DefaultKeycloakClient (keycloak-client 2.3.0-SNAPSHOT API)

java.lang.Object
- org.gcube.common.keycloak.DefaultKeycloakClient

All Implemented Interfaces:: KeycloakClient

public class DefaultKeycloakClient
extends Object
implements KeycloakClient

Field Summary

Fields
Modifier and Type Field and Description

protected static String AUTHORIZATION_HEADER

static String DEFAULT_BASE_URL

protected static org.slf4j.Logger logger
- Fields inherited from interface org.gcube.common.keycloak.KeycloakClient
  AVATAR_URI_PATH, D4S_CONTEXT_HEADER_NAME, D4S_DYNAMIC_SCOPE_NAME, D4S_DYNAMIC_SCOPE_NAME_TOKEN_CLAIM, D4S_EU_EXTENDED_PROFILE_SCOPE, D4S_IDENTITY_SCOPE, DEFAULT_DYNAMIC_SCOPE_SEPARATOR, DEFAULT_REALM, JWK_URI_PATH, OPEN_ID_URI_PATH, PROD_ROOT_SCOPE, TOKEN_INTROSPECT_URI_PATH, TOKEN_URI_PATH

Fields
Modifier and Type	Field and Description
`protected static String`	`AUTHORIZATION_HEADER`
`static String`	`DEFAULT_BASE_URL`
`protected static org.slf4j.Logger`	`logger`

Constructor Summary

Constructors
Constructor and Description

DefaultKeycloakClient()

