Package com.janeirodigital.sai.authentication

Class ClientCredentialsSession

java.lang.Object

com.janeirodigital.sai.authentication.ClientCredentialsSession

All Implemented Interfaces:

AuthorizedSession, Serializable

public class ClientCredentialsSession
extends Object
implements AuthorizedSession

Implementation of AuthorizedSession for a Client Credentials authorization flow

See Also:

• Serialized Form

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	ClientCredentialsSession.Builder	Builder for ClientCredentialsSession instances.

Method Summary

Modifier and Type	Method	Description
RefreshToken	getRefreshToken()	The client credentials flows don't require refresh tokens
protected static AccessToken	obtainToken(String clientIdentifier, String clientSecret, URI oidcTokenEndpoint, com.nimbusds.oauth2.sdk.Scope scope)	POSTs a token request to the token endpoint of the oidcProvider using the provided clientIdentifier and clientSecret to authenticate and request the provided scope.
void	refresh()	"Refreshes" the session via another client credentials token request.
Map<String,String>	toHttpHeaders(com.janeirodigital.sai.httputils.HttpMethod method, URI uri)	Generates a map of HTTP Authorization headers that can be use to make authorized requests using the session.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.janeirodigital.sai.authentication.AuthorizedSession

getAccessToken, getApplicationId, getId, getOidcProviderId, getSocialAgentId

Method Details

toHttpHeaders

public Map<String,String> toHttpHeaders(com.janeirodigital.sai.httputils.HttpMethod method,
 URI uri)

Generates a map of HTTP Authorization headers that can be use to make authorized requests using the session. Client credentials uses a Bearer token in a single authorization header.

Specified by:

toHttpHeaders in interface AuthorizedSession

Parameters:

method - not needed - can be null for client credentials

uri - not needed - can be null for client credentials

Returns:

Map of HTTP Authorization headers

refresh

public void refresh()
             throws SaiAuthenticationException

"Refreshes" the session via another client credentials token request. A client credentials flow doesn't require refresh tokens.

Specified by:

refresh in interface AuthorizedSession

Throws:

SaiAuthenticationException

getRefreshToken

public RefreshToken getRefreshToken()

The client credentials flows don't require refresh tokens

Specified by:

getRefreshToken in interface AuthorizedSession

Returns:

null

obtainToken

protected static AccessToken obtainToken(String clientIdentifier,
 String clientSecret,
 URI oidcTokenEndpoint,
 com.nimbusds.oauth2.sdk.Scope scope)
                                  throws SaiAuthenticationException

POSTs a token request to the token endpoint of the oidcProvider using the provided clientIdentifier and clientSecret to authenticate and request the provided scope. Used for both initial token request and refresh (since the client credentials flow doesn't require refresh tokens).

Parameters:

clientIdentifier - client identifier that has been registered with the oidc provider

clientSecret - client secret that has been registered with the oidc provider for the clientIdentifier

oidcTokenEndpoint - token endpoint of the oidc provider

scope - scope of access being requested

Returns:

AccessToken

Throws:

SaiAuthenticationException