java.lang.Object
iu.auth.config.SelfIssuedAccessToken
- All Implemented Interfaces:
IuApiCredentials,IuPrincipalIdentity,Principal
Encapsulates a self-issued access token suitable for server-to-server
invocation between nodes associated by a web of trust relationship.
-
Constructor Summary
ConstructorsConstructorDescriptionSelfIssuedAccessToken(IuPrivateKeyPrincipal pkp, URI audience, Duration tokenTtl, IuCallerAttributes caller) Constructor, for use by the self-issuing client endpoint.SelfIssuedAccessToken(IuPrivateKeyPrincipal pkp, URI audience, Duration tokenTtl, String bearerToken) Constructor, for use by the verifying server endpoint. -
Method Summary
Modifier and TypeMethodDescriptionvoidapplyTo(HttpRequest.Builder requestBuilder) Applies the client's API credentials to an HTTP request.Gets the point in time the principal's credentials were verified by the authentication provider.Gets the point in time after which the principal's authenticated session is expired.Gets the point in time proof of principal identity was issued by an authentication provider.Gets the principal name of the principal issuer.getName()Gets a subject including this principal, related principals, and implied credentials.toString()Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, waitMethods inherited from interface edu.iu.auth.IuPrincipalIdentity
implies
-
Constructor Details
-
SelfIssuedAccessToken
public SelfIssuedAccessToken(IuPrivateKeyPrincipal pkp, URI audience, Duration tokenTtl, IuCallerAttributes caller) Constructor, for use by the self-issuing client endpoint.- Parameters:
pkp- Issuer identity metadataaudience- Remote audience URItokenTtl- Duration between token issue and expiration timescaller- Caller attributes
-
SelfIssuedAccessToken
public SelfIssuedAccessToken(IuPrivateKeyPrincipal pkp, URI audience, Duration tokenTtl, String bearerToken) Constructor, for use by the verifying server endpoint.- Parameters:
pkp- Issuer identity metadataaudience- Remote audience URItokenTtl- Duration between token issue and expiration timesbearerToken- Bearer token
-
-
Method Details
-
getName
-
getIssuer
Description copied from interface:IuPrincipalIdentityGets the principal name of the principal issuer.- Specified by:
getIssuerin interfaceIuPrincipalIdentity- Returns:
- issuer principal name; e.g., OIDC Provider URI or SAML IDP Entity ID
-
getIssuedAt
Description copied from interface:IuPrincipalIdentityGets the point in time proof of principal identity was issued by an authentication provider.- Specified by:
getIssuedAtin interfaceIuPrincipalIdentity- Returns:
Instant
-
getAuthTime
Description copied from interface:IuPrincipalIdentityGets the point in time the principal's credentials were verified by the authentication provider.- Specified by:
getAuthTimein interfaceIuPrincipalIdentity- Returns:
Instant
-
getExpires
Description copied from interface:IuPrincipalIdentityGets the point in time after which the principal's authenticated session is expired.- Specified by:
getExpiresin interfaceIuPrincipalIdentity- Returns:
Instant
-
getSubject
Description copied from interface:IuPrincipalIdentityGets a subject including this principal, related principals, and implied credentials.- Specified by:
getSubjectin interfaceIuPrincipalIdentity- Returns:
Subject
-
applyTo
Description copied from interface:IuApiCredentialsApplies the client's API credentials to an HTTP request.- Specified by:
applyToin interfaceIuApiCredentials- Parameters:
requestBuilder-HttpRequest.Builder- Throws:
IuAuthenticationException- If authenticated credentials have expired or been revoked since initial authorization
-
toString
-