View Javadoc
1   package org.springframework.security.oauth2.client.resource;
2   
3   import java.util.List;
4   
5   import org.springframework.security.oauth2.common.AuthenticationScheme;
6   
7   /**
8    * Details for an OAuth2-protected resource.
9    * 
10   * @author Ryan Heaton
11   * @author Dave Syer
12   */
13  public interface OAuth2ProtectedResourceDetails {
14  
15  	/**
16  	 * Get a unique identifier for these protected resource details.
17  	 * 
18  	 * @return A unique identifier for these protected resource details.
19  	 */
20  	public String getId();
21  
22  	/**
23  	 * The client identifier to use for this protected resource.
24  	 * 
25  	 * @return The client identifier to use for this protected resource.
26  	 */
27  	public String getClientId();
28  
29  	/**
30  	 * The URL to use to obtain an OAuth2 access token.
31  	 * 
32  	 * @return The URL to use to obtain an OAuth2 access token.
33  	 */
34  	String getAccessTokenUri();
35  
36  	/**
37  	 * Whether this resource is limited to a specific scope. If false, the scope of the authentication request will be
38  	 * ignored.
39  	 * 
40  	 * @return Whether this resource is limited to a specific scope.
41  	 */
42  	boolean isScoped();
43  
44  	/**
45  	 * The scope of this resource. Ignored if the {@link #isScoped() resource isn't scoped}.
46  	 * 
47  	 * @return The scope of this resource.
48  	 */
49  	List<String> getScope();
50  
51  	/**
52  	 * Whether a secret is required to obtain an access token to this resource.
53  	 * 
54  	 * @return Whether a secret is required to obtain an access token to this resource.
55  	 */
56  	boolean isAuthenticationRequired();
57  
58  	/**
59  	 * The client secret. Ignored if the {@link #isAuthenticationRequired() secret isn't required}.
60  	 * 
61  	 * @return The client secret.
62  	 */
63  	String getClientSecret();
64  
65  	/**
66  	 * The scheme to use to authenticate the client. E.g. "header" or "query".
67  	 * 
68  	 * @return The scheme used to authenticate the client.
69  	 */
70  	AuthenticationScheme getClientAuthenticationScheme();
71  
72  	/**
73  	 * The grant type for obtaining an acces token for this resource.
74  	 * 
75  	 * @return The grant type for obtaining an acces token for this resource.
76  	 */
77  	String getGrantType();
78  
79  	/**
80  	 * Get the bearer token method for this resource.
81  	 * 
82  	 * @return The bearer token method for this resource.
83  	 */
84  	AuthenticationScheme getAuthenticationScheme();
85  
86  	/**
87  	 * The name of the bearer token. The default is "access_token", which is according to the spec, but some providers
88  	 * (e.g. Facebook) don't conform to the spec.)
89  	 * 
90  	 * @return The name of the bearer token.
91  	 */
92  	String getTokenName();
93  
94  	/**
95  	 * A flag to indicate that this resource is only to be used with client credentials, thus allowing access tokens to
96  	 * be cached independent of a user's session.
97  	 * 
98  	 * @return true if this resource is only used with client credentials grant
99  	 */
100 	public boolean isClientOnly();
101 }