public interface AuthleteApi
| Modifier and Type | Method and Description |
|---|---|
AuthorizationResponse |
authorization(AuthorizationRequest request)
Call Authlete's
/auth/authorization API. |
AuthorizationFailResponse |
authorizationFail(AuthorizationFailRequest request)
Call Authlete's
/auth/authorization/fail API. |
AuthorizationIssueResponse |
authorizationIssue(AuthorizationIssueRequest request)
Call Authlete's
/auth/authorization/issue API. |
Client |
createClient(Client client)
Create a client (= call Authlete's
/client/create API). |
Service |
createServie(Service service)
Create a service (= call Authlete's
/service/create API). |
void |
deleteClient(long clientId)
Delete a client (= call Authlete's
/client/delete/{clientId} API). |
void |
deleteClientAuthorization(long clientId,
String subject)
Delete all existing access tokens issued to the client application
by the end-user.
|
void |
deleteGrantedScopes(long clientId,
String subject)
Delete DB records about the set of scopes that a user has granted to a
client application (call Authlete's
/client/granted_scopes/delete/{clientId} API). |
void |
deleteRequestableScopes(long clientId)
Clear the requestable scopes assigned to a client (= call Authlete's
/client/extension/requestable_scopes/delete/{clientId} API). |
void |
deleteService(long apiKey)
Delete a service (= call Authlete's
/service/delete/{apiKey} API). |
Client |
getClient(long clientId)
Get a client (= call Authlete's
/client/get/{clientId} API). |
AuthorizedClientListResponse |
getClientAuthorizationList(ClientAuthorizationGetListRequest request)
Get a list of client applications authorized by the end-user.
|
ClientListResponse |
getClientList()
Get the list of client applications that belong to the service
(= call Authlete's
/client/get/list API). |
ClientListResponse |
getClientList(int start,
int end)
Get the list of client applications that belong to the service
(= call Authlete's
/client/get/list API with start and end parameters). |
ClientListResponse |
getClientList(String developer)
Get the list of client applications that belong to the developer
(= call Authlete's
/client/get/list API with developer parameter). |
ClientListResponse |
getClientList(String developer,
int start,
int end)
Get the list of client applications
(= call Authlete's
/client/get/list API with developer, start and end parameters). |
GrantedScopesGetResponse |
getGrantedScopes(long clientId,
String subject)
Get the set of scopes that a user has granted to a client application
(call Authlete's
/client/granted_scopes/get/{clientId} API). |
String[] |
getRequestableScopes(long clientId)
Get the requestable scopes assigned to a client (= call Authlete's
/client/extension/requestable_scopes/get/{clientId} API). |
Service |
getService(long apiKey)
Get a service (= call Authlete's
/service/get/{apiKey} API). |
String |
getServiceConfiguration()
Get the configuration of the service in JSON format that complies with
OpenID Connect Discovery 1.0.
|
String |
getServiceConfiguration(boolean pretty)
Get the configuration of the service in JSON format that complies with
OpenID Connect Discovery 1.0.
|
String |
getServiceJwks()
Get the JWK Set of a service.
|
String |
getServiceJwks(boolean pretty,
boolean includePrivateKeys)
Get the JWK Set of a service.
|
ServiceListResponse |
getServiceList()
Get the list of services that belong to the service owner
(= call Authlete's
/service/get/list API). |
ServiceListResponse |
getServiceList(int start,
int end)
Get the list of services that belong to the service owner
(= call Authlete's
/service/get/list API with start and end parameters). |
Settings |
getSettings()
Get the reference to the settings of this
AuthleteApi
implementation. |
IntrospectionResponse |
introspection(IntrospectionRequest request)
Call Authlete's
/auth/introspection API. |
RevocationResponse |
revocation(RevocationRequest request)
Call Authlete's
/auth/revocation API. |
String[] |
setRequestableScopes(long clientId,
String[] scopes)
Set the requestable scopes assigned to a client (= call Authlete's
/client/extension/requestable_scopes/update/{clientId} API). |
StandardIntrospectionResponse |
standardIntrospection(StandardIntrospectionRequest request)
Call Authlete's
/auth/introspection/standard API. |
TokenResponse |
token(TokenRequest request)
Call Authlete's
/auth/token API. |
TokenCreateResponse |
tokenCreate(TokenCreateRequest request)
Call Authlete's
/auth/token/create API. |
TokenFailResponse |
tokenFail(TokenFailRequest request)
Call Authlete's
/auth/token/fail API. |
TokenIssueResponse |
tokenIssue(TokenIssueRequest request)
Call Authlete's
/auth/token/issue API. |
TokenUpdateResponse |
tokenUpdate(TokenUpdateRequest request)
Call Authlete's
/auth/token/update API. |
Client |
updateClient(Client client)
Update a client (= call Authlete's
/client/update/{clientId} API). |
void |
updateClientAuthorization(long clientId,
ClientAuthorizationUpdateRequest request)
Update attributes of all existing access tokens issued to the
client application by the end-user.
