%OAuth2.Server.Properties
persistent class %OAuth2.Server.Properties extends %Library.Persistent
SQL Table Name: %OAuth2_Server.Properties
%OAuth2.Server.Properties stores the properties and claims that are used to communicate between various parts of the OAuth 2.0 authorization server. See the description of each property of this class to understand usage of the properties and claims.Note that storage is not in a % global. Therefore allowing the claim to be viewed from any namespace, but only opened or saved with the proper credentials.
Property Inventory
- ClaimValues
- CustomProperties
- IDTokenClaims
- IntrospectionClaims
- JWTClaims
- JWTHeaderClaims
- RequestProperties
- ResponseProperties
- ServerProperties
- UserinfoClaims
Method Inventory
Properties
property ClaimValues as array of %String);
ClaimValues associates the value to be returned for the claim will with the claim having
the same key in a claims array.
Each claim value is stored as $lb(type,value) where type = "string", "boolean", "number" or "object".
If type="object", then value is the JSON object serialized as a string. For all types, if the value is a $list, then it is an array of the specified type.
Each claim value is stored as $lb(type,value) where type = "string", "boolean", "number" or "object".
If type="object", then value is the JSON object serialized as a string. For all types, if the value is a $list, then it is an array of the specified type.
Property methods: ClaimValuesBuildValueArray(), ClaimValuesCollectionToDisplay(), ClaimValuesCollectionToOdbc(), ClaimValuesDisplayToCollection(), ClaimValuesDisplayToLogical(), ClaimValuesGet(), ClaimValuesGetObject(), ClaimValuesGetObjectId(), ClaimValuesGetStored(), ClaimValuesGetSwizzled(), ClaimValuesIsValid(), ClaimValuesLogicalToDisplay(), ClaimValuesLogicalToOdbc(), ClaimValuesNormalize(), ClaimValuesOdbcToCollection(), ClaimValuesSet(), ClaimValuesSetObject(), ClaimValuesSetObjectId()
property CustomProperties as array of %String);
CustomProperties contains the custom properties to be used to communicate between various
pieces of customization code.
CustomProperties.GetAt() is the value of the property.
CustomProperties.GetAt(
Property methods: CustomPropertiesBuildValueArray(), CustomPropertiesCollectionToDisplay(), CustomPropertiesCollectionToOdbc(), CustomPropertiesDisplayToCollection(), CustomPropertiesDisplayToLogical(), CustomPropertiesGet(), CustomPropertiesGetObject(), CustomPropertiesGetObjectId(), CustomPropertiesGetStored(), CustomPropertiesGetSwizzled(), CustomPropertiesIsValid(), CustomPropertiesLogicalToDisplay(), CustomPropertiesLogicalToOdbc(), CustomPropertiesNormalize(), CustomPropertiesOdbcToCollection(), CustomPropertiesSet(), CustomPropertiesSetObject(), CustomPropertiesSetObjectId()
property IDTokenClaims as array of %OAuth2.Server.Claim;
IDTokenClaims specifies the claims that are needed for the IDToken beyond the base set of required claims.
The "iss", "sub", "exp", "sid", "aud" and "azp" claims will be returned even if not in IDTokenClaims.
The claims are defined based on the scope and request claims parameter.
The value to be returned for the claim will have the same key in the ClaimValues property.
The value of the claims will usually be set by the ValidateUser class.
IDTokenClaims.GetAt() defines the claim.
IDTokenClaims.GetAt(
Property methods: IDTokenClaimsBuildValueArray(), IDTokenClaimsCollectionToDisplay(), IDTokenClaimsCollectionToOdbc(), IDTokenClaimsDisplayToCollection(), IDTokenClaimsGet(), IDTokenClaimsGetObject(), IDTokenClaimsGetObjectId(), IDTokenClaimsGetStored(), IDTokenClaimsGetSwizzled(), IDTokenClaimsIsValid(), IDTokenClaimsOdbcToCollection(), IDTokenClaimsSet(), IDTokenClaimsSetObject(), IDTokenClaimsSetObjectId()
property IntrospectionClaims as array of %OAuth2.Server.Claim;
IntrospectionClaims specifies the claims that need to be returned by the Introspection endpoint beyond the base required claims.
