View Javadoc
1   package org.springframework.security.oauth2.provider;
2   
3   import java.io.Serializable;
4   import java.util.Collection;
5   import java.util.Map;
6   import java.util.Set;
7   
8   import org.springframework.security.core.GrantedAuthority;
9   
10  /**
11   * Client details for OAuth 2
12   * 
13   * @author Ryan Heaton
14   */
15  public interface ClientDetails extends Serializable {
16  
17  	/**
18  	 * The client id.
19  	 * 
20  	 * @return The client id.
21  	 */
22  	String getClientId();
23  
24  	/**
25  	 * The resources that this client can access. Can be ignored by callers if empty.
26  	 * 
27  	 * @return The resources of this client.
28  	 */
29  	Set<String> getResourceIds();
30  
31  	/**
32  	 * Whether a secret is required to authenticate this client.
33  	 * 
34  	 * @return Whether a secret is required to authenticate this client.
35  	 */
36  	boolean isSecretRequired();
37  
38  	/**
39  	 * The client secret. Ignored if the {@link #isSecretRequired() secret isn't required}.
40  	 * 
41  	 * @return The client secret.
42  	 */
43  	String getClientSecret();
44  
45  	/**
46  	 * Whether this client is limited to a specific scope. If false, the scope of the authentication request will be
47  	 * ignored.
48  	 * 
49  	 * @return Whether this client is limited to a specific scope.
50  	 */
51  	boolean isScoped();
52  
53  	/**
54  	 * The scope of this client. Empty if the client isn't scoped.
55  	 * 
56  	 * @return The scope of this client.
57  	 */
58  	Set<String> getScope();
59  
60  	/**
61  	 * The grant types for which this client is authorized.
62  	 * 
63  	 * @return The grant types for which this client is authorized.
64  	 */
65  	Set<String> getAuthorizedGrantTypes();
66  
67  	/**
68  	 * The pre-defined redirect URI for this client to use during the "authorization_code" access grant. See OAuth spec,
69  	 * section 4.1.1.
70  	 * 
71  	 * @return The pre-defined redirect URI for this client.
72  	 */
73  	Set<String> getRegisteredRedirectUri();
74  
75  	/**
76  	 * Returns the authorities that are granted to the OAuth client. Cannot return <code>null</code>.
77  	 * Note that these are NOT the authorities that are granted to the user with an authorized access token.
78  	 * Instead, these authorities are inherent to the client itself.
79  	 * 
80  	 * @return the authorities (never <code>null</code>)
81  	 */
82  	Collection<GrantedAuthority> getAuthorities();
83  
84  	/**
85  	 * The access token validity period for this client. Null if not set explicitly (implementations might use that fact
86  	 * to provide a default value for instance).
87  	 * 
88  	 * @return the access token validity period
89  	 */
90  	Integer getAccessTokenValiditySeconds();
91  
92  	/**
93  	 * The refresh token validity period for this client. Null for default value set by token service, and 
94  	 * zero or negative for non-expiring tokens.
95  	 * 
96  	 * @return the refresh token validity period
97  	 */
98  	Integer getRefreshTokenValiditySeconds();
99  	
100 	/**
101 	 * Test whether client needs user approval for a particular scope.
102 	 * 
103 	 * @param scope the scope to consider
104 	 * @return true if this client does not need user approval
105 	 */
106 	boolean isAutoApprove(String scope);
107 
108 	/**
109 	 * Additional information for this client, not needed by the vanilla OAuth protocol but might be useful, for example,
110 	 * for storing descriptive information.
111 	 * 
112 	 * @return a map of additional information
113 	 */
114 	Map<String, Object> getAdditionalInformation();
115 
116 }