|
Service |
updateService(Service service)
Update a service (= call Authlete's
/service/update/{apiKey} API). |
UserInfoResponse |
userinfo(UserInfoRequest request)
Call Authlete's
/auth/userinfo API. |
UserInfoIssueResponse |
userinfoIssue(UserInfoIssueRequest request)
Call Authlete's
/auth/userinfo/issue API. |
AuthorizationResponse authorization(AuthorizationRequest request) throws AuthleteApiException
/auth/authorization API.request - Request parameters passed to the API.AuthleteApiExceptionAuthorizationFailResponse authorizationFail(AuthorizationFailRequest request) throws AuthleteApiException
/auth/authorization/fail API.request - Request parameters passed to the API.AuthleteApiExceptionAuthorizationIssueResponse authorizationIssue(AuthorizationIssueRequest request) throws AuthleteApiException
/auth/authorization/issue API.request - Request parameters passed to the API.AuthleteApiExceptionTokenResponse token(TokenRequest request) throws AuthleteApiException
/auth/token API.request - Request parameters passed to the API.AuthleteApiExceptionTokenCreateResponse tokenCreate(TokenCreateRequest request) throws AuthleteApiException
/auth/token/create API.request - Request parameters passed to the API.AuthleteApiExceptionTokenFailResponse tokenFail(TokenFailRequest request) throws AuthleteApiException
/auth/token/fail API.request - Request parameters passed to the API.AuthleteApiExceptionTokenIssueResponse tokenIssue(TokenIssueRequest request) throws AuthleteApiException
/auth/token/issue API.request - Request parameters passed to the API.AuthleteApiExceptionTokenUpdateResponse tokenUpdate(TokenUpdateRequest request) throws AuthleteApiException
/auth/token/update API.request - Request parameters passed to the API.AuthleteApiExceptionRevocationResponse revocation(RevocationRequest request) throws AuthleteApiException
/auth/revocation API.request - Request parameters passed to the API.AuthleteApiExceptionUserInfoResponse userinfo(UserInfoRequest request) throws AuthleteApiException
/auth/userinfo API.request - Request parameters passed to the API.AuthleteApiExceptionUserInfoIssueResponse userinfoIssue(UserInfoIssueRequest request) throws AuthleteApiException
/auth/userinfo/issue API.request - Request parameters passed to the API.AuthleteApiExceptionIntrospectionResponse introspection(IntrospectionRequest request) throws AuthleteApiException
/auth/introspection API.request - Request parameters passed to the API.AuthleteApiExceptionStandardIntrospectionResponse standardIntrospection(StandardIntrospectionRequest request) throws AuthleteApiException
/auth/introspection/standard API.request - Request parameters passed to the API.AuthleteApiExceptionService createServie(Service service) throws AuthleteApiException
/service/create API).service - Information about a service to create.AuthleteApiExceptionvoid deleteService(long apiKey)
throws AuthleteApiException
/service/delete/{apiKey} API).apiKey - The API key of the service.AuthleteApiExceptionService getService(long apiKey) throws AuthleteApiException
/service/get/{apiKey} API).apiKey - The API key of the service.AuthleteApiExceptionServiceListResponse getServiceList() throws AuthleteApiException
/service/get/list API).
This method uses the default range to limit the result set
of the query. Use getServiceList(int, int) to specify
the range explicitly.
