OAuth2.ServerDefinition
persistent class OAuth2.ServerDefinition extends %Library.Persistent
SQL Table Name: OAuth2.ServerDefinition
OAuth2. ServerDefinition is a persistent class which defines an authorization server which is available to this Cache instance for OAuth 2.0 client definition. The authorization server definition may be used by multiple client application definitions.Property Inventory
- AuthorizationEndpoint
- Clients
- InitialAccessToken
- IntrospectionEndpoint
- IssuerEndpoint
- Metadata
- RevocationEndpoint
- SSLConfiguration
- ServerCredentials
- TokenEndpoint
- UserinfoEndpoint
Method Inventory
Properties
property AuthorizationEndpoint as %OAuth2.uri;
**** Moved to OAuth2.Server.Metadata when dynamic client support introduced
The endpoint URL to be used for to request an authorization code from the authorization server.
Required if ClientType is public or confidential.
Based on Authorization Server documentation.
The endpoint URL to be used for to request an authorization code from the authorization server.
Required if ClientType is public or confidential.
Based on Authorization Server documentation.
Property methods: AuthorizationEndpointDisplayToLogical(), AuthorizationEndpointGet(), AuthorizationEndpointGetStored(), AuthorizationEndpointIsValid(), AuthorizationEndpointLogicalToDisplay(), AuthorizationEndpointLogicalToOdbc(), AuthorizationEndpointNormalize()
relationship Clients as array of OAuth2.Client [ InitialExpression = $listbuild("OAuth2.Client","ServerDefinition",+$this,"many",1,1) , Transient , Inverse = ServerDefinition , Cardinality = many ];
The clients that use this server defintion.
Property methods: ClientsGet(), ClientsGetObject(), ClientsGetObjectId(), ClientsGetSwizzled(), ClientsIsEmpty(), ClientsIsValid(), ClientsNewObject(), ClientsRClose(), ClientsRExec(), ClientsRFetch(), ClientsRelate(), ClientsSQLCompute(), ClientsSet(), ClientsUnRelate()
property InitialAccessToken as %String (MAXLEN = 2048);
The optional initial registration access token which may be specified out of band
and is used as a bearer token to authorize the synamic client registartion request.
Property methods: InitialAccessTokenDisplayToLogical(), InitialAccessTokenGet(), InitialAccessTokenGetStored(), InitialAccessTokenIsValid(), InitialAccessTokenLogicalToDisplay(), InitialAccessTokenLogicalToOdbc(), InitialAccessTokenNormalize(), InitialAccessTokenSet()
property IntrospectionEndpoint as %OAuth2.uri;
**** Moved to OAuth2.Server.Metadata when dynamic client support introduced
The endpoint URL to be used for to make a RFC 7662 based token introspection request using the client_id and client_secret for authorization.
The endpoint URL to be used for to make a RFC 7662 based token introspection request using the client_id and client_secret for authorization.
Property methods: IntrospectionEndpointDisplayToLogical(), IntrospectionEndpointGet(), IntrospectionEndpointGetStored(), IntrospectionEndpointIsValid(), IntrospectionEndpointLogicalToDisplay(), IntrospectionEndpointLogicalToOdbc(), IntrospectionEndpointNormalize()
property IssuerEndpoint as %String (COLLATION = "EXACT", MAXLEN = 1024) [ Required ];
The endpoint URL to be used to identify the authorization server.
Required for all ClientTypes.
Required for all ClientTypes.
Property methods: IssuerEndpointDisplayToLogical(), IssuerEndpointGet(), IssuerEndpointGetStored(), IssuerEndpointIsValid(), IssuerEndpointLogicalToDisplay(), IssuerEndpointLogicalToOdbc(), IssuerEndpointNormalize()
property Metadata as OAuth2.Server.Metadata;
The meta data which describes this authorization server,
Property methods: MetadataGet(), MetadataGetObject(), MetadataGetObjectId(), MetadataGetStored(), MetadataGetSwizzled(), MetadataIsValid(), MetadataNewObject(), MetadataSet(), MetadataSetObject(), MetadataSetObjectId(), MetadataUnSwizzle()
property RevocationEndpoint as %OAuth2.uri;
**** Moved to OAuth2.Server.Metadata when dynamic client support introduced
The endpoint URL to be used for to make a RFC 7009 based token revocation request using the client_id and client_secret for authorization.
The endpoint URL to be used for to make a RFC 7009 based token revocation request using the client_id and client_secret for authorization.
Property methods: RevocationEndpointDisplayToLogical(), RevocationEndpointGet(), RevocationEndpointGetStored(), RevocationEndpointIsValid(), RevocationEndpointLogicalToDisplay(), RevocationEndpointLogicalToOdbc(), RevocationEndpointNormalize()
property SSLConfiguration as %String (MAXLEN = 64, MINLEN = 1);
The name of the activated TLS/SSL configuration to use for authorization server Discovery requests.
Chosen by user during configuration.
Chosen by user during configuration.
Property methods: SSLConfigurationDisplayToLogical(), SSLConfigurationGet(), SSLConfigurationGetStored(), SSLConfigurationIsValid(), SSLConfigurationLogicalToDisplay(), SSLConfigurationLogicalToOdbc(), SSLConfigurationNormalize(), SSLConfigurationSet()
property ServerCredentials as %String;
ServerCredentials is the alias of the %SYS.X509Credentials object which contains the server's certificate.
