OAuth2.Server.Introspection

Class OAuth2.Server.Introspection Extends %RegisteredObject [ System = 4 ]

OAuth2.Server.Introspection implements the token introspection endpoint as defined by RFC 7662 and the token revocation endpoint as defined by RFC 7009.

Parameters

HTTP200OK

Parameter HTTP200OK As STRING = "200 OK";

HTTP400BADREQUEST

Parameter HTTP400BADREQUEST As STRING = "400 Bad Request";

HTTP401UNAUTHORIZED

Parameter HTTP401UNAUTHORIZED As STRING = "401 Unauthorized";

HTTP500INTERNALSERVERERROR

Parameter HTTP500INTERNALSERVERERROR As STRING = "500 Internal Server Error";

Methods

ProcessIntrospection

ClassMethod ProcessIntrospection() As %Status [ Internal ]

Process introspection request

ProcessRevocation

ClassMethod ProcessRevocation() As %Status [ Internal ]

Process revocation request

Process

ClassMethod Process(requireTLS As %Boolean, requireConfidential As %Boolean, Output error As %String, Output client As OAuth2.Server.Client) As OAuth2.Server.AccessToken [ Internal ]

The common processing of introspection and revocation requests until token object is found

AddRequiredClaims

ClassMethod AddRequiredClaims(json As %DynamicObject, token As OAuth2.Server.AccessToken) [ Internal ]

The additional properties that are required for introspection endpoint.

StatusError

ClassMethod StatusError(sc As %Status) As %OAuth2.Error [ Internal ]

Return an internal server error

ReturnError

ClassMethod ReturnError(error As %OAuth2.Error) [ Internal, ServerOnly = 1 ]

Return error response

Parameters​

HTTP200OK​

HTTP400BADREQUEST​

HTTP401UNAUTHORIZED​

HTTP500INTERNALSERVERERROR​

Methods​

ProcessIntrospection​

ProcessRevocation​

Process​

AddRequiredClaims​

StatusError​

ReturnError​