http4k-security-oauth/org.http4k.security.oauth.server/OAuthServer

OAuthServer

class OAuthServer(tokenPath: String, authRequestTracking: AuthRequestTracking, authoriseRequestValidator: AuthoriseRequestValidator, accessTokenRequestAuthentication: AccessTokenRequestAuthentication, authorizationCodes: AuthorizationCodes, accessTokens: AccessTokens, clock: Clock, json: AutoMarshalling = OAuthMoshi, authRequestExtractor: AuthRequestExtractor = AuthRequestFromQueryParameters, grantTypes: GrantTypesConfiguration = GrantTypesConfiguration.default(accessTokenRequestAuthentication), idTokens: IdTokens = IdTokens.Unsupported, refreshTokens: RefreshTokens = RefreshTokens.Unsupported, requestJWTValidator: RequestJWTValidator = RequestJWTValidator.Unsupported, documentationUri: String? = null, tokenResponseRenderer: AccessTokenResponseRenderer = DefaultAccessTokenResponseRenderer)

Provide help creating OAuth Authorization Server with Authorization Code Flow

Note that if you are using your own AutoMarshalling instance, either Kotlin-Reflection or the ability to unmarshall the AccessTokenResponse is required.

References:

Authorization Code Grant flow spec: https://tools.ietf.org/html/rfc6749#page-23
OAuth 2 Security Best Current Practices: https://tools.ietf.org/html/draft-ietf-oauth-security-topics-11

Constructors

OAuthServer

constructor(tokenPath: String, authRequestTracking: AuthRequestTracking, clientValidator: ClientValidator, authorizationCodes: AuthorizationCodes, accessTokens: AccessTokens, clock: Clock, json: AutoMarshalling = OAuthMoshi, authRequestExtractor: AuthRequestExtractor = AuthRequestFromQueryParameters, grantTypes: GrantTypesConfiguration = GrantTypesConfiguration.default( ClientSecretAccessTokenRequestAuthentication(clientValidator) ), idTokens: IdTokens = IdTokens.Unsupported, refreshTokens: RefreshTokens = RefreshTokens.Unsupported, requestJWTValidator: RequestJWTValidator = RequestJWTValidator.Unsupported, documentationUri: String? = null, tokenResponseRenderer: AccessTokenResponseRenderer = DefaultAccessTokenResponseRenderer)

constructor(tokenPath: String, authRequestTracking: AuthRequestTracking, authoriseRequestValidator: AuthoriseRequestValidator, accessTokenRequestAuthentication: AccessTokenRequestAuthentication, authorizationCodes: AuthorizationCodes, accessTokens: AccessTokens, clock: Clock, json: AutoMarshalling = OAuthMoshi, authRequestExtractor: AuthRequestExtractor = AuthRequestFromQueryParameters, grantTypes: GrantTypesConfiguration = GrantTypesConfiguration.default(accessTokenRequestAuthentication), idTokens: IdTokens = IdTokens.Unsupported, refreshTokens: RefreshTokens = RefreshTokens.Unsupported, requestJWTValidator: RequestJWTValidator = RequestJWTValidator.Unsupported, documentationUri: String? = null, tokenResponseRenderer: AccessTokenResponseRenderer = DefaultAccessTokenResponseRenderer)

Types

Companion

object Companion

Properties

authenticationComplete

val authenticationComplete: AuthenticationComplete

authenticationStart

val authenticationStart: Filter

tokenRoute

val tokenRoute: RoutingHttpHandler