Package org.springframework.security.oauth2.core

Interface OAuth2TokenIntrospectionClaimAccessor

All Superinterfaces:

ClaimAccessor

All Known Implementing Classes:

OAuth2IntrospectionAuthenticatedPrincipal, OAuth2TokenIntrospection

public interface OAuth2TokenIntrospectionClaimAccessor
extends ClaimAccessor

A ClaimAccessor for the "claims" that may be contained in the Introspection Response.

Since:

5.6

See Also:

• ClaimAccessor
• OAuth2TokenIntrospectionClaimNames
• Introspection Response

Method Summary

Modifier and Type	Method	Description
default List<String>	getAudience()	Returns the intended audience (aud) for the token
default String	getClientId()	Returns the client identifier (client_id) for the token
default Instant	getExpiresAt()	Returns a timestamp (exp) indicating when the token expires
default String	getId()	Returns the identifier (jti) for the token
default Instant	getIssuedAt()	Returns a timestamp (iat) indicating when the token was issued
default URL	getIssuer()	Returns the issuer (iss) of the token
default Instant	getNotBefore()	Returns a timestamp (nbf) indicating when the token is not to be used before
default List<String>	getScopes()	Returns the scopes (scope) associated with the token
default String	getSubject()	Returns usually a machine-readable identifier (sub) of the resource owner who authorized the token
default String	getTokenType()	Returns the type of the token (token_type), for example bearer.
default String	getUsername()	Returns a human-readable identifier (username) for the resource owner that authorized the token
default boolean	isActive()	Returns the indicator (active) whether or not the token is currently active

Methods inherited from interface org.springframework.security.oauth2.core.ClaimAccessor

getClaim, getClaimAsBoolean, getClaimAsInstant, getClaimAsMap, getClaimAsString, getClaimAsStringList, getClaimAsURL, getClaims, hasClaim

Method Details

isActive

default boolean isActive()

Returns the indicator (active) whether or not the token is currently active

Returns:

the indicator whether or not the token is currently active

getUsername

@Nullable
default String getUsername()

Returns a human-readable identifier (username) for the resource owner that authorized the token

Returns:

a human-readable identifier for the resource owner that authorized the token

getClientId

@Nullable
default String getClientId()

Returns the client identifier (client_id) for the token

Returns:

the client identifier for the token

getScopes

@Nullable
default List<String> getScopes()

Returns the scopes (scope) associated with the token

Returns:

the scopes associated with the token

getTokenType

@Nullable
default String getTokenType()

Returns the type of the token (token_type), for example bearer.

Returns:

the type of the token, for example bearer.

getExpiresAt

@Nullable
default Instant getExpiresAt()

Returns a timestamp (exp) indicating when the token expires

Returns:

a timestamp indicating when the token expires

getIssuedAt

@Nullable
default Instant getIssuedAt()

Returns a timestamp (iat) indicating when the token was issued

Returns:

a timestamp indicating when the token was issued

getNotBefore

@Nullable
default Instant getNotBefore()

Returns a timestamp (nbf) indicating when the token is not to be used before

Returns:

a timestamp indicating when the token is not to be used before

getSubject

@Nullable
default String getSubject()

Returns usually a machine-readable identifier (sub) of the resource owner who authorized the token

Returns:

usually a machine-readable identifier of the resource owner who authorized the token

getAudience

@Nullable
default List<String> getAudience()

Returns the intended audience (aud) for the token

Returns:

the intended audience for the token

getIssuer

@Nullable
default URL getIssuer()

Returns the issuer (iss) of the token

Returns:

the issuer of the token

getId

@Nullable
default String getId()

Returns the identifier (jti) for the token

Returns:

the identifier for the token