Skip navigation links
oracle.security.idaas.rest.provider.token.mobile
Class MobileCompositeTokenServiceProvider
java.lang.Object
oracle.security.idaas.rest.provider.token.impl.CompositeTokenServiceProvider
oracle.security.idaas.rest.provider.token.mobile.MobileCompositeTokenServiceProvider
- All Implemented Interfaces:
- LifecycleServiceProvider, ServiceProvider, TokenService, UserAuthenticator
-
public abstract class MobileCompositeTokenServiceProvider
- extends oracle.security.idaas.rest.provider.token.impl.CompositeTokenServiceProvider
Composite Authentication Service Provider designed for Mobile
| Fields inherited from class oracle.security.idaas.rest.provider.token.impl.CompositeTokenServiceProvider |
authNService, clientTokenService, endPoint, providerCfg, serviceDomain, tokenService, TOKENTYPE_CLIENTREGHANDLE, TOKENTYPE_CLIENTTOKEN |
| Method Summary |
Token |
createAccessToken(SecurityContext securityCtx, SubjectID token, java.util.Map<java.lang.String,java.lang.Object> reqParams)
The createAccessToken will create Access Token with User token and/or Client Identity together with provider specific parameters (such as resource context). |
Token |
createToken(SecurityContext securityCtx, SubjectID subject, java.lang.String tokenType, java.util.Map<java.lang.String,java.lang.Object> reqParams)
The createToken will authenticate credential. |
java.util.List<Token> |
createTokens(SecurityContext securityCtx, SubjectID subject, java.util.List<java.lang.String> tokenTypes, java.util.Map<java.lang.String,java.lang.Object> reqParams)
The createTokens will authenticate credential. |
protected abstract java.lang.Class |
getComponentTokenServiceProviderClass()
Return a class that implements 3 interfaces: TokenService, LifecycleServiceProvider and UserAuthenticator This class will be used to manage tokens, which are NOT related to Mobile or Client Registration Handle. |
void |
init(ProviderConfig providerCfg)
|
protected boolean |
isSubjectClientRelated(SubjectID subjectid)
|
| Methods inherited from class oracle.security.idaas.rest.provider.token.impl.CompositeTokenServiceProvider |
authenticate, destroy, getAllTokens, getService, getToken, getTokens, terminateToken, terminateTokens, updateSessionAttributes |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
MobileCompositeTokenServiceProvider
public MobileCompositeTokenServiceProvider()
init
public void init(ProviderConfig providerCfg)
-
- Specified by:
init in interface LifecycleServiceProvider- Specified by:
init in interface UserAuthenticator- Specified by:
init in class oracle.security.idaas.rest.provider.token.impl.CompositeTokenServiceProvider
getComponentTokenServiceProviderClass
protected abstract java.lang.Class getComponentTokenServiceProviderClass()
- Return a class that implements 3 interfaces: TokenService, LifecycleServiceProvider and UserAuthenticator This class will be used to manage tokens, which are NOT related to Mobile or Client Registration Handle. For example, to create, verify, and terminate User Token and Access Token. The class should have an no-arg constructor.
-
- Returns:
- a class that implements 3 interfaces
isSubjectClientRelated
protected boolean isSubjectClientRelated(SubjectID subjectid)
-
- Specified by:
isSubjectClientRelated in class oracle.security.idaas.rest.provider.token.impl.CompositeTokenServiceProvider
createToken
public Token createToken(SecurityContext securityCtx,
SubjectID subject,
java.lang.String tokenType,
java.util.Map<java.lang.String,java.lang.Object> reqParams)
throws RESTNotFoundException,
RESTForbiddenException,
RESTUnauthorizedException,
RESTMethodNotAllowedException,
RESTBadRequestException
- Description copied from interface:
TokenService
- The createToken will authenticate credential. Upon successful credential authentication, it will create a single token of a particular token type (client registration handle, client token, or user token) accordingly.
For access token creation, please see createAccessToken method.
-
- Specified by:
createToken in interface TokenService- Overrides:
createToken in class oracle.security.idaas.rest.provider.token.impl.CompositeTokenServiceProvider
-
- Parameters:
securityCtx - defines the calling user identity (i.e. caller) who submit this request together with cient application identity that can authorize and validate this request.subject - defines the user and credential to be authenticated.tokenType - defines the TokenType the user is expecting.reqParams - defines the provider specific parameters for token creation.- Returns:
- token if authentication is done successfully.
- Throws:
RESTNotFoundExceptionRESTForbiddenExceptionRESTUnauthorizedExceptionRESTMethodNotAllowedExceptionRESTBadRequestException
createTokens
public java.util.List<Token> createTokens(SecurityContext securityCtx,
SubjectID subject,
java.util.List<java.lang.String> tokenTypes,
java.util.Map<java.lang.String,java.lang.Object> reqParams)
throws RESTNotFoundException,
RESTForbiddenException,
RESTUnauthorizedException,
RESTMethodNotAllowedException,
RESTBadRequestException
- Description copied from interface:
TokenService
- The createTokens will authenticate credential. Upon successful credential authentication, it will create muliple token of requested token types accordingly.
An example of multiple token type creation is:
["USERTOKEN", "USERTOKEN:OAMMT"]
That request two user tokens to be created. One is of "vanilla" user token, the other is of special "OAM Master Token" variant of user token.
-
- Specified by:
createTokens in interface TokenService- Overrides:
createTokens in class oracle.security.idaas.rest.provider.token.impl.CompositeTokenServiceProvider
-
- Parameters:
securityCtx - defines the calling user identity (i.e. caller) who submit this request together with cient application identity that can authorize and validate this request.subject - defines the user and credential to be authenticated.reqParams - defines the provider specific parameters for token creation.- Returns:
- list of tokens if authentication is done successfully.
- Throws:
RESTNotFoundExceptionRESTForbiddenExceptionRESTUnauthorizedExceptionRESTMethodNotAllowedExceptionRESTBadRequestException
createAccessToken
public Token createAccessToken(SecurityContext securityCtx,
SubjectID token,
java.util.Map<java.lang.String,java.lang.Object> reqParams)
throws RESTNotFoundException,
RESTForbiddenException,
RESTUnauthorizedException,
RESTMethodNotAllowedException,
RESTBadRequestException
- Description copied from interface:
TokenService
- The createAccessToken will create Access Token with User token and/or Client Identity together with provider specific parameters (such as resource context).
-
- Specified by:
createAccessToken in interface TokenService- Overrides:
createAccessToken in class oracle.security.idaas.rest.provider.token.impl.CompositeTokenServiceProvider
-
- Parameters:
securityCtx - defines the calling user identity (i.e. caller) who submit this request together with cient application identity that can authorize and validate this request.token - Subject ID that defines the (lightweight) user token.reqParams - defines the provider specific parameters for token creation.- Returns:
- accessToken if authentication is done successfully.
- Throws:
RESTNotFoundExceptionRESTForbiddenExceptionRESTUnauthorizedExceptionRESTMethodNotAllowedExceptionRESTBadRequestException
Skip navigation links