The scope, client_id, username, token_type, exp, iat, nbf, sub, aud, iss and jti claims
will be returned even if they are not in IntrospectionClaims.
The value of the claims will usually be set by the ValidateUser class.
IntrospectionClaims.GetAt() defines the claim.
IntrospectionClaims.GetAt(
Property methods: IntrospectionClaimsBuildValueArray(), IntrospectionClaimsCollectionToDisplay(), IntrospectionClaimsCollectionToOdbc(), IntrospectionClaimsDisplayToCollection(), IntrospectionClaimsGet(), IntrospectionClaimsGetObject(), IntrospectionClaimsGetObjectId(), IntrospectionClaimsGetStored(), IntrospectionClaimsGetSwizzled(), IntrospectionClaimsIsValid(), IntrospectionClaimsOdbcToCollection(), IntrospectionClaimsSet(), IntrospectionClaimsSetObject(), IntrospectionClaimsSetObjectId()
property JWTClaims as array of %OAuth2.Server.Claim;
JWTClaims specifies the claims that are needed for the JWT access token that is returned
by the default JWT based access token class (%OAuth2.Server.JWT) beyond the base set of required claims.
The "iss", "sub", "exp", "aud", "jti", and "scope" claims will be returned even if not in JWTClaims.
The claims are defined by the customization code.
The value to be returned for the claim will have the same key in the ClaimValues property.
The value of the claims will usually be set by the ValidateUser class.
JWTClaims.GetAt() defines the claim.
JWTClaims.GetAt(
Property methods: JWTClaimsBuildValueArray(), JWTClaimsCollectionToDisplay(), JWTClaimsCollectionToOdbc(), JWTClaimsDisplayToCollection(), JWTClaimsGet(), JWTClaimsGetObject(), JWTClaimsGetObjectId(), JWTClaimsGetStored(), JWTClaimsGetSwizzled(), JWTClaimsIsValid(), JWTClaimsOdbcToCollection(), JWTClaimsSet(), JWTClaimsSetObject(), JWTClaimsSetObjectId()
property JWTHeaderClaims as array of %OAuth2.Server.Claim;
JWTHeaderClaims specifies the claims to include in the JOSE Header for the JWT access token that is returned
by the default JWT based access token class (%OAuth2.Server.JWT) beyond the set of headers
required by the signature or encryption options in use. The key can be either the name of a claim that exists
in the ClaimValues property, or "jku" or "jwk". If "jku" is specified, then the "jku" field will be defined in
JOSE header, containing the value of the relevant JWKS URL. If "jwk" is specified, then the "jwk" field will be
defined, containing the JWK for the relvant public key. In both cases, the field will only be defined in the header
if signing or encryption is being used with an asymmetric algorithm. It is not valid to specify other JOSE header
fields defined by RFC 7515.
The claims are defined by the customization code. The value to be returned for the claim will have the same key in the ClaimValues property. The value of the claims will usually be set by the ValidateUser class.
JWTHeaderClaims.GetAt() defines the claim.
The claims are defined by the customization code. The value to be returned for the claim will have the same key in the ClaimValues property. The value of the claims will usually be set by the ValidateUser class.
JWTHeaderClaims.GetAt(
Property methods: JWTHeaderClaimsBuildValueArray(), JWTHeaderClaimsCollectionToDisplay(), JWTHeaderClaimsCollectionToOdbc(), JWTHeaderClaimsDisplayToCollection(), JWTHeaderClaimsGet(), JWTHeaderClaimsGetObject(), JWTHeaderClaimsGetObjectId(), JWTHeaderClaimsGetStored(), JWTHeaderClaimsGetSwizzled(), JWTHeaderClaimsIsValid(), JWTHeaderClaimsOdbcToCollection(), JWTHeaderClaimsSet(), JWTHeaderClaimsSetObject(), JWTHeaderClaimsSetObjectId()
property RequestProperties as array of %String);
RequestProperties contains the query parameters from the authorization request.
