Package com.ibm.oauth.core.api.config
Interface OAuthComponentConfigurationConstants
public interface OAuthComponentConfigurationConstants
This interface outlines all the configuration properties required by the core
component.
-
Field Summary
Modifier and TypeFieldDescriptionstatic final String
Defines the length in characters of a generated access token.static final String
Defines the implementation class for an access token issuer.static final String
Defines a boolean to indicate whether or not public clients may access the token endpoint.static final String
Defines an implementation class for an audit handler that implements theOAuthAuditHandler
interface to be called during OAuth flows.static final String
Defines the implementation class for the client provider which must implement theOAuth20ClientProvider
interface.static final String
Defines the length in characters of a generated authorization code.static final String
Defines the lifetime of an authorization code.static final String
Constant to be used as a value for theOAUTH20_GRANT_TYPES_ALLOWED
property to enable clients to use the authorization code flow.static final String
Constant to be used as a value for theOAUTH20_GRANT_TYPES_ALLOWED
property to enable clients to use the client credentials flow.static final String
Constant to be used as a value for theOAUTH20_GRANT_TYPES_ALLOWED
property to enable clients to use the implicit grant flow.static final String
Constant to be used as a value for theOAUTH20_GRANT_TYPES_ALLOWED
property to enable clients to use the resource owner password credentials flow.static final String
Constant to be used as a value for theOAUTH20_GRANT_TYPES_ALLOWED
property to enable clients to the token endpoint to exchange refresh tokens for a new access token and refresh token.static final String
Defines a list of the flows which may be used by clients for this component instance.static final String
Defines a boolean to indicate whether or not refresh tokens should be issued.static final String
Defines the maximum authorization grant lifetime for OAuth 2.0 flows in which a refresh token is used.static final String
Defines a list of implementation classes for custom mediators that implement theOAuth20Mediator
interface to execute during OAuth flows.static final String
Defines the length in characters of a generated refresh token.static final String
Defines the implementation class for the token cache which must implement theOAuth20TokenCache
interface.static final String
Defines the maximum lifetime of an issued access token.
-
Field Details
-
OAUTH20_CLIENT_PROVIDER_CLASSNAME
Defines the implementation class for the client provider which must implement theOAuth20ClientProvider
interface. This configuration property MUST be defined and should be a single string represents the class name of the implementation class for your client configuration provider. TheSampleComponentConfiguration
class does not contain a default value for this property. You can see an example of it being set in the examples source incom.ibm.oauth.examples.config.OAuthComponentConfigurationTestImpl
- See Also:
-
OAUTH20_TOKEN_CACHE_CLASSNAME
Defines the implementation class for the token cache which must implement theOAuth20TokenCache
interface. This configuration property MUST be defined and should be a single string represents the class name of the implementation class for your token cache. TheSampleComponentConfiguration
class does not contain a default value for this property. You can see an example of it being set in the examples source incom.ibm.oauth.examples.config.OAuthComponentConfigurationTestImpl
- See Also:
-
OAUTH20_MAX_AUTHORIZATION_GRANT_LIFETIME_SECONDS
Defines the maximum authorization grant lifetime for OAuth 2.0 flows in which a refresh token is used. The value will determine the maximum possible lifetime of any issued refresh or access token starting from when the resource owner first grants authorization (i.e. when the first refresh/access token is issued from either the authorization code flow or the resource owner password credentials flow. This property is not relevant for flows where no refresh token is used since theOAUTH20_TOKEN_LIFETIME_SECONDS
property will determine the lifetime of access tokens. This configuration property MUST be defined and should be a single string representing the lifetime in seconds. The value should be greater than the value forOAUTH20_TOKEN_LIFETIME_SECONDS
. TheSampleComponentConfiguration
class contains a default value for this property.- See Also:
-
OAUTH20_CODE_LIFETIME_SECONDS
Defines the lifetime of an authorization code. The value will determine the lifetime of an issued authorization code for the authorization code flow. The client must exchange the authorization code for an access token before this lifetime expires. As authorization codes are typically sent via browser redirect to the client which then immediately uses them, this value is normally a small number of seconds. This property is not relevant for flows other than the authorization code flow. This configuration property MUST be defined and should be a single string representing the lifetime in seconds. TheSampleComponentConfiguration
class contains a default value for this property.- See Also:
-
OAUTH20_CODE_LENGTH
Defines the length in characters of a generated authorization code. This configuration property MUST be defined and should be a single string representing the length. TheSampleComponentConfiguration
class contains a default value for this property.- See Also:
-
OAUTH20_TOKEN_LIFETIME_SECONDS
Defines the maximum lifetime of an issued access token. The value will determine the maximum lifetime of an issued access token. The actual lifetime of the access token may be smaller than this if the access token is being issued as part of a refresh token flow and the remaining time associated with maximum authorization grant lifetime is less than this value. This configuration property MUST be defined and should be a single string representing the lifetime in seconds. TheSampleComponentConfiguration
class contains a default value for this property.- See Also:
-
OAUTH20_ACCESS_TOKEN_LENGTH
Defines the length in characters of a generated access token. This configuration property MUST be defined and should be a single string representing the length. TheSampleComponentConfiguration
class contains a default value for this property.- See Also:
-
OAUTH20_ISSUE_REFRESH_TOKEN
Defines a boolean to indicate whether or not refresh tokens should be issued. This property is only relevant for flows which issue refresh tokens (authorization code and resource owner password credentials). This configuration property MUST be defined and should be a single string representing "true" or "false". TheSampleComponentConfiguration
class contains a default value for this property.- See Also:
-
OAUTH20_REFRESH_TOKEN_LENGTH
Defines the length in characters of a generated refresh token. This configuration property MUST be defined and should be a single string representing the length. TheSampleComponentConfiguration
class contains a default value for this property.- See Also:
-
OAUTH20_ACCESS_TOKENTYPEHANDLER_CLASSNAME
Defines the implementation class for an access token issuer. Currently only one internal implementation is supported and this property should always be set to the value ofSampleComponentConfiguration.ACCESS_TOKENTYPEHANDLER_CLASSNAME
. This configuration property MUST be defined and set as indicated. TheSampleComponentConfiguration
class contains a default value for this property.- See Also:
-
OAUTH20_MEDIATOR_CLASSNAMES
Defines a list of implementation classes for custom mediators that implement theOAuth20Mediator
interface to execute during OAuth flows. This configuration property is optional and when provided should be a list of string class names.- See Also:
-
OAUTH20_ALLOW_PUBLIC_CLIENTS
Defines a boolean to indicate whether or not public clients may access the token endpoint. This property is only relevant for the authorization code flow and the resource owner password credentials flow (although it doesn't make a lot of sense to use pulic clients in the resource owner password credentials flow). The token endpoint is not used in the implicit grant flow and despite the fact that all implicit grant clients are behaving as public clients this parameter does not affect whether or not a client may use the implicit grant flow. The ability for any client to use the implicit grant flow is solely controlled by the configuration propertyOAUTH20_GRANT_TYPES_ALLOWED
. The client_credentials flow may not be used by a public client. This configuration property MUST be defined and should be a single string representing "true" or "false". TheSampleComponentConfiguration
class contains a default value for this property.- See Also:
-
OAUTH20_AUDITHANDLER_CLASSNAME
Defines an implementation class for an audit handler that implements theOAuthAuditHandler
interface to be called during OAuth flows. This configuration property is optional and when provided should be string class names. The component supports these two pre-defined audit handlers, or you can write your own:- com.ibm.oauth.core.api.audit.SimpleFileOAuthAuditHandler -
SimpleFileOAuthAuditHandler
- com.ibm.oauth.core.api.audit.XMLFileOAuthAuditHandler -
XMLFileOAuthAuditHandler
- See Also:
- com.ibm.oauth.core.api.audit.SimpleFileOAuthAuditHandler -
-
OAUTH20_GRANT_TYPES_ALLOWED
Defines a list of the flows which may be used by clients for this component instance. This selectively allows you to enable any or all of the different flow types by including one or more of these values for the property:- See Also:
-
OAUTH20_GRANT_TYPE_AUTH_CODE
Constant to be used as a value for theOAUTH20_GRANT_TYPES_ALLOWED
property to enable clients to use the authorization code flow.- See Also:
-
OAUTH20_GRANT_TYPE_IMPLICIT
Constant to be used as a value for theOAUTH20_GRANT_TYPES_ALLOWED
property to enable clients to use the implicit grant flow.- See Also:
-
OAUTH20_GRANT_TYPE_CLIENT_CREDENTIALS
Constant to be used as a value for theOAUTH20_GRANT_TYPES_ALLOWED
property to enable clients to use the client credentials flow.- See Also:
-
OAUTH20_GRANT_TYPE_OWNER_PASSWORD
Constant to be used as a value for theOAUTH20_GRANT_TYPES_ALLOWED
property to enable clients to use the resource owner password credentials flow.- See Also:
-
OAUTH20_GRANT_TYPE_REFRESH_TOKEN
Constant to be used as a value for theOAUTH20_GRANT_TYPES_ALLOWED
property to enable clients to the token endpoint to exchange refresh tokens for a new access token and refresh token.- See Also:
-