Package com.unboundid.directory.sdk.common.types

Class TokenValidationResult

java.lang.Object

com.unboundid.directory.sdk.common.types.TokenValidationResult

@NotExtensible
public final class TokenValidationResult
extends java.lang.Object

Object returned from a request to an AccessTokenValidator to validate a token. The fields of this object are derived from the IETF OAuth 2.0 Token Introspection specification (RFC7662).

The decision as to whether an access token is accepted or not varies by product. For the Directory Server, Directory Proxy Server, Data Sync Server, or Data Metrics Server, different REST APIs may enforce different authorization rules, depending on their configuration; please refer to the relevant documentation. In general, a token's active property must be true.

For the PingAuthorize Server, authorization decisions are made by the policy engine. All properties of the TokenValidationResult may be accessed by policies; however, the default policy may only examine a subset of those properties (e.g. especially the active property).

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	TokenValidationResult.Builder	A Builder for TokenValidationResult.

Method Summary

Modifier and Type	Method	Description
boolean	equals(java.lang.Object other)
java.lang.String	getAccessToken()	Get the actual access token as issued by the authorization server.
java.lang.Boolean	getActive()	Get whether the token is active.
java.util.Map<java.lang.String,java.lang.Object>	getAdditionalProperties()	Get any extension properties associated with the token.
java.util.Set<java.lang.String>	getAudience()	Get the token's intended audience(s).
java.lang.String	getClientId()	Get the OAuth2 client Id of the client that requested the token.
java.lang.Long	getExpirationTime()	Get the token expiration time in seconds since January 1 1970 UTC.
java.lang.Long	getIssuedAt()	Get the token issue time in seconds since January 1 1970 UTC.
java.lang.Long	getNotUsedBefore()	Get the not used before time in seconds since January 1 1070 UTC.
java.util.Set<java.lang.String>	getScope()	Get the scopes granted to this token.
java.lang.String	getTokenIdentifier()	Get the unique identifier for this token.
java.lang.String	getTokenSubject()	Get the token subject as defined in JWT [RFC7519].
java.lang.String	getTokenType()	Get the token type.
java.lang.String	getUsername()	Get a human-readable user name for the resource owner that authorized the token.
int	hashCode()

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Method Detail

getAccessToken

public java.lang.String getAccessToken()

Get the actual access token as issued by the authorization server.

Returns:

the access token. May be null.

getActive

public java.lang.Boolean getActive()

Get whether the token is active. Per RFC 7662, a value of true for this property indicates that the given token was issued by the Token Validator's associated authorization server, has not been revoked by the resource owner, and is within its given time window of validity (e.g. after its issuance time and before its expiration time).

Returns:

the active state.

getScope

public java.util.Set<java.lang.String> getScope()

Get the scopes granted to this token.

Returns:

set of scope names.

getClientId

public java.lang.String getClientId()

Get the OAuth2 client Id of the client that requested the token.

Returns:

client Id string.

getUsername

public java.lang.String getUsername()

Get a human-readable user name for the resource owner that authorized the token.

Returns:

user name string.

getTokenType

public java.lang.String getTokenType()

Get the token type. The type of the token is defined in section 5.1 of OAuth 2.0 [RFC6749].

Returns:

token type string.

getExpirationTime

public java.lang.Long getExpirationTime()

Get the token expiration time in seconds since January 1 1970 UTC.

Returns:

expiration time in seconds.

getIssuedAt

public java.lang.Long getIssuedAt()

Get the token issue time in seconds since January 1 1970 UTC.

Returns:

token issue time in seconds.

getNotUsedBefore

public java.lang.Long getNotUsedBefore()

Get the not used before time in seconds since January 1 1070 UTC.

Returns:

not used before time in seconds.

getTokenSubject

public java.lang.String getTokenSubject()

Get the token subject as defined in JWT [RFC7519]. This value should contain the subject ID as known to the external authorization server rather than the local server.

Returns:

token subject string.

getAudience

public java.util.Set<java.lang.String> getAudience()

Get the token's intended audience(s). The audience is a Service-specific identifier representing the intended audience(s) for this token, as defined in JWT [RFC7519].

Returns:

token audience.

getTokenIdentifier

public java.lang.String getTokenIdentifier()

Get the unique identifier for this token. as defined in section 4.1.7 of JWT [RFC7519].

Returns:

token unique identifier string.

getAdditionalProperties

public java.util.Map<java.lang.String,java.lang.Object> getAdditionalProperties()

Get any extension properties associated with the token.

Returns:

Map of property names to values.

equals

public boolean equals(java.lang.Object other)

Overrides:

equals in class java.lang.Object

hashCode

public int hashCode()

Overrides:

hashCode in class java.lang.Object