AuthleteApiExceptionServiceListResponse getServiceList(int start, int end) throws AuthleteApiException
/service/get/list API with start and end parameters).
The pair of start and end parameters denotes
the range of the result set of the query. For example, if
start is 5 and end is 7, the pair makes a
range from 5 (inclusive) to 7 (exclusive) and the response
will contain (at most) 2 pieces of service information, i.e.,
information about the 6th and the 7th services (the index
starts from 0).
If end - start is equal to or less than 0, getServices() method of
the response returns null. But even in such a case,
getTotalCount()
method returns the total count. In other words, if you want
to get just the total count, you can write the code as
shown below.
int totalCount = api.getServiceList(0, 0).getTotalCount();
start - The start index (inclusive) of the result set of the query.
Must not be negative.end - The end index (exclusive) of the result set of the query.
Must not be negative.AuthleteApiExceptionService updateService(Service service) throws AuthleteApiException
/service/update/{apiKey} API).
service.getApiKey() must
return the correct API key of the service.
service - Information about a service to update.AuthleteApiExceptionString getServiceJwks() throws AuthleteApiException
This method is an alias of getServiceJwks(true, false).
null is returned when the service has registered
neither content or URI of its JWK Set.AuthleteApiExceptionString getServiceJwks(boolean pretty, boolean includePrivateKeys) throws AuthleteApiException
You can register either or both (1) the content of a JWK set and (2) the URI of a JWK set. The table below describes how registration combinations affect the response from this method. For example, the table indicates that the content of the JWK Set is returned with a status code 200 if both (content and URI) are registered.
Service JWK Set Response Content URI Status Code Return Value Exception Registered Registered 200 OK JWK Set Not Raised Registered Not Registered 200 OK JWK Set Not Raised Not Registered Registered 204 No Content nullNot Raised 302 Found * Raised Not Registered Not Registered 204 No Content nullNot Raised
302 Found is returned when the request URI and the registered JWK Set URI
are different. In this case, Location header contains the registered
JWK Set URI. If you need the value of the URI, catch AuthleteApiException
and call getResponseHeaders().
pretty - true to get the JSON in pretty format.includePrivateKeys - true to keep private keys in the JSON. false to
remove private keys.null is returned when the service has registered
neither content or URI of its JWK Set.AuthleteApiExceptionString getServiceConfiguration() throws AuthleteApiException
This method is an alias of getServiceConfiguration(true).
AuthleteApiExceptionString getServiceConfiguration(boolean pretty) throws AuthleteApiException
The value returned from this method can be used as the response body
from /.well-known/openid-configuration. See "4. Obtaining OpenID Provider Configuration Information" in OpenID
Connect Discovery 1.0 for details.
pretty - true to get the JSON in pretty format.AuthleteApiExceptionClient createClient(Client client) throws AuthleteApiException
/client/create API).client - Information about a client to create.AuthleteApiExceptionvoid deleteClient(long clientId)
throws AuthleteApiException
/client/delete/{clientId} API).clientId - Client ID.AuthleteApiExceptionClient getClient(long clientId) throws AuthleteApiException
/client/get/{clientId} API).clientId - The client ID.AuthleteApiExceptionClientListResponse getClientList() throws AuthleteApiException
/client/get/list API).
This method uses the default range to limit the result set
of the query. Use getClientList(int, int) to specify
the range explicitly.
AuthleteApiExceptionClientListResponse getClientList(String developer) throws AuthleteApiException
/client/get/list API with developer parameter).
When developer is null, the list of client
applications that belong to the service is returned.
This method uses the default range to limit the result set
of the query. Use getClientList(String, int, int)
to specify the range explicitly.
developer - The developer of the targeted client applications.AuthleteApiExceptionClientListResponse getClientList(int start, int end) throws AuthleteApiException
/client/get/list API with start and end parameters).start - The start index (inclusive) of the result set of the query.
Must not be negative.end - The end index (exclusive) of the result set of the query.
Must not be negative.AuthleteApiExceptionClientListResponse getClientList(String developer, int start, int end) throws AuthleteApiException
/client/get/list API with developer, start and end parameters).
When developer is null, the list of client
applications that belong to the service is returned.