Constructors
Constructor and Description
`DefaultKeycloakClient()`

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`KeycloakClient`	`addDynamicScope(String dynamicScope, String value)` Adds the dynamic scope to the list of scopes to use for the next OIDC token requests
`KeycloakClient`	`addScopes(List<String> scopes)` Adds the provided OIDC scopes to the list of scopes to use for the next OIDC token requests
`URL`	`computeIntrospectionEndpointURL(URL tokenEndpointURL)` Compute the keycloak `introspection` endpoint `URL` starting from the provided token endpoint.
`protected static String`	`constructBasicAuthenticationHeader(String clientId, String clientSecret)`
`protected static String`	`constructBeareAuthenticationHeader(TokenResponse oidcTokenResponse)`
`protected static String`	`constructDynamicScope(String dynamicScope, String value)`
`protected TokenResponse`	`exchangeToken(URL tokenURL, String oidcAccessToken, String clientId, String clientSecret, String audience, String requestedTokenType, String scope)` Queries from the OIDC server an exchanged token by using provided access token, for the given audience (context), in URLEncoded form or not,
`TokenResponse`	`exchangeTokenForAccessToken(String context, String oidcAccessToken, String clientId, String clientSecret, String audience)` Exchanges a token for another access token for a specific client and a specific audience
`TokenResponse`	`exchangeTokenForAccessToken(URL tokenURL, String oidcAccessToken, String clientId, String clientSecret, String audience)` Exchanges a token for another access token for a specific client and a specific audience
`TokenResponse`	`exchangeTokenForOfflineToken(String context, String oidcAccessToken, String clientId, String clientSecret, String audience)` Exchanges a token for another access and an offline refresh tokens for a specific client and a specific audience The refresh token will be of the offline type only if the original token has the `offline_access` within its scopes
`TokenResponse`	`exchangeTokenForOfflineToken(URL tokenURL, String oidcAccessToken, String clientId, String clientSecret, String audience)` Exchanges a token for another access and an offline refresh tokens for a specific client and a specific audience The refresh token will be of the offline type only if the original token has the scope `offline_access` within its scopes
`TokenResponse`	`exchangeTokenForRefreshToken(String context, String oidcAccessToken, String clientId, String clientSecret, String audience)` Exchanges a token for another access and a refresh tokens for a specific client and a specific audience
`TokenResponse`	`exchangeTokenForRefreshToken(URL tokenURL, String oidcAccessToken, String clientId, String clientSecret, String audience)` Exchanges a token for another access and a refresh tokens for a specific client and a specific audience
`byte[]`	`getAvatarData(String context, TokenResponse tokenResponse)` Retrieves the user's avatar image data from Keycloak server.
`byte[]`	`getAvatarData(URL avatarURL, String authorization)` Retrieves the user's avatar image data from Keycloak server.
`byte[]`	`getAvatarData(URL avatarURL, TokenResponse tokenResponse)` Retrieves the user's avatar image data from Keycloak server.
`URL`	`getAvatarEndpointURL(URL realmBaseURL)` Constructs the Keycloak `avatar` endpoint `URL` from the realm's base URL.
`String`	`getCustomBaseURL()`
`URL`	`getIntrospectionEndpointURL(URL realmBaseURL)` Constructs the Keycloak `introspection` endpoint `URL` from the realm's base URL.
`URL`	`getJWKEndpointURL(URL realmBaseURL)` Constructs the Keycloak `JWK` endpoint `URL` from the realm's base URL.
`URL`	`getRealmBaseURL(String context)` Returns the Keycloak base `URL` for the given context and the default realm (`d4science`)
`URL`	`getRealmBaseURL(String context, String realm)` Returns the Keycloak base `URL` for the given context and in the given realm.
`PublishedRealmRepresentation`	`getRealmInfo(URL realmURL)` Gets the realm info setup (RSA `public_key`, `token-service` URL, `account-service` URL and `tokens-not-before` setting)
`JSONWebKeySet`	`getRealmJSONWebKeySet(URL jwkURL)` Loads the actual JWK from the Keycloak server
`URL`	`getTokenEndpointURL(URL realmBaseURL)` Constructs the Keycloak `token` endpoint `URL` from the realm's base URL.
`TokenIntrospectionResponse`	`introspectAccessToken(String context, String clientId, String clientSecret, String accessTokenJWTString)` Introspects an access token against the Keycloak server.
`TokenIntrospectionResponse`	`introspectAccessToken(URL introspectionURL, String clientId, String clientSecret, String accessTokenJWTString)` Introspects an access token against the Keycloak server.
`boolean`	`isAccessTokenVerified(String context, String clientId, String clientSecret, String accessTokenJWTString)` Verifies an access token against the Keycloak server.
`boolean`	`isAccessTokenVerified(URL introspectionURL, String clientId, String clientSecret, String accessTokenJWTString)` Verifies an access token against the Keycloak server.
`protected <T> T`	`performRequest(Class<T> returnObjectClass, URL url, Map<String,String> headers, Map<String,List<String>> params)`
`protected TokenResponse`	`performRequest(URL tokenURL, Map<String,String> headers, Map<String,List<String>> params)`
`TokenResponse`	`queryOIDCToken(String context, String authorization)` Queries an OIDC token from the Keycloak server, by using provided authorization.
`TokenResponse`	`queryOIDCToken(String context, String authorization, Map<String,String> extraHeaders)` Queries an OIDC token from the Keycloak server, by using provided authorization.
`TokenResponse`	`queryOIDCToken(String context, String clientId, String clientSecret)` Queries an OIDC token from the context's Keycloak server, by using provided clientId and client secret.
`TokenResponse`	`queryOIDCToken(String context, String clientId, String clientSecret, Map<String,String> extraHeaders)` Queries an OIDC token from the context's Keycloak server, by using provided clientId and client secret.
`TokenResponse`	`queryOIDCToken(URL tokenURL, String authorization)` Queries an OIDC token from the Keycloak server, by using provided authorization.
`TokenResponse`	`queryOIDCToken(URL tokenURL, String authorization, Map<String,String> extraHeaders)` Queries an OIDC token from the Keycloak server, by using provided authorization.
`TokenResponse`	`queryOIDCToken(URL tokenURL, String clientId, String clientSecret)` Queries an OIDC token from the Keycloak server, by using provided clientId and client secret.
`TokenResponse`	`queryOIDCToken(URL tokenURL, String clientId, String clientSecret, Map<String,String> extraHeaders)` Queries an OIDC token from the Keycloak server, by using provided clientId and client secret.
`TokenResponse`	`queryOIDCTokenOfUser(String context, String clientId, String clientSecret, String username, String password)` Queries an OIDC token for a specific user from the context's Keycloak server, by using provided clientId and client secret and user's username and password.
`TokenResponse`	`queryOIDCTokenOfUser(String context, String clientId, String clientSecret, String username, String password, Map<String,String> extraHeaders)` Queries an OIDC token for a specific user from the context's Keycloak server, by using provided clientId and client secret and user's username and password.
`TokenResponse`	`queryOIDCTokenOfUserWithContext(String context, String authorization, String username, String password, String audience)` Queries an OIDC token for a specific user from the context's Keycloak server, by using provided clientId and client secret and user's username and password.
`TokenResponse`	`queryOIDCTokenOfUserWithContext(String context, String authorization, String username, String password, String audience, Map<String,String> extraHeaders)` Queries an OIDC token for a specific user from the context's Keycloak server, by using provided clientId and client secret and user's username and password.
`TokenResponse`	`queryOIDCTokenOfUserWithContext(String context, String clientId, String clientSecret, String username, String password, String audience)` Queries an OIDC token for a specific user from the Keycloak server, by using provided clientId and client secret and user's username and password, reducing the audience to the requested one.
`TokenResponse`	`queryOIDCTokenOfUserWithContext(String context, String clientId, String clientSecret, String username, String password, String audience, Map<String,String> extraHeaders)` Queries an OIDC token for a specific user from the Keycloak server, by using provided clientId and client secret and user's username and password, reducing the audience to the requested one.
`TokenResponse`	`queryOIDCTokenOfUserWithContext(URL tokenURL, String authorization, String username, String password, String audience)` Queries an OIDC token for a specific user from the context's Keycloak server, by using provided clientId and client secret and user's username and password.
`TokenResponse`	`queryOIDCTokenOfUserWithContext(URL tokenURL, String authorization, String username, String password, String audience, Map<String,String> extraHeaders)` Queries an OIDC token for a specific user from the context's Keycloak server, by using provided clientId and client secret and user's username and password.
`TokenResponse`	`queryOIDCTokenOfUserWithContext(URL tokenURL, String clientId, String clientSecret, String username, String password, String audience)` Queries an OIDC token for a specific user from the context's Keycloak server, by using provided clientId and client secret and user's username and password, reducing the audience to the requested one.
`TokenResponse`	`queryOIDCTokenOfUserWithContext(URL tokenURL, String clientId, String clientSecret, String username, String password, String audience, Map<String,String> extraHeaders)` Queries an OIDC token for a specific user from the context's Keycloak server, by using provided clientId and client secret and user's username and password, , reducing the audience to the requested one.
`TokenResponse`	`queryOIDCTokenWithContext(String context, String authorization, String audience)` Queries an OIDC token from the Keycloak server, by using provided authorization, reducing the audience to the requested one.
`TokenResponse`	`queryOIDCTokenWithContext(String context, String authorization, String audience, Map<String,String> extraHeaders)` Queries an OIDC token from the Keycloak server, by using provided authorization, reducing the audience to the requested one.
`TokenResponse`	`queryOIDCTokenWithContext(String context, String clientId, String clientSecret, String audience)` Queries an OIDC token from the context's Keycloak server, by using provided clientId and client secret, reducing the audience to the requested one.
`TokenResponse`	`queryOIDCTokenWithContext(String context, String clientId, String clientSecret, String audience, Map<String,String> extraHeaders)` Queries an OIDC token from the context's Keycloak server, by using provided clientId and client secret, reducing the audience to the requested one.
`TokenResponse`	`queryOIDCTokenWithContext(URL tokenURL, String authorization, String audience)` Queries an OIDC token from the Keycloak server, by using provided authorization, reducing the audience to the requested one.
`TokenResponse`	`queryOIDCTokenWithContext(URL tokenURL, String authorization, String audience, Map<String,String> extraHeaders)` Queries an OIDC token from the Keycloak server, by using provided authorization, reducing the audience to the requested one.
`TokenResponse`	`queryOIDCTokenWithContext(URL tokenURL, String clientId, String clientSecret, String audience)` Queries an OIDC token from the Keycloak server, by using provided clientId and client secret, reducing the audience to the requested one.
`TokenResponse`	`queryOIDCTokenWithContext(URL tokenURL, String clientId, String clientSecret, String audience, Map<String,String> extraHeaders)` Queries an OIDC token from the Keycloak server, by using provided clientId and client secret, reducing the audience to the requested one.
`TokenResponse`	`queryUMAToken(String context, String authorization, String audience, List<String> permissions)` Queries an UMA token from the Keycloak server, by using provided authorization, for the given audience (context), in URLEncoded form or not, and optionally a list of permissions.
`TokenResponse`	`queryUMAToken(String context, String clientId, String clientSecret, String audience, List<String> permissions)` Queries an UMA token from the Keycloak server, by using provided clientId and client secret for the given audience (context), in URLEncoded form or not, and optionally a list of permissions.
`TokenResponse`	`queryUMAToken(String context, TokenResponse oidcTokenResponse, String audience, List<String> permissions)` Queries an UMA token from the Keycloak server, by using access-token provided by the `TokenResponse` object for the given audience (context), in URLEncoded form or not, and optionally a list of permissions.
`TokenResponse`	`queryUMAToken(URL tokenURL, String authorization, String audience, List<String> permissions)` Queries an UMA token from the Keycloak server, by using provided authorization, for the given audience (context), in URLEncoded form or not, and optionally a list of permissions.
`TokenResponse`	`queryUMAToken(URL tokenURL, String clientId, String clientSecret, String audience, List<String> permissions)` Queries an UMA token from the Keycloak server, by using provided clientId and client secret for the given audience (context), in URLEncoded form or not, and optionally a list of permissions.
`TokenResponse`	`queryUMAToken(URL tokenURL, TokenResponse oidcTokenResponse, String audience, List<String> permissions)` Queries an UMA token from the Keycloak server, by using access-token provided by the `TokenResponse` object for the given audience (context), in URLEncoded form or not, and optionally a list of permissions.
`TokenResponse`	`refreshToken(String context, String clientId, String clientSecret, String refreshTokenJWTString)` Refreshes a previously issued token from the Keycloak server by using the client id and secret and the refresh token JWT encoded string obtained with the access token in the previous token response.
`TokenResponse`	`refreshToken(String context, String clientId, String clientSecret, TokenResponse tokenResponse)` Refreshes a previously issued token from the Keycloak server using the refresh token JWT encoded string in the token response object and the provided client id and secret.
`TokenResponse`	`refreshToken(String context, TokenResponse tokenResponse)` Refreshes a previously issued token from the Keycloak server using the refresh token JWT encoded string in the token response object.
`TokenResponse`	`refreshToken(URL tokenURL, String clientId, String clientSecret, String refreshTokenJWTString)` Refreshes a previously issued token from the Keycloak server by using the client id and secret and the refresh token JWT encoded string obtained with the access token in the previous token response.
`TokenResponse`	`refreshToken(URL tokenURL, String clientId, String clientSecret, TokenResponse tokenResponse)` Refreshes a previously issued token from the Keycloak server using the refresh token JWT encoded string in the token response object and the provided client id and secret.
`TokenResponse`	`refreshToken(URL tokenURL, TokenResponse tokenResponse)` Refreshes a previously issued token from the Keycloak server using the refresh token JWT encoded string in the token response object.
`KeycloakClient`	`removeAllScopes()` Removes all the custom OIDC scopes from the list of scopes to use the next OIDC token requests
`KeycloakClient`	`removeScopes(List<String> scopes)` Removes the provided OIDC scopes from the list of scopes to use for the next OIDC token requests
`protected void`	`safeSetAsExternalCallForOldAPI(org.gcube.common.gxhttp.request.GXHTTPStringRequest request)`
`void`	`setCustomBaseURL(String customBaseURL)`
`KeycloakClient`	`useDynamicScopeInsteadOfCustomHeaderForContextRestricion(boolean useDynamicScopeInsteadOfCustomHeaderForContextRestricion)` Sets a flag to use dynamic scope (`KeycloakClient.D4S_DYNAMIC_SCOPE_NAME` = "d4s-context") instead of custom header (`KeycloakClient.D4S_CONTEXT_HEADER_NAME` = "x-d4science-context") when an OIDC token with context is used
`KeycloakClient`	`useScopes(List<String> scopes)` Replaces the list of the provided OIDC scopes for the next OIDC token requests

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - logger
```
protected static org.slf4j.Logger logger
```
  - AUTHORIZATION_HEADER
```
protected static final String AUTHORIZATION_HEADER
```
    See Also:
    
