Package com.ibm.oauth.core.api.config

Interface OAuthComponentConfigurationConstants

public interface OAuthComponentConfigurationConstants
This interface outlines all the configuration properties required by the core component.
See Also:

  • Field Details

    • OAUTH20_CLIENT_PROVIDER_CLASSNAME

      static final String OAUTH20_CLIENT_PROVIDER_CLASSNAME
      Defines the implementation class for the client provider which must implement the OAuth20ClientProvider interface. This configuration property MUST be defined and should be a single string represents the class name of the implementation class for your client configuration provider. The SampleComponentConfiguration class does not contain a default value for this property. You can see an example of it being set in the examples source in com.ibm.oauth.examples.config.OAuthComponentConfigurationTestImpl
      See Also:

    • OAUTH20_TOKEN_CACHE_CLASSNAME

      static final String OAUTH20_TOKEN_CACHE_CLASSNAME
      Defines the implementation class for the token cache which must implement the OAuth20TokenCache interface. This configuration property MUST be defined and should be a single string represents the class name of the implementation class for your token cache. The SampleComponentConfiguration class does not contain a default value for this property. You can see an example of it being set in the examples source in com.ibm.oauth.examples.config.OAuthComponentConfigurationTestImpl
      See Also:

    • OAUTH20_MAX_AUTHORIZATION_GRANT_LIFETIME_SECONDS

      static final String OAUTH20_MAX_AUTHORIZATION_GRANT_LIFETIME_SECONDS
      Defines the maximum authorization grant lifetime for OAuth 2.0 flows in which a refresh token is used. The value will determine the maximum possible lifetime of any issued refresh or access token starting from when the resource owner first grants authorization (i.e. when the first refresh/access token is issued from either the authorization code flow or the resource owner password credentials flow. This property is not relevant for flows where no refresh token is used since the OAUTH20_TOKEN_LIFETIME_SECONDS property will determine the lifetime of access tokens. This configuration property MUST be defined and should be a single string representing the lifetime in seconds. The value should be greater than the value for OAUTH20_TOKEN_LIFETIME_SECONDS. The SampleComponentConfiguration class contains a default value for this property.
      See Also:

    • OAUTH20_CODE_LIFETIME_SECONDS

      static final String OAUTH20_CODE_LIFETIME_SECONDS
      Defines the lifetime of an authorization code. The value will determine the lifetime of an issued authorization code for the authorization code flow. The client must exchange the authorization code for an access token before this lifetime expires. As authorization codes are typically sent via browser redirect to the client which then immediately uses them, this value is normally a small number of seconds. This property is not relevant for flows other than the authorization code flow. This configuration property MUST be defined and should be a single string representing the lifetime in seconds. The SampleComponentConfiguration class contains a default value for this property.
      See Also:

    • OAUTH20_CODE_LENGTH

      static final String OAUTH20_CODE_LENGTH
      Defines the length in characters of a generated authorization code. This configuration property MUST be defined and should be a single string representing the length. The SampleComponentConfiguration class contains a default value for this property.
      See Also:

    • OAUTH20_TOKEN_LIFETIME_SECONDS

      static final String OAUTH20_TOKEN_LIFETIME_SECONDS
      Defines the maximum lifetime of an issued access token. The value will determine the maximum lifetime of an issued access token. The actual lifetime of the access token may be smaller than this if the access token is being issued as part of a refresh token flow and the remaining time associated with maximum authorization grant lifetime is less than this value. This configuration property MUST be defined and should be a single string representing the lifetime in seconds. The SampleComponentConfiguration class contains a default value for this property.
      See Also:

    • OAUTH20_ACCESS_TOKEN_LENGTH

      static final String OAUTH20_ACCESS_TOKEN_LENGTH
      Defines the length in characters of a generated access token. This configuration property MUST be defined and should be a single string representing the length. The SampleComponentConfiguration class contains a default value for this property.
      See Also:

    • OAUTH20_ISSUE_REFRESH_TOKEN

      static final String OAUTH20_ISSUE_REFRESH_TOKEN
      Defines a boolean to indicate whether or not refresh tokens should be issued. This property is only relevant for flows which issue refresh tokens (authorization code and resource owner password credentials). This configuration property MUST be defined and should be a single string representing "true" or "false". The SampleComponentConfiguration class contains a default value for this property.
      See Also:

    • OAUTH20_REFRESH_TOKEN_LENGTH

      static final String OAUTH20_REFRESH_TOKEN_LENGTH
      Defines the length in characters of a generated refresh token. This configuration property MUST be defined and should be a single string representing the length. The SampleComponentConfiguration class contains a default value for this property.
      See Also:

    • OAUTH20_ACCESS_TOKENTYPEHANDLER_CLASSNAME

      static final String OAUTH20_ACCESS_TOKENTYPEHANDLER_CLASSNAME
      Defines the implementation class for an access token issuer. Currently only one internal implementation is supported and this property should always be set to the value of SampleComponentConfiguration.ACCESS_TOKENTYPEHANDLER_CLASSNAME. This configuration property MUST be defined and set as indicated. The SampleComponentConfiguration class contains a default value for this property.
      See Also:

    • OAUTH20_MEDIATOR_CLASSNAMES

      static final String OAUTH20_MEDIATOR_CLASSNAMES
      Defines a list of implementation classes for custom mediators that implement the OAuth20Mediator interface to execute during OAuth flows. This configuration property is optional and when provided should be a list of string class names.
      See Also:

    • OAUTH20_ALLOW_PUBLIC_CLIENTS

      static final String OAUTH20_ALLOW_PUBLIC_CLIENTS
      Defines a boolean to indicate whether or not public clients may access the token endpoint. This property is only relevant for the authorization code flow and the resource owner password credentials flow (although it doesn't make a lot of sense to use pulic clients in the resource owner password credentials flow). The token endpoint is not used in the implicit grant flow and despite the fact that all implicit grant clients are behaving as public clients this parameter does not affect whether or not a client may use the implicit grant flow. The ability for any client to use the implicit grant flow is solely controlled by the configuration property OAUTH20_GRANT_TYPES_ALLOWED. The client_credentials flow may not be used by a public client. This configuration property MUST be defined and should be a single string representing "true" or "false". The SampleComponentConfiguration class contains a default value for this property.
      See Also:

    • OAUTH20_AUDITHANDLER_CLASSNAME

      static final String OAUTH20_AUDITHANDLER_CLASSNAME
      Defines an implementation class for an audit handler that implements the OAuthAuditHandler interface to be called during OAuth flows. This configuration property is optional and when provided should be string class names. The component supports these two pre-defined audit handlers, or you can write your own:
      • com.ibm.oauth.core.api.audit.SimpleFileOAuthAuditHandler - SimpleFileOAuthAuditHandler
      • com.ibm.oauth.core.api.audit.XMLFileOAuthAuditHandler - XMLFileOAuthAuditHandler
      See Also:

    • OAUTH20_GRANT_TYPES_ALLOWED

      static final String OAUTH20_GRANT_TYPES_ALLOWED
      Defines a list of the flows which may be used by clients for this component instance. This selectively allows you to enable any or all of the different flow types by including one or more of these values for the property:
      See Also:

    • OAUTH20_GRANT_TYPE_AUTH_CODE

      static final String OAUTH20_GRANT_TYPE_AUTH_CODE
      Constant to be used as a value for the OAUTH20_GRANT_TYPES_ALLOWED property to enable clients to use the authorization code flow.
      See Also:

    • OAUTH20_GRANT_TYPE_IMPLICIT

      static final String OAUTH20_GRANT_TYPE_IMPLICIT
      Constant to be used as a value for the OAUTH20_GRANT_TYPES_ALLOWED property to enable clients to use the implicit grant flow.
      See Also:

    • OAUTH20_GRANT_TYPE_CLIENT_CREDENTIALS

      static final String OAUTH20_GRANT_TYPE_CLIENT_CREDENTIALS
      Constant to be used as a value for the OAUTH20_GRANT_TYPES_ALLOWED property to enable clients to use the client credentials flow.
      See Also:

    • OAUTH20_GRANT_TYPE_OWNER_PASSWORD

      static final String OAUTH20_GRANT_TYPE_OWNER_PASSWORD
      Constant to be used as a value for the OAUTH20_GRANT_TYPES_ALLOWED property to enable clients to use the resource owner password credentials flow.
      See Also:

    • OAUTH20_GRANT_TYPE_REFRESH_TOKEN

      static final String OAUTH20_GRANT_TYPE_REFRESH_TOKEN
      Constant to be used as a value for the OAUTH20_GRANT_TYPES_ALLOWED property to enable clients to the token endpoint to exchange refresh tokens for a new access token and refresh token.
      See Also: