public class RevocationResponse extends ApiResponse
/auth/revocation API.
Authlete's /auth/revocation API returns JSON which can
be mapped to this class. The service implementation should retrieve the
value of "action" from the response and take the following steps
according to the value.
INVALID_CLIENT
When the value of "action" is "INVALID_CLIENT", it means
that authentication of the client failed. In this case, the HTTP status
of the response to the client application is either "400 Bad
Request" or "401 Unauthorized". The description about "invalid_client" shown below is an excerpt from RFC 6749.
invalid_clientClient authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the "Authorization" request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code and include the "WWW-Authenticate" response header field matching the authentication scheme used by the client.
In either case, the JSON string returned by getResponseContent()
can be used as the entity body of the response to the client application.
The following illustrates the response which the service implementation should generate and return to the client application.
HTTP/1.1 400 Bad Request
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache
(The value returned from getResponseContent())
HTTP/1.1 401 Unauthorized
WWW-Authenticate: (challenge)
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache
(The value returned from getResponseContent())
INTERNAL_SERVER_ERROR
When the value of "action" is "INTERNAL_SERVER_ERROR",
it means that the request from the service implementation
(RevocationRequest) was wrong or that an error occurred in Authlete.
In either case, from the viewpoint of the client application, it is an
error on the server side. Therefore, the service implementation should
generate a response to the client application with the HTTP status of
"500 Internal Server Error".
getResponseContent() returns a JSON string which describes
the error, so it can be used as the entity body of the response.
The following illustrates the response which the service implementation should generate and return to the client application.
HTTP/1.1 500 Internal Server Error
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache
(The value returned from getResponseContent())
BAD_REQUEST
When the value of "action" is "BAD_REQUEST", it means
that the request from the client application is invalid.
The HTTP status of the response returned to the client application
must be "400 Bad Request" and the content type must be
"application/json". RFC 7009, 2.2.1. Error Response states "The error presentation conforms to
the definition in Section 5.2 of [RFC 6749]."
getResponseContent() returns a JSON string which describes
the error, so it can be used as the entity body of the response.
The following illustrates the response which the service implementation should generate and return to the client application.
HTTP/1.1 400 Bad Request
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache
(The value returned from getResponseContent())
OK
When the value of "action" is "OK", it means that
the request from the client application is valid and the presented
token has been revoked successfully or that the client submitted an
invalid token. Note that invalid tokens do not cause an error. See
2.2.
Revocation Response for details.
The HTTP status of the response returned to the client application
must be "200 OK".
If the original request from the client application contains
callback request parameter and its value is not empty,
the content type should be "application/javascript" and
the content should be a JavaScript snippet for JSONP.
getResponseContent() returns a JavaScript snippet if the
original request from the client application contains callback
request parameter and its value is not empty. Otherwise, getResponseContent() returns null.
The following illustrates the response which the service implementation should generate and return to the client application.
HTTP/1.1 200 OK
Content-Type: application/javascript
Cache-Control: no-store
Pragma: no-cache
(The value returned from getResponseContent())
| Modifier and Type | Class and Description |
|---|---|
static class |
RevocationResponse.Action
The next action that the service implementation should take.
|
| Constructor and Description |
|---|
RevocationResponse() |
| Modifier and Type | Method and Description |
|---|---|
RevocationResponse.Action |
getAction()
Get the next action that the service implementation should take.
|
String |
getResponseContent()
Get the response content which can be used as the entity body
of the response returned to the client application.
|
void |
setAction(RevocationResponse.Action action)
Set the next action that the service implementation should take.
|
void |
setResponseContent(String responseContent)
Set the response content which can be used as the entity body
of the response returned to the client application.
|
String |
summarize()
Get the summary of this instance.
|
getResultCode, getResultMessage, setResultCode, setResultMessagepublic RevocationResponse.Action getAction()
public void setAction(RevocationResponse.Action action)
public String getResponseContent()
public void setResponseContent(String responseContent)
public String summarize()
Copyright © 2019. All rights reserved.