vck-openid/at.asitplus.wallet.lib.oauth2/BearerTokenVerificationService

BearerTokenVerificationService

class BearerTokenVerificationService(tokenGenerationService: BearerTokenGenerationService) : TokenVerificationService(source)

Verifies Bearer tokens that have been generated by BearerTokenGenerationService. This does only work for internal authorization servers, because we could not store the actual user data otherwise.

Constructors

Link copied to clipboard
constructor(tokenGenerationService: BearerTokenGenerationService)

Functions

Link copied to clipboard
open suspend override fun extractValidatedClientKey(httpRequest: RequestInfo?): KmmResult<Nothing?>

Not supported for Bearer tokens.

Link copied to clipboard
open suspend override fun getTokenInfo(tokenOrAuthHeader: String): TokenInfo

Reads information about the token contained in tokenOrAuthHeader for token introspection.

Link copied to clipboard
open suspend override fun validateAccessToken(tokenOrAuthHeader: String, httpRequest: RequestInfo?, dpopNonceService: NonceService?): KmmResult<Unit>

Validates the token (either plain token or from an HTTP Authorization header, i.e., with prefix).

Link copied to clipboard
open suspend override fun validateRefreshToken(refreshToken: String, httpRequest: RequestInfo?, validatedClientKey: JsonWebKey?): String

Validates that this refresh token was actually issued by the known TokenGenerationService.