Otherwise, when developer is not null, the
list of client applications that belong to the developer is
returned.
The pair of start and end parameters denotes
the range of the result set of the query. For example, if
start is 5 and end is 7, the pair makes a
range from 5 (inclusive) to 7 (exclusive) and the response
will contain (at most) 2 pieces of client information, i.e.,
information about the 6th and the 7th applications (the
index starts from 0).
If end - start is equal to or less than 0, getClients() method of the
response returns null. But even in such a case,
getTotalCount()
method returns the total count. In other words, if you want
to get just the total count, you can write the code as
shown below.
int totalCount = api.getClientList(developer, 0, 0).getTotalCount();
developer - The developer of the targeted client applications,
or null to get the list of client applications
of the entire service.start - The start index (inclusive) of the result set of the query.
Must not be negative.end - The end index (exclusive) of the result set of the query.
Must not be negative.AuthleteApiExceptionClient updateClient(Client client) throws AuthleteApiException
/client/update/{clientId} API).
client.getClientId() must
return the correct client ID.
client - Information about a client to update.AuthleteApiExceptionString[] getRequestableScopes(long clientId) throws AuthleteApiException
/client/extension/requestable_scopes/get/{clientId} API).clientId - A client ID.scope request parameter in authorization
requests and token requests are all ignored.
AuthleteApiExceptionString[] setRequestableScopes(long clientId, String[] scopes) throws AuthleteApiException
/client/extension/requestable_scopes/update/{clientId} API).
Calling this method with scopes=null has the same effect as calling
deleteRequestableScopes(clientId).
Since the version 1.39, the Client class has extension
property and information about "Requestable Scopes per Client"
is included in the property. So, calling /client/update/{clientId}
API is enough and recommended. In other words, calling
/client/extension/requestable_scopes/update/{clientId} API
is no longer recommended.
Known issue: The JSON parser used by the implementation of
/client/extension/requestable_scopes/update/{clientId} API
treats an empty array as null and it does not provide any configuration
method to change the behavior. Until the JSON parser is replaced, passing
an empty array to the API leads to the same result as passing null
to the API.
clientId - A client ID.scopes - scope request parameter in authorization requests
and token requests are all ignored.
AuthleteApiExceptionvoid deleteRequestableScopes(long clientId)
throws AuthleteApiException
/client/extension/requestable_scopes/delete/{clientId} API).
Calling this method has the same effect as calling setRequestableScopes(clientId, null).
clientId - A client ID.AuthleteApiExceptionGrantedScopesGetResponse getGrantedScopes(long clientId, String subject)
/client/granted_scopes/get/{clientId} API).
A dedicated Authlete server provides a functionality to remember the set of scopes that a user has granted to a client application. A remembered set is NOT removed from the database even after all existing access tokens associated with the combination of the client application and the subject have expired. Note that this functionality is not provided by the shared Authlete server.
clientId - A client ID.subject - A unique user identifier.void deleteGrantedScopes(long clientId,
String subject)
/client/granted_scopes/delete/{clientId} API).
Even if you delete records about granted scopes by calling this API, existing access tokens are not deleted and scopes of existing access tokens are not changed.
Please call this method if the user identified by the subject is deleted from your system. Otherwise, garbage data continue to exist in the database.
clientId - A client ID.subject - A unique user identifier.void deleteClientAuthorization(long clientId,
String subject)
throws AuthleteApiException
clientId - The ID of the target client application.subject - The subject (= unique identifier) of the end-user.
Must not be null.AuthleteApiExceptionAuthorizedClientListResponse getClientAuthorizationList(ClientAuthorizationGetListRequest request) throws AuthleteApiException
request - Conditions to query the list. The subject property
(= the unique identifier of the end-user) in the request
must not be null.AuthleteApiExceptionvoid updateClientAuthorization(long clientId,
ClientAuthorizationUpdateRequest request)
throws AuthleteApiException
clientId - The ID of the target client application.request - The subject (= unique identifier) of the end-user and new attribute
values of access tokens. The subject property in the request
must not be null.AuthleteApiExceptionSettings getSettings()
AuthleteApi
implementation.AuthleteApi
implementation.Copyright © 2017. All rights reserved.