All Classes and Interfaces
Class
Description
Base class for the access token, refresh token and authorization code.
Access token (as well as any access token type-specific attributes) MUST be
kept confidential in transit and storage, and only shared among the
authorization server, the resource servers the access token is valid for, and
the client to whom the access token is issued.
An utilitarian class for developers writing Agama Consent flows
Provides operations with authentication filters
Brute Force authentication protection service implementation
Authentication service methods
Authenticator component
The authorization challenge endpoint is a new endpoint defined by "OAuth 2.0 for First-Party Native Applications"
specification which the native application uses to obtain an authorization code.
The authorization code is obtained by using an authorization server as an
intermediary between the client and resource owner.
The authorization code is obtained by using an authorization server as an
intermediary between the client and resource owner.
Base class for all the types of authorization grant.
Component to hold in memory authorization grant objects.
An authorization grant is a credential representing the resource owner's
authorization (to access its protected resources) used by the client to
obtain an access token.
Validates the parameters received for the authorize web service.
Provides interface for request authorization through REST web services.
Implementation for request authorization through REST web services.
Implementation for request backchannel authorization through REST web services.
Implementation for request backchannel device registration through REST web services.
Allows to encrypt/decrypt strings using a pre-configured key from oxCore.
An extension grant with the grant type value: urn:openid:params:grant-type:ciba
Object class used to save information of every CIBA request.
Class used to keep all data about a CIBA request that should be processed and saved in Cache.
Service used to access to the database for CibaRequest ObjectClass.
Job responsible to process all expired CIBA requests and update their status.
The client credentials (or other forms of client authentication) can be used
as an authorization grant when the authorization scope is limited to the
protected resources under the control of the client, or to protected
resources previously arranged with the authorization server.
Validates the parameters received for the client info web service.
Provides interface for Client Info REST web services
Provides interface for Client Info REST web services
Provides operations with clients.
Constants
CORS Filter to support both Tomcat and Jetty
Crypto Provider
Custom i18n resource loader
Operations with custom scripts
Action used to process all requests related to device authorization.
Class used to keep all data about an OAuth2 Device Flow request.
Provides interface to process OAuth2 Device Flow.
Implementation for device authorization rest service.
Service used to process data related to device code grant type.
Contains a list of values of status for OAuth2 Device Flow requests.
An extension grant with the grant type value: urn:ietf:params:oauth:grant-type:device_code
Holds object required in dynamic scope custom scripts
Helper service to generate either error response or local error based on application settings
Provides factory methods needed to create external application session extension
Provides factory methods needed to create external authenticator
Authorization Challenge service responsible for external script interaction.
Authz Detail custom script service.
Client Authentication service responsible for external script interaction.
Provides factory methods needed to create external dynamic client registration extension
Provides factory methods needed to create dynamic scope extension
Holds object required in custom scripts
Provides factory methods needed to create external UMA authorization policies extension
Created by eugeniuparvan on 8/29/17.
Created by eugeniuparvan on 8/29/17.
Handle (or artifact) a reference to some internal data structure within the
authorization server, the internal data structure contains the attributes of
the token, such as user id, scope, etc.
Health check controller
Created by eugeniuparvan on 5/15/17.
Created by eugeniuparvan on 5/15/17.
Deprecated.
Provides operations with http/https requests
JSON Web Token (JWT) is a compact token format intended for space constrained
environments such as HTTP Authorization headers and URI query parameters.
The implicit grant is a simplified authorization code flow optimized for
clients implemented in a browser using a scripting language such as
JavaScript.
Wrapper to call internal authentication method
Inum ID generator.
Indicates that current session should be invalidated
Runtime exception to stop code execution if something is not right
Created by eugeniuparvan on 8/5/16.
Provides interface for JWK REST web services
Provides interface for JWK REST web services
Provides service methods methods with LDAP configuration
Logger service
Store and retrieve metric
Implementation based on https://datatracker.ietf.org/doc/html/draft-ietf-oauth-par-08
Platforms supported AWS SNS
Provides operations to send AWS SNS push messages
Authorization servers MAY issue refresh tokens to web application clients and
native application clients.
Validates the parameters received for the register web service.
Provides interface for register REST web services.
Implementation for register REST web services.
Every registration is persisted under Person Entry
Created by eugeniuparvan on 5/10/17.
The resource owner password credentials (i.e. username and password) can be
used directly as an authorization grant to obtain an access token.
Created by eugeniuparvan on 5/10/17.
Integration with Resteasy
Provides interface for token revocation REST web services.
Provides interface for token revocation REST web services
Schema attribute
Validates the scopes received for the authorize web service.
Created by eugeniuparvan on 5/10/17.
Provides builder methods for SSA
Provides required methods to create a new SSA considering all required conditions.
Provides the method to get existing SSAs based on certain conditions.
Provides the method to get JWT of SSA existing based on certain conditions.
Provides json utilities for SSA
Interface to handle all SSA REST web services.
Implements all methods of the
SsaRestWebService interface.Provides methods to validate different params about SSA.
Provides the method to revoke an existing SSA considering certain conditions.
Provides SSA methods to save, update, search, etc.
Provides the method to validate an existing SSA considering certain conditions.
Provides server with basic statistic.
Integration with Resteasy
Provides interface for token REST web services
Provides interface for token REST web services
Token specific service methods
Claims-Gathering Endpoint.
The endpoint at which the requester can obtain UMA2 metadata.
The endpoint at which the host registers permissions that it anticipates a
requester will shortly be asking for from the AM.
Holds permission tokens and permissions
The API available at the resource registration endpoint enables the resource server to put resources under
the protection of an authorization server on behalf of the resource owner and manage them over time.
Provides operations with resource set descriptions
Requesting Party Token.
The endpoint at which the host requests the status of an RPT presented to it by a requester.
RPT manager component
UMA Token Service
Created by eugeniuparvan on 8/29/17.
Gives ability to use authorization grant in read-only mode.
It's utility service which applications uses in custom authentication scripts
Validates the parameters received for the user info web service.
Provides interface for User Info REST web services
Provides interface for User Info REST web services
Provides operations with users.
Validates the parameters received for the validate token web service.
OxAuthConfigurationService