Details

    • Type: Sub-Task
    • Status: Closed
    • Priority: Minor
    • Resolution: Completed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None

      Description

      Developer Implementation Details

      Token Introspection is implemented by com.liferay.oauth2.provider.rest.internal.endpoint.introspect.LiferayTokenIntrospectionService

      The endpoint is assigned to Liferay OAuth2 JAX-RS application using osgi.jaxrs.application.select=(osgi.jaxrs.name=Liferay.OAuth2.Application) OSGi service property.

      Developer Endpoint Usage

      Endpoint details:

      • HTTP Method: POST
      • URL: /o/oauth2/introspect
      • Parameters:
        • token ... required, access token or request token to be examined
        • token_type_hint ... optional, can contain values access_token or refresh_token, default value is access_token
      • Returns JSON with
        • active: false for invalid or expired tokens, this is the only attributed returned in this case
        • active: true for valid tokens with clientId, sub with user ID, scope with granted scopes and other optional attributes

      Example

      Let's suppose there is "Test OAuth2 Application" created in portal with

      • Client ID: tokenIntrospection
      • Client secret: secret-2379fcc3-48f2-2ad2-3871-1bd246a73a2d
      • Allowed Features:
        • Token Introspection

      Remote client request Token Introspection endpoint for access token details:

      curl http://localhost:8080/o/oauth2/introspect --data 'client_id=tokenIntrospection&client_secret=secret-2379fcc3-48f2-2ad2-3871-1bd246a73a2d&token=b5a661311ba94647ddf64f15d82c2d83d7897bcfdd6fb875175c58f3a619'
      

      Server returns JSON with the token details:

      {"active":true,"client_id":"tokenIntrospection","exp":1530547288,"iat":1530546688,"scope":"everything.read","sub":"20139","token_type":"Bearer","username":"Test Test","company.id":"20099"}
      

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              id30721 id30721
              Reporter:
              tomas.polesovsky Tomáš Polešovský
              Participants of an Issue:
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Packages

                  Version Package