    Constant Field Values
  - DEFAULT_BASE_URL
```
public static final String DEFAULT_BASE_URL
```
    See Also:
    
    Constant Field Values
- Constructor Detail
  - DefaultKeycloakClient
```
public DefaultKeycloakClient()
```
- Method Detail
  - setCustomBaseURL
```
public void setCustomBaseURL(String customBaseURL)
```
  - useScopes
```
public KeycloakClient useScopes(List<String> scopes)
```
    Description copied from interface: KeycloakClient
    
    Replaces the list of the provided OIDC scopes for the next OIDC token requests
    
    Specified by:
    
    useScopes in interface KeycloakClient
    
    Parameters:
    
    scopes - the list of scopes to use in the calls
    
    Returns:
    
    the client itself
  - addScopes
```
public KeycloakClient addScopes(List<String> scopes)
```
    Description copied from interface: KeycloakClient
    
    Adds the provided OIDC scopes to the list of scopes to use for the next OIDC token requests
    
    Specified by:
    
    addScopes in interface KeycloakClient
    
    Parameters:
    
    scopes - the list of scopes to add
    
    Returns:
    
    the client itself
  - removeScopes
```
public KeycloakClient removeScopes(List<String> scopes)
```
    Description copied from interface: KeycloakClient
    
    Removes the provided OIDC scopes from the list of scopes to use for the next OIDC token requests
    
    Specified by:
    
    removeScopes in interface KeycloakClient
    
    Parameters:
    
    scopes - the list of scopes to remove
    
    Returns:
    
    the client itself
  - addDynamicScope
```
public KeycloakClient addDynamicScope(String dynamicScope,
                                      String value)
```
    Description copied from interface: KeycloakClient
    
    Adds the dynamic scope to the list of scopes to use for the next OIDC token requests
    
    Specified by:
    
    addDynamicScope in interface KeycloakClient
    
    Parameters:
    
    dynamicScope - the dynamic scope that will be the prefix
    
    value - the value of the dynamic scope
    
    Returns:
    
    the client itself
  - constructDynamicScope
```
protected static String constructDynamicScope(String dynamicScope,
                                              String value)
```
  - removeAllScopes
```
public KeycloakClient removeAllScopes()
```
    Description copied from interface: KeycloakClient
    
    Removes all the custom OIDC scopes from the list of scopes to use the next OIDC token requests
    
    Specified by:
    
    removeAllScopes in interface KeycloakClient
    
    Returns:
    
    the client itself
  - useDynamicScopeInsteadOfCustomHeaderForContextRestricion
```
public KeycloakClient useDynamicScopeInsteadOfCustomHeaderForContextRestricion(boolean useDynamicScopeInsteadOfCustomHeaderForContextRestricion)
```
    Description copied from interface: KeycloakClient
    
    Sets a flag to use dynamic scope (KeycloakClient.D4S_DYNAMIC_SCOPE_NAME = "d4s-context") instead of custom header (KeycloakClient.D4S_CONTEXT_HEADER_NAME = "x-d4science-context") when an OIDC token with context is used
    
    Specified by:
    
    useDynamicScopeInsteadOfCustomHeaderForContextRestricion in interface KeycloakClient
    
    Parameters:
    
    useDynamicScopeInsteadOfCustomHeaderForContextRestricion - use or not use dynamic scope
    
    Returns:
    
    the client itself
  - getCustomBaseURL
```
public String getCustomBaseURL()
```
  - getRealmBaseURL
```
public URL getRealmBaseURL(String context)
                    throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Returns the Keycloak base URL for the given context and the default realm (d4science)
    
    Specified by:
    
    getRealmBaseURL in interface KeycloakClient
    
    Parameters:
    
    context - the context where the endpoint is needed (e.g. /gcube for DEV)
    
    Returns:
    
    the Keycloak token endpoint URL
    
    Throws:
    
    KeycloakClientException - if something goes wrong discovering the endpoint URL
  - getRealmBaseURL
```
public URL getRealmBaseURL(String context,
                           String realm)
                    throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Returns the Keycloak base URL for the given context and in the given realm.
    
    Specified by:
    
    getRealmBaseURL in interface KeycloakClient
    
    Parameters:
    
    context - the context where the endpoint is needed (e.g. /gcube for DEV)
    
    realm - the realm to use to construct the base URL
    
    Returns:
    
    the Keycloak token endpoint URL
    
    Throws:
    
    KeycloakClientException - if something goes wrong discovering the endpoint URL
  - getTokenEndpointURL
```
public URL getTokenEndpointURL(URL realmBaseURL)
                        throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Constructs the Keycloak token endpoint URL from the realm's base URL.
    
    Specified by:
    
    getTokenEndpointURL in interface KeycloakClient
    
    Parameters:
    
    realmBaseURL - the realm's base URL to use
    
    Returns:
    
    the Keycloak token endpoint URL
    
    Throws:
    
    KeycloakClientException - if something goes wrong discovering the endpoint URL
  - getJWKEndpointURL
```
public URL getJWKEndpointURL(URL realmBaseURL)
                      throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Constructs the Keycloak JWK endpoint URL from the realm's base URL.
    
    Specified by:
    
    getJWKEndpointURL in interface KeycloakClient
    
    Parameters:
    
    realmBaseURL - the realm's base URL to use
    
    Returns:
    
    the Keycloak JWK endpoint URL
    
    Throws:
    
    KeycloakClientException - if something goes wrong discovering the endpoint URL
  - getIntrospectionEndpointURL
```
public URL getIntrospectionEndpointURL(URL realmBaseURL)
                                throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Constructs the Keycloak introspection endpoint URL from the realm's base URL.
    
    Specified by:
    
    getIntrospectionEndpointURL in interface KeycloakClient
    
    Parameters:
    
    realmBaseURL - the realm's base URL to use
    
    Returns:
    
    the Keycloak introspection endpoint URL
    
    Throws:
    
    KeycloakClientException - if something goes wrong discovering the endpoint URL
  - getAvatarEndpointURL
```
public URL getAvatarEndpointURL(URL realmBaseURL)
                         throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Constructs the Keycloak avatar endpoint URL from the realm's base URL.
    
    Specified by:
    
    getAvatarEndpointURL in interface KeycloakClient
    
    Parameters:
    
    realmBaseURL - the realm's base URL to use
    
    Returns:
    
    the Keycloak avatar endpoint URL
    
    Throws:
    
    KeycloakClientException - if something goes wrong discovering the endpoint URL
  - computeIntrospectionEndpointURL
```
public URL computeIntrospectionEndpointURL(URL tokenEndpointURL)
                                    throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Compute the keycloak introspection endpoint URL starting from the provided token endpoint.
    
    Specified by:
    
    computeIntrospectionEndpointURL in interface KeycloakClient
    
    Parameters:
    
    tokenEndpointURL - the token endpoint to use in the compute
    
    Returns:
    
    the keycloak introspection endpoint URL
    
    Throws:
    
    KeycloakClientException - if something goes wrong discovering the endpoint URL
  - getRealmInfo
```
public PublishedRealmRepresentation getRealmInfo(URL realmURL)
                                          throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Gets the realm info setup (RSA public_key, token-service URL, account-service URL and tokens-not-before setting)
    
    Specified by:
    
    getRealmInfo in interface KeycloakClient
    
    Parameters:
    
    realmURL - the realm URL
    
    Returns:
    
    the configured realm info
    
    Throws:
    
    KeycloakClientException - if something goes wrong getting realm info
  - getRealmJSONWebKeySet
```
public JSONWebKeySet getRealmJSONWebKeySet(URL jwkURL)
                                    throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Loads the actual JWK from the Keycloak server
    
    Specified by:
    
    getRealmJSONWebKeySet in interface KeycloakClient
    
    Parameters:
    
    jwkURL - the server's jwk URL to use
    
    Returns:
    
    an object with JWK details
    
    Throws:
    
    KeycloakClientException - if something goes wrong getting JWK info
  - queryOIDCToken
```
public TokenResponse queryOIDCToken(String context,
                                    String clientId,
                                    String clientSecret)
                             throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token from the context's Keycloak server, by using provided clientId and client secret.
    