Property methods: ServerCredentialsDisplayToLogical(), ServerCredentialsGet(), ServerCredentialsGetStored(), ServerCredentialsIsValid(), ServerCredentialsLogicalToDisplay(), ServerCredentialsLogicalToOdbc(), ServerCredentialsNormalize(), ServerCredentialsSet()
property TokenEndpoint as %OAuth2.uri;
**** Moved to OAuth2.Server.Metadata when dynamic client support introduced
The endpoint URL to be used for to request an access token from the authorization server.
Required for all ClientTypes.
Based on Authorization Server documentation.
The endpoint URL to be used for to request an access token from the authorization server.
Required for all ClientTypes.
Based on Authorization Server documentation.
Property methods: TokenEndpointDisplayToLogical(), TokenEndpointGet(), TokenEndpointGetStored(), TokenEndpointIsValid(), TokenEndpointLogicalToDisplay(), TokenEndpointLogicalToOdbc(), TokenEndpointNormalize()
property UserinfoEndpoint as %OAuth2.uri;
**** Moved to OAuth2.Server.Metadata when dynamic client support introduced
The endpoint URL to be used for to make a userinfo request using an access token from the authorization server for authorization
The endpoint URL to be used for to make a userinfo request using an access token from the authorization server for authorization
Property methods: UserinfoEndpointDisplayToLogical(), UserinfoEndpointGet(), UserinfoEndpointGetStored(), UserinfoEndpointIsValid(), UserinfoEndpointLogicalToDisplay(), UserinfoEndpointLogicalToOdbc(), UserinfoEndpointNormalize()
Methods
Delete this server definition.
classmethod Open(serverDefinitionId As %String, Output sc As %Status) as OAuth2.ServerDefinition
Open the OAuth2.ServerDefinition instance.
classmethod OpenByIssuer(issuerEndpoint As %String, Output sc As %Status) as OAuth2.ServerDefinition
Open an OAuth2.ServerDefinition instance based on the IssuerEndpoint property
Manually set the authorization server supplied public JWKS and optionally jwks_uri.
Get and save a new public JWKS for the authorization server if the JWKS was specified using jwks_uri metadata.
Return true if a new JWKS was obtained
Queries
query List()
SQL Query:
SELECT ID, IssuerEndpoint, ( SELECT COUNT(*) FROM Client WHERE ServerDefinition->ID = sd.ID ) AS ClientCount FROM ServerDefinition as sd ORDER BY IssuerEndpoint
SELECT ID, IssuerEndpoint, ( SELECT COUNT(*) FROM Client WHERE ServerDefinition->ID = sd.ID ) AS ClientCount FROM ServerDefinition as sd ORDER BY IssuerEndpoint
List authorization servers available to client applications for SMP page
Indexes
index (IDKEY on ) [IdKey, Type = key];
Index methods: IDKEYCheck(), IDKEYDelete(), IDKEYExists(), IDKEYOpen(), IDKEYSQLCheckUnique(), IDKEYSQLExists(), IDKEYSQLFindPKeyByConstraint(), IDKEYSQLFindRowIDByConstraint()
Inherited Members
Inherited Methods
- %AddToSaveSet()
- %AddToSyncSet()
- %BMEBuilt()
- %CheckConstraints()
- %CheckConstraintsForExtent()
- %ClassIsLatestVersion()
- %ClassName()
- %ComposeOid()
- %ConstructClone()
- %Delete()
- %DeleteExtent()
- %DeleteId()
- %DispatchClassMethod()
- %DispatchGetModified()
- %DispatchGetProperty()
- %DispatchMethod()
- %DispatchSetModified()
- %DispatchSetMultidimProperty()
- %DispatchSetProperty()
- %Exists()
- %ExistsId()
- %Extends()
- %GUID()
- %GUIDSet()
- %GetLock()
- %GetParameter()
- %GetSwizzleObject()
- %Id()
- %InsertBatch()
- %IsA()
- %IsModified()
- %IsNull()
- %KillExtent()
- %KillExtentData()
- %LoadFromMemory()
- %LockExtent()
- %LockId()
- %New()
- %NormalizeObject()
- %ObjectIsNull()
- %ObjectModified()
- %Oid()
- %OnBeforeAddToSync()
- %OnDetermineClass()
- %Open()
- %OpenId()
- %OriginalNamespace()
- %PackageName()
- %PhysicalAddress()
- %PurgeIndices()
- %Reload()
- %RemoveFromSaveSet()
- %ResolveConcurrencyConflict()
- %RollBack()
- %Save()
- %SaveDirect()
- %SaveIndices()
- %SerializeObject()
- %SetModified()
- %SortBegin()
- %SortEnd()
- %SyncObjectIn()
- %SyncTransport()
- %UnlockExtent()
- %UnlockId()
- %ValidateIndices()
- %ValidateObject()
Storage
Storage Model: CacheStorage (OAuth2.ServerDefinition)
^OAuth2.ServerDefinitionD(ID) | = | %%CLASSNAME
IssuerEndpoint
AuthorizationEndpoint
TokenEndpoint
UserinfoEndpoint
ServerCredentials
Hash
IntrospectionEndpoint
RevocationEndpoint
Metadata
SSLConfiguration
InitialAccessToken
PublicJWKS
IsDiscoverty
IsDiscovery
|