This is documentation for Caché & Ensemble. See the InterSystems IRIS version of this content.

For information on migrating to InterSystems IRIS, see Why Migrate to InterSystems IRIS?

OAuth2.Server.Token

class OAuth2.Server.Token extends %Library.RegisteredObject

The class OAuth2.Server.Token implements the token endpoint, as specified in RFC 6749, for the Authorization Code, Password Credentials and Client Credentials grant types, and for refreshing the access token.
This class also serves as the endpoint for token management requests from the resource server and client.
All requests to this endpoint are of Content-Type "application/x-www-form-urlencoded". The requests from a confidential client must be authenticated using basic authentication with the client id and client secret as specified in RFC 6749. This class is used internally by Caché. You should not make direct use of it within your applications. There is no guarantee made about either the behavior or future operation of this class.

Method Inventory

Parameters

parameter HTTP200OK = 200 OK;
parameter HTTP400BADREQUEST = 400 Bad Request;
parameter HTTP401UNAUTHORIZED = 401 Unauthorized;
parameter HTTP500INTERNALSERVERERROR = 500 Internal Server Error;

Methods

classmethod CheckJWTAuthorization(jwt As %String, Output client As OAuth2.Server.Client) as %OAuth2.Error
If private_key_jwt or client_secret_jwt authentication used, then verify
classmethod GetJWTBody(jwt As %String, Output alg As %String) as %DynamicObject
Get algorithm and body from a JWT

Inherited Members

Inherited Methods

Feedback