This repository has been archived by the owner on May 31, 2022. It is now read-only.
/
OAuth2ProtectedResourceDetails.java
105 lines (90 loc) · 2.83 KB
/
OAuth2ProtectedResourceDetails.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
package org.springframework.security.oauth2.client.resource;
import java.util.List;
import org.springframework.security.oauth2.common.AuthenticationScheme;
/**
* Details for an OAuth2-protected resource.
*
* <p>
* @deprecated See the <a href="https://github.com/spring-projects/spring-security/wiki/OAuth-2.0-Migration-Guide">OAuth 2.0 Migration Guide</a> for Spring Security 5.
*
* @author Ryan Heaton
* @author Dave Syer
*/
@Deprecated
public interface OAuth2ProtectedResourceDetails {
/**
* Get a unique identifier for these protected resource details.
*
* @return A unique identifier for these protected resource details.
*/
public String getId();
/**
* The client identifier to use for this protected resource.
*
* @return The client identifier to use for this protected resource.
*/
public String getClientId();
/**
* The URL to use to obtain an OAuth2 access token.
*
* @return The URL to use to obtain an OAuth2 access token.
*/
String getAccessTokenUri();
/**
* Whether this resource is limited to a specific scope. If false, the scope of the authentication request will be
* ignored.
*
* @return Whether this resource is limited to a specific scope.
*/
boolean isScoped();
/**
* The scope of this resource. Ignored if the {@link #isScoped() resource isn't scoped}.
*
* @return The scope of this resource.
*/
List<String> getScope();
/**
* Whether a secret is required to obtain an access token to this resource.
*
* @return Whether a secret is required to obtain an access token to this resource.
*/
boolean isAuthenticationRequired();
/**
* The client secret. Ignored if the {@link #isAuthenticationRequired() secret isn't required}.
*
* @return The client secret.
*/
String getClientSecret();
/**
* The scheme to use to authenticate the client. E.g. "header" or "query".
*
* @return The scheme used to authenticate the client.
*/
AuthenticationScheme getClientAuthenticationScheme();
/**
* The grant type for obtaining an acces token for this resource.
*
* @return The grant type for obtaining an acces token for this resource.
*/
String getGrantType();
/**
* Get the bearer token method for this resource.
*
* @return The bearer token method for this resource.
*/
AuthenticationScheme getAuthenticationScheme();
/**
* The name of the bearer token. The default is "access_token", which is according to the spec, but some providers
* (e.g. Facebook) don't conform to the spec.)
*
* @return The name of the bearer token.
*/
String getTokenName();
/**
* A flag to indicate that this resource is only to be used with client credentials, thus allowing access tokens to
* be cached independent of a user's session.
*
* @return true if this resource is only used with client credentials grant
*/
public boolean isClientOnly();
}