OAuthTokenEndpoint (JWt Javadoc API)

java.lang.Object
- eu.webtoolkit.jwt.WObject
- - eu.webtoolkit.jwt.WResource
  - - eu.webtoolkit.jwt.auth.OAuthTokenEndpoint

```
public class OAuthTokenEndpoint
extends WResource
```
Endpoint to retrieve an access token.
The token endpoint is used by the client to obtain an OAuthAccessToken by presenting its authorization grant. This implementation only supports the "authorization_code" grant type. The client ID and secret can be passed with Basic auth or by POST request parameters. When something goes wrong, the reply will include a JSON object with an "error" attribute.
This endpoint is implemented as a WResource, so it's usually deployed using WServer#addResource().
For more information refer to the specification: https://tools.ietf.org/rfc/rfc6749.txt
When the scope includes "openid" an ID Token will be included as specified by the OpenID Connect standard.
This class relies on a correct implementation of several function in the AbstractUserDatabase. Namely AbstractUserDatabase#idpClientFindWithId(), AbstractUserDatabase#idpClientAuthMethod(), AbstractUserDatabase#idpVerifySecret(), AbstractUserDatabase#idpClientId(), AbstractUserDatabase#idpTokenFindWithValue(), AbstractUserDatabase#idpTokenAdd(), AbstractUserDatabase#idpTokenRemove(), AbstractUserDatabase#idpTokenRedirectUri(), AbstractUserDatabase::idpTokenAuthClient, AbstractUserDatabase#idpTokenUser(), and AbstractUserDatabase#idpTokenScope().
Must be deployed using TLS.

Nested Class Summary
- Nested classes/interfaces inherited from class eu.webtoolkit.jwt.WResource
  WResource.DispositionType
- Nested classes/interfaces inherited from class eu.webtoolkit.jwt.WObject
  WObject.FormData

Constructor Summary

Constructors
Constructor Description

OAuthTokenEndpoint(AbstractUserDatabase db, java.lang.String issuer)
Constructor.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`void`	`handleRequest(WebRequest request, WebResponse response)`	Handles a request.
`void`	`setAccessExpSecs(int seconds)`	Sets the amount of seconds after which generated access tokens expire.
`void`	`setIdExpSecs(int seconds)`	Sets the amount of seconds after which generated id tokens expire.

Methods inherited from class eu.webtoolkit.jwt.WObject
getId, getObjectName, remove, setFormData, setObjectName, tr

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - OAuthTokenEndpoint
```
public OAuthTokenEndpoint(AbstractUserDatabase db,
                          java.lang.String issuer)
```
    Constructor.
    The issuer argument is used for the "iss" attribute in the ID Token when the scope includes "openid".
- Method Detail
  - handleRequest
```
public void handleRequest(WebRequest request,
                          WebResponse response)
```
    Description copied from class: WResource
    
    Handles a request.
    Reimplement this method so that a proper response is generated for the given request. From the request object you can access request parameters and whether the request is a continuation request. In the response object, you should set the mime type and stream the output data.
    
    Specified by:
    
    handleRequest in class WResource
    
    Parameters:
    
    request - The request information
    
    response - The response object
  - setAccessExpSecs
```
public void setAccessExpSecs(int seconds)
```
    Sets the amount of seconds after which generated access tokens expire.
    Defaults to 3600 seconds.
  - setIdExpSecs
```
public void setIdExpSecs(int seconds)
```
    Sets the amount of seconds after which generated id tokens expire.
    Defaults to 3600 seconds.