com.authlete.common.dto

Class TokenCreateRequest

java.lang.Object

com.authlete.common.dto.TokenCreateRequest

All Implemented Interfaces:

Serializable

public class TokenCreateRequest
extends Object
implements Serializable

Request to Authlete's /auth/token/create API.

The API is used to create an arbitrary access token in a special way that is different from standard grant flows.

grantType (REQUIRED)

The grant type for a newly created access token. One of the following. REFRESH_TOKEN is not allowed.

1. AUTHORIZATION_CODE
2. IMPLICIT
3. PASSWORD
4. CLIENT_CREDENTIALS

When grantType is either IMPLICIT or CLIENT_CREDENTIALS, a refresh token is not issued.

clientId (REQUIRED)

The ID of the client application which will be associated with a newly created access token.

subject (CONDITIONALLY REQUIRED)

The subject (= unique identifier) of the user who will be associated with a newly created access token. This parameter is required unless the grant type is CLIENT_CREDENTIALS. The value must consist of only ASCII characters and its length must not exceed 100.

scopes (OPTIONAL)

The scopes which will be associated with a newly created access token. Scopes that are not supported by the service cannot be specified and requesting them will cause an error.

accessTokenDuration (OPTIONAL)

The duration of a newly created access token in seconds. If the value is 0, the duration is determined according to the settings of the service.

refreshTokenDuration (OPTIONAL)

The duration of a newly created refresh token in seconds. If the value is 0, the duration is determined according to the settings of the service.

A refresh token is not created (1) if the service does not support REFRESH_TOKEN, or (2) if the specified grant type is either IMPLICIT or CLIENT_CREDENTIALS.

properties (OPTIONAL)

Extra properties to associate with a newly created access token. Note that properties parameter is accepted only when Content-Type of the request is application/json, so don't use application/x-www-form-urlencoded if you want to specify properties

Since:

1.13

Author:

Takahiko Kawasaki

See Also:

TokenCreateResponse, Serialized Form

Constructor Summary

Constructors

Constructor and Description
TokenCreateRequest()

Method Summary

Modifier and Type	Method and Description
long	getAccessTokenDuration() Get the duration of a newly created access token in seconds.
long	getClientId() Get the client ID that will be associated with a newly created access token.
GrantType	getGrantType() Get the grant type for a newly created access token.
Property[]	getProperties() Get the extra properties to associate with an access token which will be issued by this request.
long	getRefreshTokenDuration() Get the duration of a newly created refresh token in seconds.
String[]	getScopes() Get the scopes that will be associated with a newly created access token.
String	getSubject() Get the subject (= unique identifier) of the user who will be associated with a newly created access token.
TokenCreateRequest	setAccessTokenDuration(long accessTokenDuration) Set the duration of a newly created access token in seconds.
TokenCreateRequest	setClientId(long clientId) Set the client ID that will be associated with a newly created access token.
TokenCreateRequest	setGrantType(GrantType grantType) Set the grant type for a newly created access token.
TokenCreateRequest	setProperties(Property[] properties) Set extra properties to associate with an access token which will be issued by this request.
TokenCreateRequest	setRefreshTokenDuration(long refreshTokenDuration) Set the duration of a newly created refresh token in seconds.
TokenCreateRequest	setScopes(String[] scopes) Set the scopes that will be associated with a newly created access token.
TokenCreateRequest	setSubject(String subject) Set the subject (= unique identifier) of the user who will be associated with a newly created access token.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

TokenCreateRequest

public TokenCreateRequest()

Method Detail

getGrantType

public GrantType getGrantType()

Get the grant type for a newly created access token.

Returns:

Grant type.

setGrantType

public TokenCreateRequest setGrantType(GrantType grantType)

Set the grant type for a newly created access token.

Parameters:

grantType - Grant type.

Returns:

this object.

getClientId

public long getClientId()

Get the client ID that will be associated with a newly created access token.

Returns:

Client ID.

setClientId

public TokenCreateRequest setClientId(long clientId)

Set the client ID that will be associated with a newly created access token.

Parameters:

clientId - Client ID.

Returns:

this object.

getSubject

public String getSubject()

Get the subject (= unique identifier) of the user who will be associated with a newly created access token.

Returns:

The subject of the user.

setSubject

public TokenCreateRequest setSubject(String subject)

Set the subject (= unique identifier) of the user who will be associated with a newly created access token.

Parameters:

subject - The subject of the user.

Returns:

this object.

getScopes

public String[] getScopes()

Get the scopes that will be associated with a newly created access token.

Returns:

Scopes.

setScopes

public TokenCreateRequest setScopes(String[] scopes)

Set the scopes that will be associated with a newly created access token.

Parameters:

scopes - Scopes.

Returns:

this object.

getAccessTokenDuration

public long getAccessTokenDuration()

Get the duration of a newly created access token in seconds. 0 means that the duration will be determined according to the settings of the service.

Returns:

The duration of a newly created access token.

setAccessTokenDuration

public TokenCreateRequest setAccessTokenDuration(long accessTokenDuration)

Set the duration of a newly created access token in seconds. 0 means that the duration will be determined according to the settings of the service.

Parameters:

accessTokenDuration - The duration of a newly created access token.

Returns:

this object.

getRefreshTokenDuration

public long getRefreshTokenDuration()

Get the duration of a newly created refresh token in seconds. 0 means that the duration will be determined according to the settings of the service.

Returns:

The duration of a newly created refresh token.

setRefreshTokenDuration

public TokenCreateRequest setRefreshTokenDuration(long refreshTokenDuration)

Set the duration of a newly created refresh token in seconds. 0 means that the duration will be determined according to the settings of the service.

Parameters:

refreshTokenDuration - The duration of a newly created refresh token.

Returns:

this object.

getProperties

public Property[] getProperties()

Get the extra properties to associate with an access token which will be issued by this request.

Returns:

Extra properties.

Since:

1.30

setProperties

public TokenCreateRequest setProperties(Property[] properties)

Set extra properties to associate with an access token which will be issued by this request.

Keys of extra properties will be used as labels of top-level entries in a JSON response containing an access token which is returned from an authorization server. An example is example_parameter, which you can find in 5.1. Successful Response in RFC 6749. The following code snippet is an example to set one extra property having example_parameter as its key and example_value as its value.

 Property[] properties = { new Property("example_parameter", "example_value") };
 request.setProperties(properties);
 

Keys listed below should not be used and they would be ignored on the server side even if they were used. It's because they are reserved in RFC 6749 and OpenID Connect Core 1.0.

• access_token
• token_type
• expires_in
• refresh_token
• scope
• error
• error_description
• error_uri
• id_token

Note that there is an upper limit on the total size of extra properties. On the server side, the properties will be (1) converted to JSON, (2) encrypted by AES/CBC/PKCS5Padding, (3) encoded by base64url, and then stored into the database. The length of the resultant string must not exceed 65,535 in bytes. This is the upper limit, but we think it is big enough.

Parameters:

properties - Extra properties.

Returns:

this object.

Since:

1.30