Interface OAuth2ProtectedResourceMetadataClaimAccessor

All Superinterfaces:

ClaimAccessor

All Known Implementing Classes:

OAuth2ProtectedResourceMetadata

public interface OAuth2ProtectedResourceMetadataClaimAccessor
extends ClaimAccessor

A ClaimAccessor for the claims a Resource Server describes about its configuration, used in OAuth 2.0 Protected Resource Metadata.

Since:

7.0

See Also:

• ClaimAccessor
• OAuth2ProtectedResourceMetadataClaimNames
• 2. Protected Resource Metadata

Method Summary

Modifier and Type	Method	Description
default List<URL>	getAuthorizationServers()	Returns a list of issuer identifier URL's, for authorization servers that can be used with this protected resource (authorization_servers).
default List<String>	getBearerMethodsSupported()	Returns a list of the supported methods for sending an OAuth 2.0 bearer token to the protected resource.
default URL	getResource()	Returns the URL the protected resource asserts as its resource identifier (resource).
default @Nullable String	getResourceName()	Returns the name of the protected resource intended for display to the end user (resource_name).
default List<String>	getScopes()	Returns a list of scope values supported, that are used in authorization requests to request access to this protected resource (scopes_supported).
default boolean	isTlsClientCertificateBoundAccessTokens()	Returns true to indicate protected resource support for mutual-TLS client certificate-bound access tokens (tls_client_certificate_bound_access_tokens).

Methods inherited from interface ClaimAccessor

getClaim, getClaimAsBoolean, getClaimAsInstant, getClaimAsMap, getClaimAsString, getClaimAsStringList, getClaimAsURL, getClaims, hasClaim

Method Details

getResource

default URL getResource()

Returns the URL the protected resource asserts as its resource identifier (resource).

Returns:

the URL the protected resource asserts as its resource identifier

getAuthorizationServers

default List<URL> getAuthorizationServers()

Returns a list of issuer identifier URL's, for authorization servers that can be used with this protected resource (authorization_servers).

Returns:

a list of issuer identifier URL's, for authorization servers that can be used with this protected resource, or an empty list if not set

getScopes

default List<String> getScopes()

Returns a list of scope values supported, that are used in authorization requests to request access to this protected resource (scopes_supported).

Returns:

a list of scope values supported, or an empty list if not set

getBearerMethodsSupported

default List<String> getBearerMethodsSupported()

Returns a list of the supported methods for sending an OAuth 2.0 bearer token to the protected resource. Defined values are "header", "body" and "query". (bearer_methods_supported).

Returns:

a list of the supported methods for sending an OAuth 2.0 bearer token to the protected resource, or an empty list if not set

getResourceName

default @Nullable String getResourceName()

Returns the name of the protected resource intended for display to the end user (resource_name).

Returns:

the name of the protected resource intended for display to the end user, or null if not set

isTlsClientCertificateBoundAccessTokens

default boolean isTlsClientCertificateBoundAccessTokens()

Returns true to indicate protected resource support for mutual-TLS client certificate-bound access tokens (tls_client_certificate_bound_access_tokens).

Returns:

true to indicate protected resource support for mutual-TLS client certificate-bound access tokens