com.ibm.security.access.mobile.authentication

Class OAuthContext

  • java.lang.Object
    • com.ibm.security.access.mobile.authentication.OAuthContext


  • public final class OAuthContext
    extends java.lang.Object
    The OAuthContext implements the Resource Owner Password Credentials (ROPC) Grant and Authorization Code Grant as the calling client to an OAuth authorization server. The resource owner is suitable in cases where the resource owner has a trust relationship with the client. the authorization code grant flow is suitable when the authorization code has been generated using an alternate factor, such as a desktop browser.
    Since:
    1.0.0
    Version:
    1.2.8
    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method and Description
      void getAccessToken(java.lang.String endpointUrl, java.lang.String clientId, java.lang.String code, IAuthenticationCallback callback)
      Acquires a security token from the token endpoint using OAuth authorization_code grant type.
      void getAccessToken(java.lang.String endpointUrl, java.lang.String clientId, java.lang.String code, java.util.Map<java.lang.String,java.lang.Object> params, IAuthenticationCallback callback)
      Acquires a security token from the token endpoint using OAuth authorization_code grant type.
      void getAccessToken(java.lang.String endpointUrl, java.lang.String clientId, java.lang.String username, java.lang.String password, IAuthenticationCallback callback)
      Acquires a security token from the token endpoint using OAuth resource owner password grant type.
      void getAccessToken(java.lang.String endpointUrl, java.lang.String clientId, java.lang.String username, java.lang.String password, java.util.Map<java.lang.String,java.lang.Object> params, IAuthenticationCallback callback)
      Acquires a security token from the token endpoint using OAuth resource owner password grant type.
      java.util.HashMap<java.lang.String,java.lang.String> getHeaders()
      Returns a HashMap of custom headers to be added to each http/s request
      javax.net.ssl.SSLContext getSslContext()
      Returns the SSLContext object.
      void refreshAccessToken(java.lang.String endpointUrl, java.lang.String clientId, java.lang.String refreshToken, IAuthenticationCallback callback)
      Acquires a security refresh token from the token endpoint using OAuth refresh_token grant type.
      void refreshAccessToken(java.lang.String endpointUrl, java.lang.String clientId, java.lang.String refreshToken, java.util.Map<java.lang.String,java.lang.Object> params, IAuthenticationCallback callback)
      Acquires a security refresh token from the token endpoint using OAuth refresh_token grant type.
      void setClientSecret(java.lang.String clientSecret)
      Sets the secret between the service and the app.
      void setConnectionTimeOut(int connectionTimeOut)
      Sets the connection timeout to a specified timeout, in milliseconds.
      void setHostnameVerifier(javax.net.ssl.HostnameVerifier hostnameVerifier)
      Sets the HostnameVerifier to use self-signed or unknown certificates for HttpsURLConnection, hat the host name is an acceptable match with the server's authentication scheme.
      void setReadTimeOut(int readTimeOut)
      Sets the read timeout to a specified timeout, in milliseconds.
      void setScope(java.lang.String[] scope)
      Sets an array of String of scopes to be authorized.
      void setSslContext(javax.net.ssl.SSLContext sslContext)
      Sets the SSLContext to use self-signed or unknown certificates for HttpsURLConnection.
      static OAuthContext sharedInstance()
      Returns the shared defaults object.
      • Methods inherited from class java.lang.Object

        equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Method Detail

      • sharedInstance

        public static OAuthContext sharedInstance()
        Returns the shared defaults object.
        Returns:
        the shared default object
      • setClientSecret

        public void setClientSecret(java.lang.String clientSecret)
        Sets the secret between the service and the app.
        Parameters:
        clientSecret - the secret between the service and the app.
      • getHeaders

        public java.util.HashMap<java.lang.String,java.lang.String> getHeaders()
        Returns a HashMap of custom headers to be added to each http/s request
        Returns:
        the hashmap of headers
      • setScope

        public void setScope(java.lang.String[] scope)
        Sets an array of String of scopes to be authorized.
        Parameters:
        scope - an array of String of scopes to be authorized
        Note:
        For mobile multi-factor authentication (MMFA) registration using the ROPC flow, a scope must contain mmfaAuthn

        For OpenID Connect registration using ROPC, a scope must contain oidc

      • getAccessToken

        public void getAccessToken(java.lang.String endpointUrl,
                                   java.lang.String clientId,
                                   java.lang.String username,
                                   java.lang.String password,
                                   IAuthenticationCallback callback)
        Acquires a security token from the token endpoint using OAuth resource owner password grant type.
        Parameters:
        endpointUrl - the location to the OAuth endpoint
        clientId - the unique identifier between the service and the app
        username - the username
        password - the password for username
        callback - the function delegate that is invoked with a OAuthResult.
        Throws:
        java.lang.IllegalArgumentException - if callback is null
      • getAccessToken

