Package org.alfresco.repo.security.authentication.identityservice

Interface IdentityServiceFacade

public interface IdentityServiceFacade

Allows to interact with the Identity Service

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static interface	IdentityServiceFacade.AccessToken
static interface	IdentityServiceFacade.AccessTokenAuthorization	Represents access token authorization with optional refresh token.
static class	IdentityServiceFacade.AuthorizationException
static class	IdentityServiceFacade.AuthorizationGrant
static interface	IdentityServiceFacade.DecodedAccessToken
static class	IdentityServiceFacade.IdentityServiceFacadeException
static class	IdentityServiceFacade.TokenDecodingException
static class	IdentityServiceFacade.UserInfoException

Method Summary

Modifier and Type	Method	Description
IdentityServiceFacade.AccessTokenAuthorization	authorize(IdentityServiceFacade.AuthorizationGrant grant)	Returns IdentityServiceFacade.AccessToken based authorization for provided IdentityServiceFacade.AuthorizationGrant.
IdentityServiceFacade.DecodedAccessToken	decodeToken(String token)	Decodes the access token into the IdentityServiceFacade.DecodedAccessToken which contains claims connected with a given token.
org.springframework.security.oauth2.client.registration.ClientRegistration	getClientRegistration()	Gets a client registration
Optional<OIDCUserInfo>	getUserInfo(String token, String principalAttribute)	Gets claims about the authenticated user, such as name and email address, via the UserInfo endpoint of the OpenID provider.

Method Details

authorize

IdentityServiceFacade.AccessTokenAuthorization authorize(IdentityServiceFacade.AuthorizationGrant grant)
                                                  throws IdentityServiceFacade.AuthorizationException

Returns IdentityServiceFacade.AccessToken based authorization for provided IdentityServiceFacade.AuthorizationGrant.

Parameters:

grant - the OAuth2 grant provided by the Resource Owner.

Returns:

IdentityServiceFacade.AccessTokenAuthorization containing access token and optional refresh token.

Throws:

IdentityServiceFacade.AuthorizationException

decodeToken

IdentityServiceFacade.DecodedAccessToken decodeToken(String token)
                                              throws IdentityServiceFacade.TokenDecodingException

Decodes the access token into the IdentityServiceFacade.DecodedAccessToken which contains claims connected with a given token.

Parameters:

token - String with encoded access token value.

Returns:

IdentityServiceFacade.DecodedAccessToken containing decoded claims.

Throws:

IdentityServiceFacade.TokenDecodingException

getUserInfo

Optional<OIDCUserInfo> getUserInfo(String token,
 String principalAttribute)

Gets claims about the authenticated user, such as name and email address, via the UserInfo endpoint of the OpenID provider.

Parameters:

token - String with encoded access token value.

principalAttribute - String the attribute name used to access the user's name from the user info response.

Returns:

OIDCUserInfo containing user claims.

getClientRegistration

org.springframework.security.oauth2.client.registration.ClientRegistration getClientRegistration()

Gets a client registration