com.ibm.mfp.server.security.external.resource

Class TokenIntrospectionData

java.lang.Object

com.ibm.mfp.server.security.external.resource.TokenIntrospectionData

public class TokenIntrospectionData
extends java.lang.Object

Following spec: https://tools.ietf.org/html/draft-ietf-oauth-introspection-11#section-2.2 OAuth 2.0 Token Introspection - Introspection Response
The data includes additional fields that are not included in the spec, such as the application and the device of the client.

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	ANONYMOUS_USER
static TokenIntrospectionData	INACTIVE_TOKEN

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	TokenIntrospectionData() Constructor reserved for internal use only.
	TokenIntrospectionData(java.lang.String clientId, java.lang.String scope, long expiration, ApplicationKey application, DeviceData device, AuthenticatedUser user, java.util.Map checksCustomData) Constructor reserved for internal use only.

Method Summary

Methods

Modifier and Type	Method and Description
ApplicationKey	getApplication() Gets the application of the client that requested the token.
java.util.Map	getChecksCustomData() Gets the custom introspection data provided by the security checks.
java.lang.String	getClientId() Gets the client identifier for the client that requested the token.
DeviceData	getDevice() Gets the device of the client that requested the token.
long	getExpiration() Gets the expiration time of this token measured in the number of seconds since January 1 1970 UTC.
java.lang.String	getScope() Gets the scope associated with this token.
AuthenticatedUser	getUser() Gets the authenticated user associated with this token.
java.lang.String	getUsername() Gets the identifier for the authenticated user associated with this token.
boolean	isActive() Return true if the token is active.
boolean	isScopeCovered(java.lang.String requiredScope) Checks whether the scope associated with the token covers the given required scope.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

INACTIVE_TOKEN

public static final TokenIntrospectionData INACTIVE_TOKEN

ANONYMOUS_USER

public static final java.lang.String ANONYMOUS_USER

See Also:

Constant Field Values

Constructor Detail

TokenIntrospectionData

protected TokenIntrospectionData()

Constructor reserved for internal use only.

TokenIntrospectionData

public TokenIntrospectionData(java.lang.String clientId,
                      java.lang.String scope,
                      long expiration,
                      ApplicationKey application,
                      DeviceData device,
                      AuthenticatedUser user,
                      java.util.Map checksCustomData)

Constructor reserved for internal use only.

Method Detail

isActive

public boolean isActive()

Return true if the token is active. False otherwise.

Returns:

true if the token is active. False otherwise.

getScope

public java.lang.String getScope()

Gets the scope associated with this token.

Returns:

the scope associated with this token

getClientId

public java.lang.String getClientId()

Gets the client identifier for the client that requested the token.

Returns:

the client identifier for the client that requested the token

getUsername

public java.lang.String getUsername()

Gets the identifier for the authenticated user associated with this token.

Returns:

the identifier for the authenticated user

getExpiration

public long getExpiration()

Gets the expiration time of this token measured in the number of seconds since January 1 1970 UTC.

Returns:

the expiration time of this token

getApplication

public ApplicationKey getApplication()

Gets the application of the client that requested the token.

Returns:

the application of the client that requested the token.

getDevice

public DeviceData getDevice()

Gets the device of the client that requested the token.

Returns:

the device of the client that requested the token.

getUser

public AuthenticatedUser getUser()

Gets the authenticated user associated with this token.
If none of the security checks has set an active user the method returns null.

Returns:

the authenticated user associated with this token; null if no active user

getChecksCustomData

public java.util.Map getChecksCustomData()

Gets the custom introspection data provided by the security checks.
The data is provided as a map between the name of the security check and the custom introspection data it provided. The map includes only security checks that provided a non-empty custom introspection data.

Returns:

custom introspection data provided by the security checks

isScopeCovered

public boolean isScopeCovered(java.lang.String requiredScope)

Checks whether the scope associated with the token covers the given required scope.
The scope is covered if all scope elements of the required scope are included in the scope associated with this token.

Parameters:

requiredScope - the scope that should be covered

Returns:

true if the given required scope is covered by this token, false otherwise.