RequestProperties.GetAt() is the value of the query parameter.
RequestProperties.GetAt(
Property methods: RequestPropertiesBuildValueArray(), RequestPropertiesCollectionToDisplay(), RequestPropertiesCollectionToOdbc(), RequestPropertiesDisplayToCollection(), RequestPropertiesDisplayToLogical(), RequestPropertiesGet(), RequestPropertiesGetObject(), RequestPropertiesGetObjectId(), RequestPropertiesGetStored(), RequestPropertiesGetSwizzled(), RequestPropertiesIsValid(), RequestPropertiesLogicalToDisplay(), RequestPropertiesLogicalToOdbc(), RequestPropertiesNormalize(), RequestPropertiesOdbcToCollection(), RequestPropertiesSet(), RequestPropertiesSetObject(), RequestPropertiesSetObjectId()
property ResponseProperties as array of %String);
ResponseProperties contains the properties to be added to the JSON response
object to a token request.
ResponseProperties.GetAt() is the value of the JSON response property.
ResponseProperties.GetAt(
Property methods: ResponsePropertiesBuildValueArray(), ResponsePropertiesCollectionToDisplay(), ResponsePropertiesCollectionToOdbc(), ResponsePropertiesDisplayToCollection(), ResponsePropertiesDisplayToLogical(), ResponsePropertiesGet(), ResponsePropertiesGetObject(), ResponsePropertiesGetObjectId(), ResponsePropertiesGetStored(), ResponsePropertiesGetSwizzled(), ResponsePropertiesIsValid(), ResponsePropertiesLogicalToDisplay(), ResponsePropertiesLogicalToOdbc(), ResponsePropertiesNormalize(), ResponsePropertiesOdbcToCollection(), ResponsePropertiesSet(), ResponsePropertiesSetObject(), ResponsePropertiesSetObjectId()
property ServerProperties as array of %String);
ServerProperties contains properties that the authorization server chooses to share with the customization code.
The logo_uri, client_uri, policy_uri and tos_uri client properties are shared in this way for use by the Authentication Class.
ServerProperties.GetAt() is the value of the property.
The logo_uri, client_uri, policy_uri and tos_uri client properties are shared in this way for use by the Authentication Class.
ServerProperties.GetAt(
Property methods: ServerPropertiesBuildValueArray(), ServerPropertiesCollectionToDisplay(), ServerPropertiesCollectionToOdbc(), ServerPropertiesDisplayToCollection(), ServerPropertiesDisplayToLogical(), ServerPropertiesGet(), ServerPropertiesGetObject(), ServerPropertiesGetObjectId(), ServerPropertiesGetStored(), ServerPropertiesGetSwizzled(), ServerPropertiesIsValid(), ServerPropertiesLogicalToDisplay(), ServerPropertiesLogicalToOdbc(), ServerPropertiesNormalize(), ServerPropertiesOdbcToCollection(), ServerPropertiesSet(), ServerPropertiesSetObject(), ServerPropertiesSetObjectId()
property UserinfoClaims as array of %OAuth2.Server.Claim;
UserinfoClaims specifies the claims that need to be returned by the Userinfo endpoint beyond the base required claims.
The "sub" claim will be returned even if not in UserinfoClaims.
The claims are defined based on the scope and request claims parameter.
The value to be returned for the claim will have the same key in the ClaimValues property.
The value of the claims will usually be set by the ValidateUser class.
UserinfoClaims.GetAt() defines the claim.
