT Documentation)

package org.forgerock.http.oauth2

This package provides APIs for OAuth 2.0 services implementations.

Included in the package is an OAuth 2.0 token validation filter that acts as an OAuth 2 Resource Server.

It ensures that there is an existing bearer access token in the request's headers.
It resolves the token against an Authorization Server (using a AccessTokenResolver implementation).
It performs the token validation: checking expiration time and required scopes compliance.

Related Packages

Package

Description

org.forgerock.http.oauth2.resolver

This package defines OpenAM specific logic needed to retrieve an AccessTokenInfo.
Class

Description

AccessTokenException

Represents an exception whilst retrieving an OAuth2 access token.

AccessTokenInfo

Represents an OAuth2 Access Token.

AccessTokenResolver

Resolves a given token against a dedicated OAuth2 Identity Provider (OpenAM, Google, Facebook, ...).

OAuth2

OAuth2 utility class.

OAuth2Context

An OAuth2Context could be used to store and retrieve an AccessTokenInfo.

OAuth2Error

Describes an error which occurred during an OAuth 2.0 authorization request or when performing an authorized request.

ResourceAccess

A ResourceAccess encapsulates the logic of required scope selection.

ResourceServerFilter

Validates a Request that contains an OAuth 2.0 access token.