vck-openid-ktor/at.asitplus.wallet.lib.ktor.openid/RemoteOAuth2AuthorizationServerAdapter

RemoteOAuth2AuthorizationServerAdapter

class RemoteOAuth2AuthorizationServerAdapter(val publicContext: String, engine: HttpClientEngine, cookiesStorage: CookiesStorage? = null, httpClientConfig: HttpClientConfig<*>.() -> Unit? = null, scope: CoroutineScope = CoroutineScope(Dispatchers.IO), oauth2Client: OAuth2KtorClient = OAuth2KtorClient( engine = engine, cookiesStorage = cookiesStorage, httpClientConfig = httpClientConfig, oAuth2Client = OAuth2Client(), ), val internalTokenVerificationService: TokenVerificationService, val dpopNonceService: NonceService = DefaultNonceService()) : OAuth2AuthorizationServerAdapter(source)

Uses an external OAuth 2.0 Authorization Server with a at.asitplus.wallet.lib.oidvci.CredentialIssuer, i.e., delegate authorization to the external AS, and load user info from there (after performing token exchange with the Wallet's access token to get a fresh one). Make sure to configure oauth2Client to use the correct OAuth2KtorClient.loadClientAttestationJwt.

Constructors

constructor(publicContext: String, engine: HttpClientEngine, cookiesStorage: CookiesStorage? = null, httpClientConfig: HttpClientConfig<*>.() -> Unit? = null, scope: CoroutineScope = CoroutineScope(Dispatchers.IO), oauth2Client: OAuth2KtorClient = OAuth2KtorClient( engine = engine, cookiesStorage = cookiesStorage, httpClientConfig = httpClientConfig, oAuth2Client = OAuth2Client(), ), internalTokenVerificationService: TokenVerificationService, dpopNonceService: NonceService = DefaultNonceService())

Properties

dpopNonceService

val dpopNonceService: NonceService

Used to provide DPoP nonces for credential requests, which will be verified by internalTokenVerificationService.

internalTokenVerificationService

val internalTokenVerificationService: TokenVerificationService

Validates access tokens received in validateAccessToken.

publicContext

open override val publicContext: String

Base URL of the remote Authorization Server.

Functions

getDpopNonce

open suspend override fun getDpopNonce(): String

getTokenInfo

open suspend override fun getTokenInfo(authorizationHeader: String, httpRequest: RequestInfo?): KmmResult<TokenInfo>

getUserInfo

open suspend override fun getUserInfo(authorizationHeader: String, httpRequest: RequestInfo?): KmmResult<JsonObject>

Obtains a JSON object representing at.asitplus.openid.OidcUserInfo from the Authorization Server, where we need to exchange the the wallet's access token in authorizationHeader first to get a valid access token to call the user info endpoint.

metadata

open suspend override fun metadata(): OAuth2AuthorizationServerMetadata

validateAccessToken

open suspend override fun validateAccessToken(authorizationHeader: String, httpRequest: RequestInfo?): KmmResult<Boolean>