        public void getAccessToken(java.lang.String endpointUrl,
                                   java.lang.String clientId,
                                   java.lang.String username,
                                   java.lang.String password,
                                   java.util.Map<java.lang.String,java.lang.Object> params,
                                   IAuthenticationCallback callback)
        Acquires a security token from the token endpoint using OAuth resource owner password grant type.
        Parameters:
        endpointUrl - the location to the OAuth endpoint
        clientId - the unique identifier between the service and the app
        username - the username
        password - the password for username
        params - Additional parameters associated with the request
        callback - the function delegate that is invoked with a OAuthResult
        Throws:
        java.lang.IllegalArgumentException - if callback is null
      • getAccessToken

        public void getAccessToken(java.lang.String endpointUrl,
                                   java.lang.String clientId,
                                   java.lang.String code,
                                   IAuthenticationCallback callback)
        Acquires a security token from the token endpoint using OAuth authorization_code grant type.
        Parameters:
        endpointUrl - the location to the OAuth endpoint
        clientId - the unique identifier between the service and the app
        code - the authorisation code provided by the OAuth endpoint
        callback - the function delegate that is invoked with a OAuthResult
        Throws:
        java.lang.IllegalArgumentException - if callback is null
      • getAccessToken

        public void getAccessToken(java.lang.String endpointUrl,
                                   java.lang.String clientId,
                                   java.lang.String code,
                                   java.util.Map<java.lang.String,java.lang.Object> params,
                                   IAuthenticationCallback callback)
        Acquires a security token from the token endpoint using OAuth authorization_code grant type.
        Parameters:
        endpointUrl - the location to the OAuth endpoint
        clientId - the unique identifier between the service and the app
        code - the authorisation code provided by the OAuth endpoint
        params - Additional parameters associated with the request
        callback - the function delegate that is invoked with a OAuthResult
        Throws:
        java.lang.IllegalArgumentException - if callback is null
      • refreshAccessToken

        public void refreshAccessToken(java.lang.String endpointUrl,
                                       java.lang.String clientId,
                                       java.lang.String refreshToken,
                                       IAuthenticationCallback callback)
        Acquires a security refresh token from the token endpoint using OAuth refresh_token grant type.
        Parameters:
        endpointUrl - the location to the OAuth endpoint
        clientId - the unique identifier between the service and the app
        refreshToken - the refresh token
        callback - the function delegate that is invoked with a OAuthResult
        Throws:
        java.lang.IllegalArgumentException - if callback is null
      • refreshAccessToken

        public void refreshAccessToken(java.lang.String endpointUrl,
                                       java.lang.String clientId,
                                       java.lang.String refreshToken,
                                       java.util.Map<java.lang.String,java.lang.Object> params,
                                       IAuthenticationCallback callback)
        Acquires a security refresh token from the token endpoint using OAuth refresh_token grant type.
        Parameters:
        endpointUrl - the location to the OAuth endpoint
        clientId - the unique identifier between the service and the app
        refreshToken - the refresh token
        params - Additional parameters associated with the request
        callback - the function delegate that is invoked with a OAuthResult
        Throws:
        java.lang.IllegalArgumentException - if callback is null
      • setReadTimeOut

        public void setReadTimeOut(int readTimeOut)
                            throws java.lang.IllegalArgumentException
        Sets the read timeout to a specified timeout, in milliseconds. Default is 30000.
        Parameters:
        readTimeOut - time out in milliseconds
        Throws:
        java.lang.IllegalArgumentException - if parameter is <= 0
      • setConnectionTimeOut

        public void setConnectionTimeOut(int connectionTimeOut)
                                  throws java.lang.IllegalArgumentException
        Sets the connection timeout to a specified timeout, in milliseconds. Default is 30000.
        Parameters:
        connectionTimeOut - time out in milliseconds
        Throws:
        java.lang.IllegalArgumentException - if parameter is <= 0
      • getSslContext

        public javax.net.ssl.SSLContext getSslContext()
        Returns the SSLContext object.
        Returns:
        SSLContext the SSLContext
        Since:
        1.2.0
      • setSslContext

        public void setSslContext(javax.net.ssl.SSLContext sslContext)
        Sets the SSLContext to use self-signed or unknown certificates for HttpsURLConnection. If sslContext is not null, it will be used to validate the HttpsURLConnection, otherwise it won't be set.

        One way to provide a sslContext is described here

        Parameters:
        sslContext - A SSLContext instance that contains the list of certificates.
        Since:
        1.2.0
      • setHostnameVerifier

        public void setHostnameVerifier(javax.net.ssl.HostnameVerifier hostnameVerifier)
        Sets the HostnameVerifier to use self-signed or unknown certificates for HttpsURLConnection, hat the host name is an acceptable match with the server's authentication scheme.

        hostnameVerifier will only be set if BaseNetworkContext.sslContext is set as well (not null).

        If hostnameVerifier is not null, the overwritten HostnameVerifier.verify(String, SSLSession) method will be invoked to verify the host name. Otherwise the inherited HostnameVerifier instance is used.

        Parameters:
        hostnameVerifier - A HostnameVerifier instance that contains an overwritten HostnameVerifier.verify(String, SSLSession) method
        Since:
        1.2.0