Package org.apache.cxf.rs.security.oauth2.provider

Interface SessionAuthenticityTokenProvider

All Known Implementing Classes:
JoseSessionTokenProvider
public interface SessionAuthenticityTokenProvider
SessionAuthenticityTokenProvider responsible for storing and retrieving tokens to validate the authenticity of request sessions

  • Method Details

    • createSessionToken

      String createSessionToken(MessageContext mc, jakarta.ws.rs.core.MultivaluedMap<String,String> params, UserSubject subject, OAuthRedirectionState secData)
      Create a new session token and stores it
      Parameters:
      mc - the MessageContext of this request
      params - redirection-based grant request parameters
      subject - authenticated end user
      secData -
      Returns:
      the created session token

    • getSessionToken

      String getSessionToken(MessageContext mc, jakarta.ws.rs.core.MultivaluedMap<String,String> params, UserSubject subject)
      Retrieve the stored session token
      Parameters:
      mc - the MessageContext of this request
      params - grant authorization parameters
      subject - authenticated end user
      Returns:
      the stored token

    • removeSessionToken

      String removeSessionToken(MessageContext mc, jakarta.ws.rs.core.MultivaluedMap<String,String> params, UserSubject subject)
      Remove the stored session token
      Parameters:
      mc - the MessageContext of this request
      params - grant authorization parameters
      subject - authenticated end user

    • getSessionState

      OAuthRedirectionState getSessionState(MessageContext messageContext, String sessionToken, UserSubject subject)
      Expand the session token
      Parameters:
      messageContext - the MessageContext of this request
      sessionToken - the token
      subject - authenticated end user
      Returns:
      the expanded token or null