    Specified by:
    
    queryOIDCToken in interface KeycloakClient
    
    Parameters:
    
    context - the context where the Keycloak's is needed (e.g. /gcube for DEV)
    
    clientId - the client id
    
    clientSecret - the client secret
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryOIDCToken
```
public TokenResponse queryOIDCToken(String context,
                                    String clientId,
                                    String clientSecret,
                                    Map<String,String> extraHeaders)
                             throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token from the context's Keycloak server, by using provided clientId and client secret.
    
    Specified by:
    
    queryOIDCToken in interface KeycloakClient
    
    Parameters:
    
    context - the context where the Keycloak's is needed (e.g. /gcube for DEV)
    
    clientId - the client id
    
    clientSecret - the client secret
    
    extraHeaders - extra HTTP headers to add to the request
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryOIDCToken
```
public TokenResponse queryOIDCToken(URL tokenURL,
                                    String clientId,
                                    String clientSecret)
                             throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token from the Keycloak server, by using provided clientId and client secret.
    
    Specified by:
    
    queryOIDCToken in interface KeycloakClient
    
    Parameters:
    
    tokenURL - the token endpoint URL of the Keycloak server
    
    clientId - the client id
    
    clientSecret - the client secret
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryOIDCToken
```
public TokenResponse queryOIDCToken(URL tokenURL,
                                    String clientId,
                                    String clientSecret,
                                    Map<String,String> extraHeaders)
                             throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token from the Keycloak server, by using provided clientId and client secret. Optionally extra HTTP headers can be provided to be used in the call.
    
    Specified by:
    
    queryOIDCToken in interface KeycloakClient
    
    Parameters:
    
    tokenURL - the token endpoint URL of the Keycloak server
    
    clientId - the client id
    
    clientSecret - the client secret
    
    extraHeaders - extra HTTP headers to add to the request
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryOIDCToken
```
public TokenResponse queryOIDCToken(String context,
                                    String authorization)
                             throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token from the Keycloak server, by using provided authorization.
    
    Specified by:
    
    queryOIDCToken in interface KeycloakClient
    
    Parameters:
    
    context - the context where the Keycloak's is needed (e.g. /gcube for DEV)
    
    authorization - the authorization to be set as header (e.g. a "Basic ...." auth or an encoded JWT access token preceded by the "Bearer " string)
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryOIDCToken
```
public TokenResponse queryOIDCToken(URL tokenURL,
                                    String authorization)
                             throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token from the Keycloak server, by using provided authorization.
    
    Specified by:
    
    queryOIDCToken in interface KeycloakClient
    
    Parameters:
    
    tokenURL - the token endpoint URL of the OIDC server
    
    authorization - the authorization to be set as header (e.g. a "Basic ...." auth or an encoded JWT access token preceded by the "Bearer " string)
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryOIDCToken
```
public TokenResponse queryOIDCToken(String context,
                                    String authorization,
                                    Map<String,String> extraHeaders)
                             throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token from the Keycloak server, by using provided authorization. Optionally extra HTTP headers can be provided to be used in the call.
    
    Specified by:
    
    queryOIDCToken in interface KeycloakClient
    
    Parameters:
    
    context - the context where the Keycloak's is needed (e.g. /gcube for DEV)
    
    authorization - the authorization to be set as header (e.g. a "Basic ...." auth or an encoded JWT access token preceded by the "Bearer " string)
    
    extraHeaders - extra HTTP headers to add to the request
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryOIDCToken
```
public TokenResponse queryOIDCToken(URL tokenURL,
                                    String authorization,
                                    Map<String,String> extraHeaders)
                             throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token from the Keycloak server, by using provided authorization. Optionally extra HTTP headers can be provided to be used in the call.
    
    Specified by:
    
    queryOIDCToken in interface KeycloakClient
    
    Parameters:
    
    tokenURL - the token endpoint URL of the OIDC server
    
    authorization - the authorization to be set as header (e.g. a "Basic ...." auth or an encoded JWT access token preceded by the "Bearer " string)
    
    extraHeaders - extra HTTP headers to add to the request
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryOIDCTokenOfUser
```
public TokenResponse queryOIDCTokenOfUser(String context,
                                          String clientId,
                                          String clientSecret,
                                          String username,
                                          String password)
                                   throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token for a specific user from the context's Keycloak server, by using provided clientId and client secret and user's username and password.
    
    Specified by:
    
    queryOIDCTokenOfUser in interface KeycloakClient
    
    Parameters:
    
    context - the context where the Keycloak's is needed (e.g. /gcube for DEV)
    
    clientId - the client id
    
    clientSecret - the client secret
    
    username - the user's username
    
    password - the user's password
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryOIDCTokenOfUser
```
public TokenResponse queryOIDCTokenOfUser(String context,
                                          String clientId,
                                          String clientSecret,
                                          String username,
                                          String password,
                                          Map<String,String> extraHeaders)
                                   throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token for a specific user from the context's Keycloak server, by using provided clientId and client secret and user's username and password. Optionally extra HTTP headers can be provided to be used in the call.
    
    Specified by:
    
    queryOIDCTokenOfUser in interface KeycloakClient
    
    Parameters:
    
    context - the context where the Keycloak's is needed (e.g. /gcube for DEV)
    
    clientId - the client id
    
    clientSecret - the client secret
    
    username - the user's username
    
    password - the user's password
    
    extraHeaders - extra HTTP headers to add to the request
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryOIDCTokenWithContext
```
public TokenResponse queryOIDCTokenWithContext(String context,
                                               String clientId,
                                               String clientSecret,
                                               String audience)
                                        throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token from the context's Keycloak server, by using provided clientId and client secret, reducing the audience to the requested one. The implementation uses the custom x-d4science-context HTTP header that the proper mapper on Keycloak uses to reduce the audience
    
    Specified by:
    
    queryOIDCTokenWithContext in interface KeycloakClient
    
    Parameters:
    
    context - the context where the Keycloak's is needed (e.g. /gcube for DEV)
    
    clientId - the client id
    
    clientSecret - the client secret
    
    audience - an optional parameter to shrink the token's audience to the requested one (e.g. a specific context), by leveraging on the custom HTTP header and corresponding mapper on Keycloak
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryOIDCTokenWithContext
```
public TokenResponse queryOIDCTokenWithContext(String context,
                                               String authorization,
                                               String audience)
                                        throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token from the Keycloak server, by using provided authorization, reducing the audience to the requested one.
    
    Specified by:
    
    queryOIDCTokenWithContext in interface KeycloakClient
    
    Parameters:
    
    context - the context where the Keycloak's is needed (e.g. /gcube for DEV)
    
    authorization - the authorization to be set as header (e.g. a "Basic ...." auth or an encoded JWT access token preceded by the "Bearer " string)
    
    audience - an optional parameter to shrink the token's audience to the requested one (e.g. a specific context), by leveraging on the custom HTTP header and corresponding mapper on Keycloak
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryOIDCTokenWithContext
```
public TokenResponse queryOIDCTokenWithContext(URL tokenURL,
                                               String clientId,
                                               String clientSecret,
                                               String audience)
                                        throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token from the Keycloak server, by using provided clientId and client secret, reducing the audience to the requested one. The implementation uses the custom x-d4science-context HTTP header that the proper mapper on Keycloak uses to reduce the audience
    
    Specified by:
    
    queryOIDCTokenWithContext in interface KeycloakClient
    
    Parameters:
    
    tokenURL - the token endpoint URL of the Keycloak server
    
    clientId - the client id
    
    clientSecret - the client secret
    
    audience - an optional parameter to shrink the token's audience to the requested one (e.g. a specific context), by leveraging on the custom HTTP header and corresponding mapper on Keycloak
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryOIDCTokenWithContext
```
public TokenResponse queryOIDCTokenWithContext(String context,
                                               String clientId,
                                               String clientSecret,
                                               String audience,
                                               Map<String,String> extraHeaders)
                                        throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token from the context's Keycloak server, by using provided clientId and client secret, reducing the audience to the requested one. Optionally extra HTTP headers can be provided to be used in the call. The implementation uses the custom x-d4science-context HTTP header that the proper mapper on Keycloak uses to reduce the audience
    
    Specified by:
    
    queryOIDCTokenWithContext in interface KeycloakClient
    
    Parameters:
    
    context - the context where the Keycloak's is needed (e.g. /gcube for DEV)
    
    clientId - the client id
    
    clientSecret - the client secret
    
    audience - an optional parameter to shrink the token's audience to the requested one (e.g. a specific context), by leveraging on the custom HTTP header and corresponding mapper on Keycloak
    
    extraHeaders - extra HTTP headers to add to the request
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryOIDCTokenWithContext
```
public TokenResponse queryOIDCTokenWithContext(URL tokenURL,
                                               String clientId,
                                               String clientSecret,
                                               String audience,
                                               Map<String,String> extraHeaders)
                                        throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token from the Keycloak server, by using provided clientId and client secret, reducing the audience to the requested one. Optionally extra HTTP headers can be provided to be used in the call. The implementation uses the custom x-d4science-context HTTP header that the proper mapper on Keycloak uses to reduce the audience
    
