the actor token type received on the endpoint. This must be one of the standard values according to the specification.
This method return null if no actor token was presented to the server.
the a map of the AuthenticationAttributes retrieved from the subject token if it was introspected by the server. Otherwise, it returns null.
the client that made the request.
Get the JSON helper for serializing/de-serializing JavaScript and Java types.
the actor token delegation found when introspecting the actor token. This method return null if no actor token was presented to the server.
the introspected subject token if that token could be introspected by the server. If it returns null the procedure plugin is expected to introspect the token itself by retrieving the raw token using context.getSubjectTokenValue() after performing the necessary operations to retrieve token details
the delegation for the subject token if the token was possible to introspect by the server. In other cases it returns null.
The original request object. This can be used to access headers and parameters passed in the original request.
the requested audiences as a set of strings.
This method returns an empty set if no audiences were requested.
the requested scopes as a set of strings.
This method returns an empty set if no scopes were requested .
the requested token type received on the endpoint. This may be one of the standard values according to the specification or a custom value. If not present it is up to the procedure plugin to decide the return type of the token.
This method return {@code null} if no requested token type was presented to the server.
The Response object. Can be used to modify cookies in the response.
the subject token type received on the endpoint. This may be a standard value or a custom value.
the subject token value received on the endpoint. This can be used to introspect the subject token in cases where it was not issued by the server.
a string that describes the type of this token procedure context.
Please use the Procedures API Documentation instead: https://curity.io/docs/idsvr/latest/developer-guide/scripting/index.html#scripting-guide
Please use the Procedures API Documentation instead: https://curity.io/docs/idsvr/latest/developer-guide/scripting/index.html#scripting-guide
the a map of the AuthenticationAttributes retrieved from the subject token if it was introspected by the server. Otherwise, it returns null.
the client that made the request.
a new fully initialized context. This method is used to get a fully initialized context. Before this is called it is not possible to use token issuers on the context or from the configuration object. It MUST be called before issuing tokens.
If the subject token was introspected by the server already this method can be called the following way: context.getInitializedContext(context.subjectAttributes(), context.contextAttributes(), ...);
the introspected actor token if it was presented to the server. When the actor token is presented to the server it is expected to have been issued by the server, thus if introspection fails the endpoint will return an error to the client.
The validationStrategy parameter can either be NONE or CLIENT, null defaults to CLIENT. NONE means no additional checks are made, and CLIENT means that the actor token MUST belong to the client that made the exchange request.
This method return null if no actor token was presented to the server.
the actor token delegation found when introspecting the actor token. This method return null if no actor token was presented to the server.
the introspected subject token if that token could be introspected by the server. If it returns null the procedure plugin is expected to introspect the token itself by retrieving the raw token using context.getSubjectTokenValue() after performing the necessary operations to retrieve token details
the delegation for the subject token if the token was possible to introspect by the server. In other cases it returns null.
The original request object. This can be used to access headers and parameters passed in the original request.
the requested token type received on the endpoint. This may be one of the standard values according to the specification or a custom value. If not present it is up to the procedure plugin to decide the return type of the token.
This method return {@code null} if no requested token type was presented to the server.
The Response object. Can be used to modify cookies in the response.
Context for OAuth 2.0 Token Exchange on the token endpoint