Class TokenValidationResult
- java.lang.Object
-
- com.unboundid.directory.sdk.common.types.TokenValidationResult
-
@NotExtensible public final class TokenValidationResult extends java.lang.Object
Object returned from a request to an AccessTokenValidator to validate a token. The fields of this object are derived from the IETF OAuth 2.0 Token Introspection specification (RFC7662).The decision as to whether an access token is accepted or not varies by product. For the Directory Server, Directory Proxy Server, Data Sync Server, or Data Metrics Server, different REST APIs may enforce different authorization rules, depending on their configuration; please refer to the relevant documentation. In general, a token's
active
property must be true.For the PingAuthorize Server, authorization decisions are made by the policy engine. All properties of the TokenValidationResult may be accessed by policies; however, the default policy may only examine a subset of those properties (e.g. especially the
active
property).
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
TokenValidationResult.Builder
A Builder for TokenValidationResult.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
equals(java.lang.Object other)
java.lang.String
getAccessToken()
Get the actual access token as issued by the authorization server.java.lang.Boolean
getActive()
Get whether the token is active.java.util.Map<java.lang.String,java.lang.Object>
getAdditionalProperties()
Get any extension properties associated with the token.java.util.Set<java.lang.String>
getAudience()
Get the token's intended audience(s).java.lang.String
getClientId()
Get the OAuth2 client Id of the client that requested the token.java.lang.Long
getExpirationTime()
Get the token expiration time in seconds since January 1 1970 UTC.java.lang.Long
getIssuedAt()
Get the token issue time in seconds since January 1 1970 UTC.java.lang.Long
getNotUsedBefore()
Get the not used before time in seconds since January 1 1070 UTC.java.util.Set<java.lang.String>
getScope()
Get the scopes granted to this token.java.lang.String
getTokenIdentifier()
Get the unique identifier for this token.java.lang.String
getTokenSubject()
Get the token subject as defined in JWT [RFC7519].java.lang.String
getTokenType()
Get the token type.java.lang.String
getUsername()
Get a human-readable user name for the resource owner that authorized the token.int
hashCode()
-
-
-
Method Detail
-
getAccessToken
public java.lang.String getAccessToken()
Get the actual access token as issued by the authorization server.- Returns:
- the access token. May be null.
-
getActive
public java.lang.Boolean getActive()
Get whether the token is active. Per RFC 7662, a value of true for this property indicates that the given token was issued by the Token Validator's associated authorization server, has not been revoked by the resource owner, and is within its given time window of validity (e.g. after its issuance time and before its expiration time).- Returns:
- the active state.
-
getScope
public java.util.Set<java.lang.String> getScope()
Get the scopes granted to this token.- Returns:
- set of scope names.
-
getClientId
public java.lang.String getClientId()
Get the OAuth2 client Id of the client that requested the token.- Returns:
- client Id string.
-
getUsername
public java.lang.String getUsername()
Get a human-readable user name for the resource owner that authorized the token.- Returns:
- user name string.
-
getTokenType
public java.lang.String getTokenType()
Get the token type. The type of the token is defined in section 5.1 of OAuth 2.0 [RFC6749].- Returns:
- token type string.
-
getExpirationTime
public java.lang.Long getExpirationTime()
Get the token expiration time in seconds since January 1 1970 UTC.- Returns:
- expiration time in seconds.
-
getIssuedAt
public java.lang.Long getIssuedAt()
Get the token issue time in seconds since January 1 1970 UTC.- Returns:
- token issue time in seconds.
-
getNotUsedBefore
public java.lang.Long getNotUsedBefore()
Get the not used before time in seconds since January 1 1070 UTC.- Returns:
- not used before time in seconds.
-
getTokenSubject
public java.lang.String getTokenSubject()
Get the token subject as defined in JWT [RFC7519]. This value should contain the subject ID as known to the external authorization server rather than the local server.- Returns:
- token subject string.
-
getAudience
public java.util.Set<java.lang.String> getAudience()
Get the token's intended audience(s). The audience is a Service-specific identifier representing the intended audience(s) for this token, as defined in JWT [RFC7519].- Returns:
- token audience.
-
getTokenIdentifier
public java.lang.String getTokenIdentifier()
Get the unique identifier for this token. as defined in section 4.1.7 of JWT [RFC7519].- Returns:
- token unique identifier string.
-
getAdditionalProperties
public java.util.Map<java.lang.String,java.lang.Object> getAdditionalProperties()
Get any extension properties associated with the token.- Returns:
- Map of property names to values.
-
equals
public boolean equals(java.lang.Object other)
- Overrides:
equals
in classjava.lang.Object
-
hashCode
public int hashCode()
- Overrides:
hashCode
in classjava.lang.Object
-
-