    Specified by:
    
    queryOIDCTokenWithContext in interface KeycloakClient
    
    Parameters:
    
    tokenURL - the token endpoint URL of the Keycloak server
    
    clientId - the client id
    
    clientSecret - the client secret
    
    audience - an optional parameter to shrink the token's audience to the requested one (e.g. a specific context), by leveraging on the custom HTTP header and corresponding mapper on Keycloak
    
    extraHeaders - extra HTTP headers to add to the request
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryOIDCTokenWithContext
```
public TokenResponse queryOIDCTokenWithContext(String context,
                                               String authorization,
                                               String audience,
                                               Map<String,String> extraHeaders)
                                        throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token from the Keycloak server, by using provided authorization, reducing the audience to the requested one. Optionally extra HTTP headers can be provided to be used in the call.
    
    Specified by:
    
    queryOIDCTokenWithContext in interface KeycloakClient
    
    Parameters:
    
    context - the context where the Keycloak's is needed (e.g. /gcube for DEV)
    
    authorization - the authorization to be set as header (e.g. a "Basic ...." auth or an encoded JWT access token preceded by the "Bearer " string)
    
    audience - an optional parameter to shrink the token's audience to the requested one (e.g. a specific context), by leveraging on the custom HTTP header and corresponding mapper on Keycloak
    
    extraHeaders - extra HTTP headers to add to the request
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryOIDCTokenWithContext
```
public TokenResponse queryOIDCTokenWithContext(URL tokenURL,
                                               String authorization,
                                               String audience)
                                        throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token from the Keycloak server, by using provided authorization, reducing the audience to the requested one.
    
    Specified by:
    
    queryOIDCTokenWithContext in interface KeycloakClient
    
    Parameters:
    
    tokenURL - the token endpoint URL of the OIDC server
    
    authorization - the authorization to be set as header (e.g. a "Basic ...." auth or an encoded JWT access token preceded by the "Bearer " string)
    
    audience - an optional parameter to shrink the token's audience to the requested one (e.g. a specific context), by leveraging on the custom HTTP header and corresponding mapper on Keycloak
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - constructBasicAuthenticationHeader
```
protected static String constructBasicAuthenticationHeader(String clientId,
                                                           String clientSecret)
```
  - queryOIDCTokenOfUserWithContext
```
public TokenResponse queryOIDCTokenOfUserWithContext(String context,
                                                     String clientId,
                                                     String clientSecret,
                                                     String username,
                                                     String password,
                                                     String audience)
                                              throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token for a specific user from the Keycloak server, by using provided clientId and client secret and user's username and password, reducing the audience to the requested one. The implementation uses the custom x-d4science-context HTTP header that the proper mapper on Keycloak uses to reduce the audience
    
    Specified by:
    
    queryOIDCTokenOfUserWithContext in interface KeycloakClient
    
    Parameters:
    
    context - the context where the Keycloak's is needed (e.g. /gcube for DEV)
    
    clientId - the client id
    
    clientSecret - the client secret
    
    username - the user's username
    
    password - the user's password
    
    audience - an optional parameter to shrink the token's audience to the requested one (e.g. a specific context), by leveraging on the custom HTTP header and corresponding mapper on Keycloak
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryOIDCTokenOfUserWithContext
```
public TokenResponse queryOIDCTokenOfUserWithContext(String context,
                                                     String clientId,
                                                     String clientSecret,
                                                     String username,
                                                     String password,
                                                     String audience,
                                                     Map<String,String> extraHeaders)
                                              throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token for a specific user from the Keycloak server, by using provided clientId and client secret and user's username and password, reducing the audience to the requested one. Optionally extra HTTP headers can be provided to be used in the call. The implementation uses the custom x-d4science-context HTTP header that the proper mapper on Keycloak uses to reduce the audience
    
    Specified by:
    
    queryOIDCTokenOfUserWithContext in interface KeycloakClient
    
    Parameters:
    
    context - the context where the Keycloak's is needed (e.g. /gcube for DEV)
    
    clientId - the client id
    
    clientSecret - the client secret
    
    username - the user's username
    
    password - the user's password
    
    audience - an optional parameter to shrink the token's audience to the requested one (e.g. a specific context), by leveraging on the custom HTTP header and corresponding mapper on Keycloak
    
    extraHeaders - extra HTTP headers to add to the request
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryOIDCTokenOfUserWithContext
```
public TokenResponse queryOIDCTokenOfUserWithContext(String context,
                                                     String authorization,
                                                     String username,
                                                     String password,
                                                     String audience)
                                              throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token for a specific user from the context's Keycloak server, by using provided clientId and client secret and user's username and password.
    
    Specified by:
    
    queryOIDCTokenOfUserWithContext in interface KeycloakClient
    
    Parameters:
    
    context - the context where the Keycloak's is needed (e.g. /gcube for DEV)
    
    authorization - the authorization to be set as header (e.g. a "Basic ...." auth or an encoded JWT access token preceded by the "Bearer " string)
    
    username - the user's username
    
    password - the user's password
    
    audience - an optional parameter to shrink the token's audience to the requested one (e.g. a specific context), by leveraging on the custom HTTP header and corresponding mapper on Keycloak
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryOIDCTokenOfUserWithContext
```
public TokenResponse queryOIDCTokenOfUserWithContext(String context,
                                                     String authorization,
                                                     String username,
                                                     String password,
                                                     String audience,
                                                     Map<String,String> extraHeaders)
                                              throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token for a specific user from the context's Keycloak server, by using provided clientId and client secret and user's username and password. Optionally extra HTTP headers can be provided to be used in the call.
    
    Specified by:
    
    queryOIDCTokenOfUserWithContext in interface KeycloakClient
    
    Parameters:
    
    context - the context where the Keycloak's is needed (e.g. /gcube for DEV)
    
    authorization - the authorization to be set as header (e.g. a "Basic ...." auth or an encoded JWT access token preceded by the "Bearer " string)
    
    username - the user's username
    
    password - the user's password
    
    audience - an optional parameter to shrink the token's audience to the requested one (e.g. a specific context), by leveraging on the custom HTTP header and corresponding mapper on Keycloak
    
    extraHeaders - extra HTTP headers to add to the request
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryOIDCTokenOfUserWithContext
```
public TokenResponse queryOIDCTokenOfUserWithContext(URL tokenURL,
                                                     String clientId,
                                                     String clientSecret,
                                                     String username,
                                                     String password,
                                                     String audience)
                                              throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token for a specific user from the context's Keycloak server, by using provided clientId and client secret and user's username and password, reducing the audience to the requested one. The implementation uses the custom x-d4science-context HTTP header that the proper mapper on Keycloak uses to reduce the audience
    
    Specified by:
    
    queryOIDCTokenOfUserWithContext in interface KeycloakClient
    
    Parameters:
    
    tokenURL - the token endpoint URL of the Keycloak server
    
    clientId - the client id
    
    clientSecret - the client secret
    
    username - the user's username
    
    password - the user's password
    
    audience - an optional parameter to shrink the token's audience to the requested one (e.g. a specific context), by leveraging on the custom HTTP header and corresponding mapper on Keycloak
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryOIDCTokenOfUserWithContext
```
public TokenResponse queryOIDCTokenOfUserWithContext(URL tokenURL,
                                                     String clientId,
                                                     String clientSecret,
                                                     String username,
                                                     String password,
                                                     String audience,
                                                     Map<String,String> extraHeaders)
                                              throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token for a specific user from the context's Keycloak server, by using provided clientId and client secret and user's username and password, , reducing the audience to the requested one. Optionally extra HTTP headers can be provided to be used in the call.
    