UserinfoClaims.GetAt(
Property methods: UserinfoClaimsBuildValueArray(), UserinfoClaimsCollectionToDisplay(), UserinfoClaimsCollectionToOdbc(), UserinfoClaimsDisplayToCollection(), UserinfoClaimsGet(), UserinfoClaimsGetObject(), UserinfoClaimsGetObjectId(), UserinfoClaimsGetStored(), UserinfoClaimsGetSwizzled(), UserinfoClaimsIsValid(), UserinfoClaimsOdbcToCollection(), UserinfoClaimsSet(), UserinfoClaimsSetObject(), UserinfoClaimsSetObjectId()
Methods
Get the value and type of the claim named by the name argument.
Get the value and type of the claim named by the name argument
with $list value converted to %DynamicArray
Get the next name from the ClaimValues property
method RemoveClaimValue(name As %String)
Remove the value of the claim named by the name argument.
Set the value of the claim named by the name argument.
type = "string", "boolean", "number" or "object". The default type is "string" If type="object", then value is the JSON object serialized as a string. For all types, if the value is a $list, then it is an array of the specified type.
type = "string", "boolean", "number" or "object". The default type is "string" If type="object", then value is the JSON object serialized as a string. For all types, if the value is a $list, then it is an array of the specified type.
Indexes
index (IDKEY on ) [IdKey, Type = key];
Index methods: IDKEYCheck(), IDKEYDelete(), IDKEYExists(), IDKEYOpen(), IDKEYSQLCheckUnique(), IDKEYSQLExists(), IDKEYSQLFindPKeyByConstraint(), IDKEYSQLFindRowIDByConstraint()
Inherited Members
Inherited Methods
- %%CLASSNAMELogicalToStorage()
- %%CLASSNAMEStorageToLogical()
- %AddToSaveSet()
- %AddToSyncSet()
- %BMEBuilt()
- %BuildIndicesAsync()
- %BuildIndicesAsyncResponse()
- %CheckConstraints()
- %CheckConstraintsForExtent()
- %ClassIsLatestVersion()
- %ClassName()
- %ComposeOid()
- %ConstructClone()
- %Delete()
- %DeleteExtent()
- %DeleteId()
- %DispatchClassMethod()
- %DispatchGetModified()
- %DispatchGetProperty()
- %DispatchMethod()
- %DispatchSetModified()
- %DispatchSetMultidimProperty()
- %DispatchSetProperty()
- %Exists()
- %ExistsId()
- %Extends()
- %GUID()
- %GUIDSet()
- %GetLock()
- %GetParameter()
- %GetSwizzleObject()
- %Id()
- %InsertBatch()
- %IsA()
- %IsModified()
- %IsNull()
- %KillExtent()
- %KillExtentData()
- %LoadFromMemory()
- %LockExtent()
- %LockId()
- %New()
- %NormalizeObject()
- %ObjectIsNull()
- %ObjectModified()
- %Oid()
- %OnBeforeAddToSync()
- %OnDeleteFinally()
- %OnDetermineClass()
- %OnOpenFinally()
- %OnSaveFinally()
- %Open()
- %OpenId()
- %OriginalNamespace()
- %PackageName()
- %PhysicalAddress()
- %PurgeIndices()
- %Reload()
- %RemoveFromSaveSet()
- %ResolveConcurrencyConflict()
- %RollBack()
- %Save()
- %SaveDirect()
- %SaveIndices()
- %SerializeObject()
- %SetModified()
- %SortBegin()
- %SortEnd()
- %SyncObjectIn()
- %SyncTransport()
- %UnlockExtent()
- %UnlockId()
- %ValidateIndices()
- %ValidateObject()
- %ValidateTable()
Storage
Storage Model: Storage (%OAuth2.Server.Properties)
^OAuth2.Server.PropertiesD(ID) |
= | %%CLASSNAME
RequestProperties
ResponseProperties
CustomProperties
IDTokenClaims
UserinfoClaims
JWTClaims
ClaimValues
IntrospectionClaims
ServerProperties
JWTHeaderClaims
|