Package org.keycloak.representations

Class AccessToken

java.lang.Object

org.keycloak.representations.JsonWebToken

org.keycloak.representations.IDToken

org.keycloak.representations.AccessToken

All Implemented Interfaces:

Serializable, Token

Direct Known Subclasses:

IdentityCookieToken, RefreshToken, TokenMetadataRepresentation

public class AccessToken
extends IDToken

Version:

$Revision: 1 $

Author:

Bill Burke

See Also:

• Serialized Form

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	AccessToken.Access
static class	AccessToken.Authorization
static class	AccessToken.CertConf

Field Summary

Fields

Modifier and Type	Field	Description
protected Set<String>	allowedOrigins
protected AccessToken.Authorization	authorization
protected AccessToken.CertConf	certConf
protected AccessToken.Access	realmAccess
protected Map<String,AccessToken.Access>	resourceAccess
protected String	scope
protected Set<String>	trustedCertificates

Fields inherited from class org.keycloak.representations.IDToken

accessTokenHash, acr, ACR, address, ADDRESS, AT_HASH, auth_time, AUTH_TIME, birthdate, BIRTHDATE, C_HASH, CLAIMS_LOCALES, claimsLocales, codeHash, email, EMAIL, EMAIL_VERIFIED, emailVerified, FAMILY_NAME, familyName, gender, GENDER, GIVEN_NAME, givenName, locale, LOCALE, MIDDLE_NAME, middleName, name, NAME, nickName, NICKNAME, nonce, NONCE, PHONE_NUMBER, PHONE_NUMBER_VERIFIED, phoneNumber, phoneNumberVerified, picture, PICTURE, PREFERRED_USERNAME, preferredUsername, profile, PROFILE, S_HASH, SESSION_ID, SESSION_STATE, sessionState, stateHash, UPDATED_AT, updatedAt, website, WEBSITE, zoneinfo, ZONEINFO

Fields inherited from class org.keycloak.representations.JsonWebToken

audience, exp, iat, id, issuedFor, issuer, nbf, otherClaims, subject, type

Constructor Summary

Constructors

Constructor	Description
AccessToken()

Method Summary

Modifier and Type	Method	Description
AccessToken.Access	addAccess(String service)
AccessToken	expiration(int expiration)
Set<String>	getAllowedOrigins()
AccessToken.Authorization	getAuthorization()
TokenCategory	getCategory()
AccessToken.CertConf	getCertConf()
AccessToken.Access	getRealmAccess()
Map<String,AccessToken.Access>	getResourceAccess()
AccessToken.Access	getResourceAccess(String resource)
String	getScope()
Set<String>	getTrustedCertificates()
AccessToken	id(String id)
AccessToken	issuedAt(int issuedAt)
AccessToken	issuedFor(String issuedFor)
AccessToken	issuer(String issuer)
boolean	isVerifyCaller()	Does the realm require verifying the caller?
boolean	isVerifyCaller(String resource)	Does the resource override the requirement of verifying the caller?
AccessToken	notBefore(int notBefore)
void	setAllowedOrigins(Set<String> allowedOrigins)
void	setAuthorization(AccessToken.Authorization authorization)
void	setCertConf(AccessToken.CertConf certConf)
void	setRealmAccess(AccessToken.Access realmAccess)
void	setResourceAccess(Map<String,AccessToken.Access> resourceAccess)
void	setScope(String scope)
void	setTrustedCertificates(Set<String> trustedCertificates)
AccessToken	subject(String subject)
AccessToken	type(String type)

Methods inherited from class org.keycloak.representations.IDToken

getAccessTokenHash, getAcr, getAddress, getAuth_time, getAuthTime, getBirthdate, getClaimsLocales, getCodeHash, getEmail, getEmailVerified, getFamilyName, getGender, getGivenName, getLocale, getMiddleName, getName, getNickName, getNonce, getPhoneNumber, getPhoneNumberVerified, getPicture, getPreferredUsername, getProfile, getSessionId, getSessionState, getStateHash, getUpdatedAt, getWebsite, getZoneinfo, setAccessTokenHash, setAcr, setAddress, setAuth_time, setAuthTime, setBirthdate, setClaimsLocales, setCodeHash, setEmail, setEmailVerified, setFamilyName, setGender, setGivenName, setLocale, setMiddleName, setName, setNickName, setNonce, setPhoneNumber, setPhoneNumberVerified, setPicture, setPreferredUsername, setProfile, setSessionState, setStateHash, setUpdatedAt, setWebsite, setZoneinfo

Methods inherited from class org.keycloak.representations.JsonWebToken

addAudience, audience, exp, getAudience, getExp, getExpiration, getIat, getId, getIssuedAt, getIssuedFor, getIssuer, getNbf, getNotBefore, getOtherClaims, getSubject, getType, hasAnyAudience, hasAudience, iat, isActive, isActive, isExpired, isIssuedBeforeSessionStart, isNotBefore, issuedNow, nbf, setOtherClaims, setSubject

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

trustedCertificates

protected Set<String> trustedCertificates

allowedOrigins

protected Set<String> allowedOrigins

realmAccess

protected AccessToken.Access realmAccess

resourceAccess

protected Map<String,AccessToken.Access> resourceAccess

authorization

protected AccessToken.Authorization authorization

certConf

protected AccessToken.CertConf certConf

scope

protected String scope

Constructor Details

AccessToken

public AccessToken()

Method Details

getResourceAccess

public Map<String,AccessToken.Access> getResourceAccess()

setResourceAccess

public void setResourceAccess(Map<String,AccessToken.Access> resourceAccess)

isVerifyCaller

public boolean isVerifyCaller()

Does the realm require verifying the caller?

Returns:

isVerifyCaller

public boolean isVerifyCaller(String resource)

Does the resource override the requirement of verifying the caller?

Parameters:

resource -

Returns:

getResourceAccess

public AccessToken.Access getResourceAccess(String resource)

addAccess

public AccessToken.Access addAccess(String service)

id

public AccessToken id(String id)

Overrides:

id in class JsonWebToken

expiration

public AccessToken expiration(int expiration)

Overrides:

expiration in class JsonWebToken

notBefore

public AccessToken notBefore(int notBefore)

Overrides:

notBefore in class JsonWebToken

issuedAt

public AccessToken issuedAt(int issuedAt)

Overrides:

issuedAt in class JsonWebToken

issuer

public AccessToken issuer(String issuer)

Overrides:

issuer in class JsonWebToken

subject

public AccessToken subject(String subject)

Overrides:

subject in class JsonWebToken

type

public AccessToken type(String type)

Overrides:

type in class JsonWebToken

getAllowedOrigins

public Set<String> getAllowedOrigins()

setAllowedOrigins

public void setAllowedOrigins(Set<String> allowedOrigins)

getRealmAccess

public AccessToken.Access getRealmAccess()

setRealmAccess

public void setRealmAccess(AccessToken.Access realmAccess)

getTrustedCertificates

public Set<String> getTrustedCertificates()

setTrustedCertificates

public void setTrustedCertificates(Set<String> trustedCertificates)

issuedFor

public AccessToken issuedFor(String issuedFor)

Overrides:

issuedFor in class JsonWebToken

getAuthorization

public AccessToken.Authorization getAuthorization()

setAuthorization

public void setAuthorization(AccessToken.Authorization authorization)

getCertConf

public AccessToken.CertConf getCertConf()

setCertConf

public void setCertConf(AccessToken.CertConf certConf)

getScope

public String getScope()

setScope

public void setScope(String scope)

getCategory

public TokenCategory getCategory()

Specified by:

getCategory in interface Token

Overrides:

getCategory in class IDToken