    Specified by:
    
    queryOIDCTokenOfUserWithContext in interface KeycloakClient
    
    Parameters:
    
    tokenURL - the token endpoint URL of the Keycloak server
    
    clientId - the client id
    
    clientSecret - the client secret
    
    username - the user's username
    
    password - the user's password
    
    audience - an optional parameter to shrink the token's audience to the requested one (e.g. a specific context), by leveraging on the custom HTTP header and corresponding mapper on Keycloak
    
    extraHeaders - extra HTTP headers to add to the request
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryOIDCTokenOfUserWithContext
```
public TokenResponse queryOIDCTokenOfUserWithContext(URL tokenURL,
                                                     String authorization,
                                                     String username,
                                                     String password,
                                                     String audience)
                                              throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token for a specific user from the context's Keycloak server, by using provided clientId and client secret and user's username and password.
    
    Specified by:
    
    queryOIDCTokenOfUserWithContext in interface KeycloakClient
    
    Parameters:
    
    tokenURL - the token endpoint URL of the OIDC server
    
    authorization - the authorization to be set as header (e.g. a "Basic ...." auth or an encoded JWT access token preceded by the "Bearer " string)
    
    username - the user's username
    
    password - the user's password
    
    audience - an optional parameter to shrink the token's audience to the requested one (e.g. a specific context), by leveraging on the custom HTTP header and corresponding mapper on Keycloak
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryOIDCTokenOfUserWithContext
```
public TokenResponse queryOIDCTokenOfUserWithContext(URL tokenURL,
                                                     String authorization,
                                                     String username,
                                                     String password,
                                                     String audience,
                                                     Map<String,String> extraHeaders)
                                              throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token for a specific user from the context's Keycloak server, by using provided clientId and client secret and user's username and password. Optionally extra HTTP headers can be provided to be used in the call.
    
    Specified by:
    
    queryOIDCTokenOfUserWithContext in interface KeycloakClient
    
    Parameters:
    
    tokenURL - the token endpoint URL of the OIDC server
    
    authorization - the authorization to be set as header (e.g. a "Basic ...." auth or an encoded JWT access token preceded by the "Bearer " string)
    
    username - the user's username
    
    password - the user's password
    
    audience - an optional parameter to shrink the token's audience to the requested one (e.g. a specific context), by leveraging on the custom HTTP header and corresponding mapper on Keycloak
    
    extraHeaders - extra HTTP headers to add to the request
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryOIDCTokenWithContext
```
public TokenResponse queryOIDCTokenWithContext(URL tokenURL,
                                               String authorization,
                                               String audience,
                                               Map<String,String> extraHeaders)
                                        throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an OIDC token from the Keycloak server, by using provided authorization, reducing the audience to the requested one. Optionally extra HTTP headers can be provided to be used in the call.
    
    Specified by:
    
    queryOIDCTokenWithContext in interface KeycloakClient
    
    Parameters:
    
    tokenURL - the token endpoint URL of the OIDC server
    
    authorization - the authorization to be set as header (e.g. a "Basic ...." auth or an encoded JWT access token preceded by the "Bearer " string)
    
    audience - an optional parameter to shrink the token's audience to the requested one (e.g. a specific context), by leveraging on the custom HTTP header and corresponding mapper on Keycloak
    
    extraHeaders - extra HTTP headers to add to the request
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryUMAToken
```
public TokenResponse queryUMAToken(String context,
                                   TokenResponse oidcTokenResponse,
                                   String audience,
                                   List<String> permissions)
                            throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an UMA token from the Keycloak server, by using access-token provided by the TokenResponse object for the given audience (context), in URLEncoded form or not, and optionally a list of permissions.
    
    Specified by:
    
    queryUMAToken in interface KeycloakClient
    
    Parameters:
    
    context - the context where the Keycloak's is needed (e.g. /gcube for DEV)
    
    oidcTokenResponse - the previously issued token as TokenResponse object
    
    audience - the audience (context) where to request the issuing of the ticket
    
    permissions - a list of permissions, can be null
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryUMAToken
```
public TokenResponse queryUMAToken(URL tokenURL,
                                   TokenResponse oidcTokenResponse,
                                   String audience,
                                   List<String> permissions)
                            throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an UMA token from the Keycloak server, by using access-token provided by the TokenResponse object for the given audience (context), in URLEncoded form or not, and optionally a list of permissions.
    
    Specified by:
    
    queryUMAToken in interface KeycloakClient
    
    Parameters:
    
    tokenURL - the token endpoint URL of the OIDC server
    
    oidcTokenResponse - the previously issued token as TokenResponse object
    
    audience - the audience (context) where to request the issuing of the ticket
    
    permissions - a list of permissions, can be null
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - constructBeareAuthenticationHeader
```
protected static String constructBeareAuthenticationHeader(TokenResponse oidcTokenResponse)
```
  - queryUMAToken
```
public TokenResponse queryUMAToken(String context,
                                   String clientId,
                                   String clientSecret,
                                   String audience,
                                   List<String> permissions)
                            throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an UMA token from the Keycloak server, by using provided clientId and client secret for the given audience (context), in URLEncoded form or not, and optionally a list of permissions.
    
    Specified by:
    
    queryUMAToken in interface KeycloakClient
    
    Parameters:
    
    context - the context where the Keycloak's is needed (e.g. /gcube for DEV)
    
    clientId - the client id
    
    clientSecret - the client secret
    
    audience - the audience (context) where to request the issuing of the ticket
    
    permissions - a list of permissions, can be null
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryUMAToken
```
public TokenResponse queryUMAToken(URL tokenURL,
                                   String clientId,
                                   String clientSecret,
                                   String audience,
                                   List<String> permissions)
                            throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an UMA token from the Keycloak server, by using provided clientId and client secret for the given audience (context), in URLEncoded form or not, and optionally a list of permissions.
    
    Specified by:
    
    queryUMAToken in interface KeycloakClient
    
    Parameters:
    
    tokenURL - the token endpoint URL of the Keycloak server
    
    clientId - the client id
    
    clientSecret - the client secret
    
    audience - the audience (context) where to request the issuing of the ticket
    
    permissions - a list of permissions, can be null
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryUMAToken
```
public TokenResponse queryUMAToken(String context,
                                   String authorization,
                                   String audience,
                                   List<String> permissions)
                            throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an UMA token from the Keycloak server, by using provided authorization, for the given audience (context), in URLEncoded form or not, and optionally a list of permissions.
    
    Specified by:
    
    queryUMAToken in interface KeycloakClient
    
    Parameters:
    
    context - the context where the Keycloak's is needed (e.g. /gcube for DEV)
    
    authorization - the authorization to be set as header (e.g. a "Basic ...." auth or an encoded JWT access token preceded by the "Bearer " string)
    
    audience - the audience (context) where to request the issuing of the ticket (URLEncoded)
    
    permissions - a list of permissions, can be null
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - queryUMAToken
```
public TokenResponse queryUMAToken(URL tokenURL,
                                   String authorization,
                                   String audience,
                                   List<String> permissions)
                            throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Queries an UMA token from the Keycloak server, by using provided authorization, for the given audience (context), in URLEncoded form or not, and optionally a list of permissions.
    
    Specified by:
    
    queryUMAToken in interface KeycloakClient
    
    Parameters:
    
    tokenURL - the token endpoint URL of the OIDC server
    
    authorization - the authorization to be set as header (e.g. a "Basic ...." auth or an encoded JWT access token preceded by the "Bearer " string)
    
    audience - the audience (context) where to request the issuing of the ticket (URLEncoded)
    
    permissions - a list of permissions, can be null
    
    Returns:
    
    the issued token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the query
  - performRequest
```
protected TokenResponse performRequest(URL tokenURL,
                                       Map<String,String> headers,
                                       Map<String,List<String>> params)
                                throws KeycloakClientException
```
    Throws:
    
    KeycloakClientException
  - performRequest
```
protected <T> T performRequest(Class<T> returnObjectClass,
                               URL url,
                               Map<String,String> headers,
                               Map<String,List<String>> params)
                        throws KeycloakClientException
```
    Throws:
    
    KeycloakClientException
  - refreshToken
```
public TokenResponse refreshToken(String context,
                                  TokenResponse tokenResponse)
                           throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Refreshes a previously issued token from the Keycloak server using the refresh token JWT encoded string in the token response object. Client id will be read from "issued for" access token's claim and client secret will be not sent.
    NOTE: For public clients types only.
    
