| Modifier and Type | Method and Description |
|---|---|
D4ScienceIAMClientAuthn |
D4ScienceIAMClient.authenticate(String clientId,
String clientSecret)
Authenticates the client with provided id and secret
|
D4ScienceIAMClientAuthn |
D4ScienceIAMClient.authenticate(String clientId,
String clientSecret,
String context)
Authenticates the client with provided credentials, reducing the token audience to the requested `context`
|
D4ScienceIAMClientAuthn |
D4ScienceIAMClient.authenticateUser(String username,
String password)
Deprecated.
this authn method is deprecated in the oauth2 specifications (see https://oauth.net/2/grant-types/password/)
|
D4ScienceIAMClientAuthn |
D4ScienceIAMClient.authenticateUser(String username,
String password,
String context)
Deprecated.
this authn method is deprecated in the oauth2 specifications (see https://oauth.net/2/grant-types/password/)
|
D4ScienceIAMClientAuthn |
D4ScienceIAMClient.authenticateUser(String clientId,
String clientSecret,
String username,
String password)
Deprecated.
this authn method is deprecated in the oauth2 specifications (see https://oauth.net/2/grant-types/password/)
|
D4ScienceIAMClientAuthn |
D4ScienceIAMClient.authenticateUser(String clientId,
String clientSecret,
String username,
String password,
String context)
Deprecated.
this authn method is deprecated in the oauth2 specifications (see https://oauth.net/2/grant-types/password/)
|
D4ScienceIAMClientAuthz |
D4ScienceIAMClientAuthn.authorize(String context)
Authorizes the client or the user by using the authn already obtained, for the specific context audience and no optional permissions.
|
D4ScienceIAMClientAuthz |
D4ScienceIAMClientAuthn.authorize(String context,
List<String> permissions)
Authorizes the client or the user by using the authn already obtained, for the specific context audience and with optional permissions.
|
D4ScienceIAMClientAuthz |
D4ScienceIAMClient.authorize(String clientId,
String clientSecret,
String context)
Directly authorizes the client by using the provided credentials, for the specific context audience and with no optional permissions
|
D4ScienceIAMClientAuthz |
D4ScienceIAMClient.authorize(String clientId,
String clientSecret,
String context,
List<String> permissions)
Directly authorizes the client by using the provided credentials, for the specific context audience and with optional permissions
|
boolean |
IAMResponse.canBeRefreshed()
Check if the current response can be refreshed
|
boolean |
AbstractIAMResponse.canBeRefreshed() |
org.gcube.common.keycloak.model.AccessToken |
IAMResponse.getAccessToken()
Returns the access token in the response.
|
org.gcube.common.keycloak.model.AccessToken |
AbstractIAMResponse.getAccessToken() |
String |
IAMResponse.getContactOrganization()
Returns the client's contact organization from the token
|
String |
AbstractIAMResponse.getContactOrganization() |
String |
IAMResponse.getContactPerson()
Returns the client's contact person from the token
|
String |
AbstractIAMResponse.getContactPerson() |
Set<String> |
IAMResponse.getContextRoles()
Returns the resource roles for the resource specified in the token context
|
Set<String> |
AbstractIAMResponse.getContextRoles() |
Set<String> |
IAMResponse.getGlobalRoles()
Returns the realm roles in the token
|
Set<String> |
AbstractIAMResponse.getGlobalRoles() |
String |
IAMResponse.getName()
Returns the client's name from the token
|
String |
AbstractIAMResponse.getName() |
Set<String> |
IAMResponse.getResourceRoles(String resource)
Returns the resource roles for the resource specified in the resource parameter
|
Set<String> |
AbstractIAMResponse.getResourceRoles(String resource) |
Set<String> |
IAMResponse.getRoles()
Returns all the roles, realm and from all the resources in the token in the same set
|
Set<String> |
AbstractIAMResponse.getRoles() |
boolean |
IAMResponse.isAccessTokenValid()
