OAuth2.Server.Registration

Class OAuth2.Server.Registration Extends %RegisteredObject [ System = 4 ]

Parameters

HTTP200OK

Parameter HTTP200OK As STRING = "200 OK";

HTTP201CREATED

Parameter HTTP201CREATED As STRING = "201 Created";

HTTP204NOCONTENT

Parameter HTTP204NOCONTENT As STRING = "204 No Content";

HTTP400BADREQUEST

Parameter HTTP400BADREQUEST As STRING = "400 Bad Request";

HTTP401UNAUTHORIZED

Parameter HTTP401UNAUTHORIZED As STRING = "401 Unauthorized";

HTTP500INTERNALSERVERERROR

Parameter HTTP500INTERNALSERVERERROR As STRING = "500 Internal Server Error";

INVALIDMETADATA

Parameter INVALIDMETADATA As STRING = "invalid_client_metadata";

Methods

RegisterClient

ClassMethod RegisterClient() As %Status [ Internal ]

Process Dynamic Registration request

ReadClient

ClassMethod ReadClient() As %Status [ Internal, ServerOnly = 1 ]

Read the client metadata for a dynamically registered client

UpdateClient

ClassMethod UpdateClient() As %Status [ Internal, ServerOnly = 1 ]

Update the client metadata for a dynamically registered client

DeleteClient

ClassMethod DeleteClient() As %Status [ Internal, ServerOnly = 1 ]

Process client delete request

AuthenticateRequest

ClassMethod AuthenticateRequest(Output client As OAuth2.Server.Client) As %OAuth2.Error [ Private ]

Verify the client_id and registration_access_token, and perform common setup tasks

Common

ClassMethod Common() As %OAuth2.Error [ Private ]

Perform common setup tasks: 1) set up headers 2) require TLS 3) ensure that OAuth2 Server has been configured

ReturnClientMetadata

ClassMethod ReturnClientMetadata(client As OAuth2.Server.Client, isNew As %Boolean = 0) As %OAuth2.Error [ Private ]

Update client values from metadata, save client, and output metadata to client

GetMetadataFromRequest

ClassMethod GetMetadataFromRequest(Output metadata As OAuth2.Client.Metadata) As %OAuth2.Error [ Private ]

Read the metadata sent from client

ValidateMetadata

ClassMethod ValidateMetadata(client As OAuth2.Server.Client, metadata As OAuth2.Client.Metadata, isNew As %Boolean = 0) As %OAuth2.Error [ Private ]

Validate the metadata supplied by the user, and update the client object accordingly If this returns an error, the client should NOT be saved.

UpdateClientMetadata

ClassMethod UpdateClientMetadata(client As OAuth2.Server.Client) As %OAuth2.Error [ Private ]

Update the client metadata response for the specified client

StatusError

ClassMethod StatusError(sc As %Status) As %OAuth2.Error [ Internal ]

Return an internal server error

ReturnError

ClassMethod ReturnError(error As %OAuth2.Error) [ Internal, ServerOnly = 1 ]

Return error response

GetJWKS

ClassMethod GetJWKS(uri As %String, sslConfiguration As %String, Output jwks As %String, Output expires As %Integer) As %Status

Get the JWKS from jwks_uri

Parameters:

uri - the value of the jwks_uri
sslconfiguration - the name of an SSL Configuration to use to communicate with the remote server
jwks (output) - the jwks retrieved from the server
expires (output) - The JWKS expiration. This is based on the Cache-Control header sent from the remote server. Possible values are:
- -1 - no expiration
- 0 - the JWKS cannot be cached
- a positive integer - The time in seconds from beginning of the Unix epoch at which the JWKS will expire Returns: A status code indicating success or failure.

AddClientSecretToJWKS

ClassMethod AddClientSecretToJWKS(JWKS As %String, clientSecret As %String, Output updatedJWKS As %String) As %Status

Add the client secret to the public JWKS

ReturnJWKS

ClassMethod ReturnJWKS() As %Status

Return this server's public JWKS

Parameters​

HTTP200OK​

HTTP201CREATED​

HTTP204NOCONTENT​

HTTP400BADREQUEST​

HTTP401UNAUTHORIZED​

HTTP500INTERNALSERVERERROR​

INVALIDMETADATA​

Methods​

RegisterClient​

ReadClient​

UpdateClient​

DeleteClient​

AuthenticateRequest​

Common​

ReturnClientMetadata​

GetMetadataFromRequest​

ValidateMetadata​

UpdateClientMetadata​

StatusError​

ReturnError​

GetJWKS​

AddClientSecretToJWKS​

ReturnJWKS​