    Specified by:
    
    refreshToken in interface KeycloakClient
    
    Parameters:
    
    context - the context where the Keycloak's is needed (e.g. /gcube for DEV)
    
    tokenResponse - the previously issued token as TokenResponse object
    
    Returns:
    
    the refreshed token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the refresh query
  - refreshToken
```
public TokenResponse refreshToken(URL tokenURL,
                                  TokenResponse tokenResponse)
                           throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Refreshes a previously issued token from the Keycloak server using the refresh token JWT encoded string in the token response object. Client id will be read from "issued for" access token's claim and client secret will be not sent.
    NOTE: For public clients types only.
    
    Specified by:
    
    refreshToken in interface KeycloakClient
    
    Parameters:
    
    tokenURL - the token endpoint URL of the OIDC server
    
    tokenResponse - the previously issued token as TokenResponse object
    
    Returns:
    
    the refreshed token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the refresh query
  - refreshToken
```
public TokenResponse refreshToken(String context,
                                  String clientId,
                                  String clientSecret,
                                  TokenResponse tokenResponse)
                           throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Refreshes a previously issued token from the Keycloak server using the refresh token JWT encoded string in the token response object and the provided client id and secret.
    
    Specified by:
    
    refreshToken in interface KeycloakClient
    
    Parameters:
    
    context - the context where the Keycloak's is needed (e.g. /gcube for DEV)
    
    clientId - the requestor client id, may be null and in this case will be take from the access token "issued for" claim
    
    clientSecret - the requestor client secret, may be null for non-confidential clients
    
    tokenResponse - the previously issued token as TokenResponse object
    
    Returns:
    
    the refreshed token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the refresh query
  - refreshToken
```
public TokenResponse refreshToken(URL tokenURL,
                                  String clientId,
                                  String clientSecret,
                                  TokenResponse tokenResponse)
                           throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Refreshes a previously issued token from the Keycloak server using the refresh token JWT encoded string in the token response object and the provided client id and secret.
    
    Specified by:
    
    refreshToken in interface KeycloakClient
    
    Parameters:
    
    tokenURL - the token endpoint URL of the OIDC server
    
    clientId - the requestor client id, may be null and in this case will be take from the access token "issued for" claim
    
    clientSecret - the requestor client secret, may be null for non-confidential clients
    
    tokenResponse - the previously issued token as TokenResponse object
    
    Returns:
    
    the refreshed token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the refresh query
  - refreshToken
```
public TokenResponse refreshToken(String context,
                                  String clientId,
                                  String clientSecret,
                                  String refreshTokenJWTString)
                           throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Refreshes a previously issued token from the Keycloak server by using the client id and secret and the refresh token JWT encoded string obtained with the access token in the previous token response.
    
    Specified by:
    
    refreshToken in interface KeycloakClient
    
    Parameters:
    
    context - the context where the Keycloak's is needed (e.g. /gcube for DEV)
    
    clientId - the requestor client id
    
    clientSecret - the requestor client secret, may be null for non-confidential clients
    
    refreshTokenJWTString - the previously issued refresh token JWT string
    
    Returns:
    
    the refreshed token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the refresh query
  - refreshToken
```
public TokenResponse refreshToken(URL tokenURL,
                                  String clientId,
                                  String clientSecret,
                                  String refreshTokenJWTString)
                           throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Refreshes a previously issued token from the Keycloak server by using the client id and secret and the refresh token JWT encoded string obtained with the access token in the previous token response.
    
    Specified by:
    
    refreshToken in interface KeycloakClient
    
    Parameters:
    
    tokenURL - the token endpoint URL of the OIDC server
    
    clientId - the requestor client id
    
    clientSecret - the requestor client secret, may be null for non-confidential clients
    
    refreshTokenJWTString - the previously issued refresh token JWT string
    
    Returns:
    
    the refreshed token as TokenResponse object
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the refresh query
  - exchangeTokenForAccessToken
```
public TokenResponse exchangeTokenForAccessToken(String context,
                                                 String oidcAccessToken,
                                                 String clientId,
                                                 String clientSecret,
                                                 String audience)
                                          throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Exchanges a token for another access token for a specific client and a specific audience
    
    Specified by:
    
    exchangeTokenForAccessToken in interface KeycloakClient
    
    Parameters:
    
    context - the context where the Keycloak's is needed (e.g. /gcube for DEV)
    
    oidcAccessToken - the original access token to exchange
    
    clientId - the authorized client's id
    
    clientSecret - the authorized client's secret
    
    audience - the requested token audience
    
    Returns:
    
    the exchanged token response
    
    Throws:
    
    KeycloakClientException - if an error occurs during the exchange
  - exchangeTokenForAccessToken
```
public TokenResponse exchangeTokenForAccessToken(URL tokenURL,
                                                 String oidcAccessToken,
                                                 String clientId,
                                                 String clientSecret,
                                                 String audience)
                                          throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Exchanges a token for another access token for a specific client and a specific audience
    
    Specified by:
    
    exchangeTokenForAccessToken in interface KeycloakClient
    
    Parameters:
    
    tokenURL - the token endpoint URL
    
    oidcAccessToken - the original access token to exchange
    
    clientId - the authorized client's id
    
    clientSecret - the authorized client's secret
    
    audience - the requested token audience
    
    Returns:
    
    the exchanged token response
    
    Throws:
    
    KeycloakClientException - if an error occurs during the exchange
  - exchangeTokenForRefreshToken
```
public TokenResponse exchangeTokenForRefreshToken(String context,
                                                  String oidcAccessToken,
                                                  String clientId,
                                                  String clientSecret,
                                                  String audience)
                                           throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Exchanges a token for another access and a refresh tokens for a specific client and a specific audience
    
    Specified by:
    
    exchangeTokenForRefreshToken in interface KeycloakClient
    
    Parameters:
    
    context - the context where the Keycloak's is needed (e.g. /gcube for DEV)
    
    oidcAccessToken - the original access token to exchange
    
    clientId - the authorized client's id
    
    clientSecret - the authorized client's secret
    
    audience - the requested token audience
    
    Returns:
    
    the exchanged token response
    
    Throws:
    
    KeycloakClientException - if an error occurs during the exchange
  - exchangeTokenForRefreshToken
```
public TokenResponse exchangeTokenForRefreshToken(URL tokenURL,
                                                  String oidcAccessToken,
                                                  String clientId,
                                                  String clientSecret,
                                                  String audience)
                                           throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Exchanges a token for another access and a refresh tokens for a specific client and a specific audience
    
    Specified by:
    
    exchangeTokenForRefreshToken in interface KeycloakClient
    
    Parameters:
    
    tokenURL - the token endpoint URL
    
    oidcAccessToken - the original access token to exchange
    
    clientId - the authorized client's id
    
    clientSecret - the authorized client's secret
    
    audience - the requested token audience
    
    Returns:
    
    the exchanged token response
    
    Throws:
    
    KeycloakClientException - if an error occurs during the exchange
  - exchangeTokenForOfflineToken
```
public TokenResponse exchangeTokenForOfflineToken(String context,
                                                  String oidcAccessToken,
                                                  String clientId,
                                                  String clientSecret,
                                                  String audience)
                                           throws IllegalArgumentException,
                                                  KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Exchanges a token for another access and an offline refresh tokens for a specific client and a specific audience The refresh token will be of the offline type only if the original token has the offline_access within its scopes
    
    Specified by:
    
    exchangeTokenForOfflineToken in interface KeycloakClient
    
    Parameters:
    
    context - the token endpoint URL
    
    oidcAccessToken - the original access token to exchange
    
    clientId - the authorized client's id
    
    clientSecret - the authorized client's secret
    
    audience - the requested token audience
    
    Returns:
    
    the exchanged token response
    
    Throws:
    
    IllegalArgumentException - if the original token does'nt contains the offline_access scope within its scopes or if is impossible to parse the access token as JSON
    