Quick way to check if the access token is valid by checking the digital signature and the token expiration
|
boolean |
AbstractIAMResponse.isAccessTokenValid() |
boolean |
IAMResponse.isAccessTokenValid(boolean checkExpiration)
Quick way to check if the access token is valid by checking the digital signature and the token expiration if the
checkExpiration parameter is true |
boolean |
AbstractIAMResponse.isAccessTokenValid(boolean checkExpiration) |
boolean |
IAMResponse.isExpired()
Check if the current response is expired
|
boolean |
AbstractIAMResponse.isExpired() |
boolean |
IAMResponse.isRefreshTokenValid()
Quick way to check if the refresh token present in the current response and it is valid by checking the digital signature and the token expiration
|
boolean |
AbstractIAMResponse.isRefreshTokenValid() |
boolean |
IAMResponse.isRefreshTokenValid(boolean checkExpiration)
Quick way to check if the refresh token present in the current response and it is valid by checking the digital signature and the token
expiration if the
checkExpiration parameter is true |
boolean |
AbstractIAMResponse.isRefreshTokenValid(boolean checkExpiration) |
static D4ScienceIAMClient |
D4ScienceIAMClient.newInstance(String contextInfra)
Creates a new client for the specific context, in the default IAM realm.
|
static D4ScienceIAMClient |
D4ScienceIAMClient.newInstance(String contextInfra,
String realm)
Creates a new client for the specific context, in the default realm.
|
protected static org.gcube.common.keycloak.model.TokenResponse |
D4ScienceIAMClientAuthn4Client.performClientAuthn(D4ScienceIAMClient iamClient,
String clientId,
String clientSecret,
String context)
Performs the actual client authentication using client credentials flow.
|
protected static org.gcube.common.keycloak.model.TokenResponse |
D4ScienceIAMClientAuthn4User.performUserAuthn(D4ScienceIAMClient iamClient,
String clientId,
String clientSecret,
String username,
String password,
String context)
Performs user authentication using username and password credentials.
|
void |
IAMResponse.refresh()
Refreshes the current response, new data can be obtained again with accessors.
|
void |
AbstractIAMResponse.refresh() |
void |
AbstractIAMResponse.refresh(String clientId,
String clientSecret)
Refreshes the token using the specified client credentials.
|
void |
IAMResponse.verifyAccessToken()
Verifies the access token integrity and validity; token digital signature and expiration are reported via specific exceptions.
|
void |
AbstractIAMResponse.verifyAccessToken() |
void |
IAMResponse.verifyRefreshToken()
Verifies the refresh token integrity and validity; token digital signature and expiration are reported via specific exceptions.
|
void |
AbstractIAMResponse.verifyRefreshToken() |
| Constructor and Description |
|---|
D4ScienceIAMClientAuthn4Client(D4ScienceIAMClient iamClient,
String clientId,
String clientSecret)
Creates a new client authentication instance using client credentials.
|
D4ScienceIAMClientAuthn4Client(D4ScienceIAMClient iamClient,
String clientId,
String clientSecret,
String context)
Creates a new client authentication instance with specific context.
|
D4ScienceIAMClientAuthn4User(D4ScienceIAMClient iamClient,
String clientId,
String clientSecret,
String username,
String password)
Creates a new user authentication instance without context.
|
D4ScienceIAMClientAuthn4User(D4ScienceIAMClient iamClient,
String clientId,
String clientSecret,
String username,
String password,
String context)
Creates a new user authentication instance with context.
|
D4ScienceIAMClientAuthz(D4ScienceIAMClientAuthn authn,
String context,
List<String> permissions)
Creates a new authorization instance using an existing authentication.
|
D4ScienceIAMClientAuthz(D4ScienceIAMClient iamClient,
String clientId,
String clientSecret,
String context,
List<String> permissions)
Creates a new authorization instance using client credentials.
|
Copyright © 2026. All rights reserved.