Interface ScopeAuthorization
- All Superinterfaces:
AuthorizationProvider
Scope is a mechanism in OAuth 2.0 to limit an application's access to a user's account.
An application can request one or more scopes, this information is then presented to the
user in the consent screen, and the access token issued to the application will be
limited to the scopes granted.
The OAuth spec allows the authorization server or user to modify the scopes granted to the application compared to what is requested, although there are not many examples of services doing this in practice.
OAuth2 does not define any particular values for scopes, since it is highly dependent on the service's internal architecture and needs.
- Author:
- Paulo Lopes.
-
Method Summary
Modifier and TypeMethodDescriptionclaimKey()Returns the configured claim key.static ScopeAuthorizationcreate()Factory method to create a Authorization provider for Oauth 2.0 scopes using the default separator" ".static ScopeAuthorizationFactory method to create a Authorization provider for Oauth 2.0 scopes.static ScopeAuthorizationFactory method to create a Authorization provider for OpenID Connect scopes.Returns a String with the given scopes concatenated with the given separator.Returns the configured separator.Methods inherited from interface AuthorizationProvider
getAuthorizations, getId
-
Method Details
-
create
Factory method to create a Authorization provider for Oauth 2.0 scopes using the default separator" ".- Returns:
- a AuthorizationProvider
-
create
Factory method to create a Authorization provider for Oauth 2.0 scopes.- Parameters:
scopeSeparator- the scope separator e.g.:" ",",","+"- Returns:
- a AuthorizationProvider
-
create
Factory method to create a Authorization provider for OpenID Connect scopes. The claim key will be used to locate the scopes from a decoded JWT.- Parameters:
scopeSeparator- the scope separator e.g.:" ",",","+"claimKey- the scope claim key e.g.:"scp","scope"- Returns:
- a AuthorizationProvider
-
separator
-
claimKey
-
encode
-