    KeycloakClientException - if an error occurs during the exchange
  - exchangeTokenForOfflineToken
```
public TokenResponse exchangeTokenForOfflineToken(URL tokenURL,
                                                  String oidcAccessToken,
                                                  String clientId,
                                                  String clientSecret,
                                                  String audience)
                                           throws IllegalArgumentException,
                                                  KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Exchanges a token for another access and an offline refresh tokens for a specific client and a specific audience The refresh token will be of the offline type only if the original token has the scope offline_access within its scopes
    
    Specified by:
    
    exchangeTokenForOfflineToken in interface KeycloakClient
    
    Parameters:
    
    tokenURL - the token endpoint URL
    
    oidcAccessToken - the original access token to exchange
    
    clientId - the authorized client's id
    
    clientSecret - the authorized client's secret
    
    audience - the requested token audience
    
    Returns:
    
    the exchanged token response
    
    Throws:
    
    IllegalArgumentException - if the original token does'nt contains the offline_access scope within its scopes or if is impossible to parse the access token as JSON
    
    KeycloakClientException - if an error occurs during the exchange
  - exchangeToken
```
protected TokenResponse exchangeToken(URL tokenURL,
                                      String oidcAccessToken,
                                      String clientId,
                                      String clientSecret,
                                      String audience,
                                      String requestedTokenType,
                                      String scope)
                               throws KeycloakClientException
```
    Queries from the OIDC server an exchanged token by using provided access token, for the given audience (context), in URLEncoded form or not,
    
    Parameters:
    
    tokenURL - the token endpoint URL of the OIDC server
    
    oidcAccessToken - the auth token (the access token URLEncoded by the "Bearer " string)
    
    clientId - the client id
    
    clientSecret - the client secret
    
    audience - the audience (context) where to request the issuing of the ticket (URLEncoded)
    
    requestedTokenType - the token type (e.g. refresh)
    
    scope - the scope, optional can be null
    
    Returns:
    
    the issued exchanged token
    
    Throws:
    
    KeycloakClientException - if an error occurs, inspect the exception for details
  - introspectAccessToken
```
public TokenIntrospectionResponse introspectAccessToken(String context,
                                                        String clientId,
                                                        String clientSecret,
                                                        String accessTokenJWTString)
                                                 throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Introspects an access token against the Keycloak server.
    
    Specified by:
    
    introspectAccessToken in interface KeycloakClient
    
    Parameters:
    
    context - the context where the Keycloak's is needed (e.g. /gcube for DEV)
    
    clientId - the requestor client id
    
    clientSecret - the requestor client secret
    
    accessTokenJWTString - the access token to verify
    
    Returns:
    
    a TokenIntrospectionResponse object with the introspection results; in particular, the active field represents the token validity
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the verification
  - introspectAccessToken
```
public TokenIntrospectionResponse introspectAccessToken(URL introspectionURL,
                                                        String clientId,
                                                        String clientSecret,
                                                        String accessTokenJWTString)
                                                 throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Introspects an access token against the Keycloak server.
    
    Specified by:
    
    introspectAccessToken in interface KeycloakClient
    
    Parameters:
    
    introspectionURL - the introspection endpoint URL of the Keycloak server
    
    clientId - the requestor client id
    
    clientSecret - the requestor client secret
    
    accessTokenJWTString - the access token to verify
    
    Returns:
    
    a TokenIntrospectionResponse object with the introspection results; in particular, the active field represents the token validity
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the verification
  - isAccessTokenVerified
```
public boolean isAccessTokenVerified(String context,
                                     String clientId,
                                     String clientSecret,
                                     String accessTokenJWTString)
                              throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Verifies an access token against the Keycloak server.
    
    Specified by:
    
    isAccessTokenVerified in interface KeycloakClient
    
    Parameters:
    
    context - the context where the Keycloak's is needed (e.g. /gcube for DEV)
    
    clientId - the requestor client id
    
    clientSecret - the requestor client secret
    
    accessTokenJWTString - the access token to verify
    
    Returns:
    
    true if the token is active, false otherwise
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the verification
  - isAccessTokenVerified
```
public boolean isAccessTokenVerified(URL introspectionURL,
                                     String clientId,
                                     String clientSecret,
                                     String accessTokenJWTString)
                              throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Verifies an access token against the Keycloak server.
    
    Specified by:
    
    isAccessTokenVerified in interface KeycloakClient
    
    Parameters:
    
    introspectionURL - the introspection endpoint URL of the Keycloak server
    
    clientId - the requestor client id
    
    clientSecret - the requestor client secret
    
    accessTokenJWTString - the access token to verify
    
    Returns:
    
    true if the token is active, false otherwise
    
    Throws:
    
    KeycloakClientException - if something goes wrong performing the verification
  - safeSetAsExternalCallForOldAPI
```
protected void safeSetAsExternalCallForOldAPI(org.gcube.common.gxhttp.request.GXHTTPStringRequest request)
```
  - getAvatarData
```
public byte[] getAvatarData(String context,
                            TokenResponse tokenResponse)
                     throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Retrieves the user's avatar image data from Keycloak server.
    
    Specified by:
    
    getAvatarData in interface KeycloakClient
    
    Parameters:
    
    context - the context used to compute the server endpoint in the correct environment
    
    tokenResponse - the token response where to get the bearer token for the authorization header.
    
    Returns:
    
    the avatar's data bytes
    
    Throws:
    
    KeycloakClientException - if something goes wrong in the request
  - getAvatarData
```
public byte[] getAvatarData(URL avatarURL,
                            TokenResponse tokenResponse)
                     throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Retrieves the user's avatar image data from Keycloak server.
    
    Specified by:
    
    getAvatarData in interface KeycloakClient
    
    Parameters:
    
    avatarURL - the server's avatar endpoint URL
    
    tokenResponse - the token response where to get the bearer token for the authorization header.
    
    Returns:
    
    the avatar's data bytes
    
    Throws:
    
    KeycloakClientException - if something goes wrong in the request
  - getAvatarData
```
public byte[] getAvatarData(URL avatarURL,
                            String authorization)
                     throws KeycloakClientException
```
    Description copied from interface: KeycloakClient
    
    Retrieves the user's avatar image data from Keycloak server.
    
    Specified by:
    
    getAvatarData in interface KeycloakClient
    
    Parameters:
    
    avatarURL - the server's avatar endpoint URL
    
    authorization - the string to user as authorization header (e.g. 'bearer xxxx')
    
    Returns:
    
    the avatar's data bytes
    
    Throws:
    
    KeycloakClientException - if something goes wrong in the request

Class DefaultKeycloakClient

Field Summary

Fields inherited from interface org.gcube.common.keycloak.KeycloakClient

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

logger

AUTHORIZATION_HEADER

DEFAULT_BASE_URL

Constructor Detail

DefaultKeycloakClient

Method Detail

setCustomBaseURL

useScopes

addScopes

removeScopes

addDynamicScope

constructDynamicScope

removeAllScopes

useDynamicScopeInsteadOfCustomHeaderForContextRestricion

getCustomBaseURL

getRealmBaseURL

getRealmBaseURL

getTokenEndpointURL

getJWKEndpointURL

getIntrospectionEndpointURL

getAvatarEndpointURL

computeIntrospectionEndpointURL

getRealmInfo

getRealmJSONWebKeySet

queryOIDCToken

queryOIDCToken

queryOIDCToken

queryOIDCToken

queryOIDCToken

queryOIDCToken

queryOIDCToken

queryOIDCToken

queryOIDCTokenOfUser

queryOIDCTokenOfUser

queryOIDCTokenWithContext

queryOIDCTokenWithContext

queryOIDCTokenWithContext

queryOIDCTokenWithContext

queryOIDCTokenWithContext

queryOIDCTokenWithContext

queryOIDCTokenWithContext

constructBasicAuthenticationHeader

queryOIDCTokenOfUserWithContext

queryOIDCTokenOfUserWithContext

queryOIDCTokenOfUserWithContext

queryOIDCTokenOfUserWithContext

queryOIDCTokenOfUserWithContext

queryOIDCTokenOfUserWithContext

queryOIDCTokenOfUserWithContext

queryOIDCTokenOfUserWithContext

queryOIDCTokenWithContext

queryUMAToken

queryUMAToken

constructBeareAuthenticationHeader

queryUMAToken

queryUMAToken

queryUMAToken

queryUMAToken

performRequest

performRequest

refreshToken

refreshToken

refreshToken

refreshToken

refreshToken

refreshToken

exchangeTokenForAccessToken

exchangeTokenForAccessToken

exchangeTokenForRefreshToken

exchangeTokenForRefreshToken

exchangeTokenForOfflineToken

exchangeTokenForOfflineToken

exchangeToken