java.lang.Object
- org.forgerock.http.oauth2.ResourceServerFilter

All Implemented Interfaces:

org.forgerock.http.Filter
```
public class ResourceServerFilter
extends Object
implements org.forgerock.http.Filter
```
Validates a Request that contains an OAuth 2.0 access token.
This filter expects an OAuth 2.0 token to be available in the HTTP Authorization header:
```
Authorization: Bearer 1fc0e143-f248-4e50-9c13-1d710360cec9
```
It extracts the token and validate it against a token info endpoint using the provided ResourceAccess.
The provided ResourceAccess must provides the scopes required by the AccessTokenInfo to access the protected resource.
Once the AccessTokenInfo is validated, it is stored in an OAuth2Context instance which is forwarded with the Request to the next Handler. The AccessTokenInfo could be retrieve in downstream handlers with OAuth2Context.getAccessToken().
The realm constructor attribute specifies the name of the realm used in the authentication challenges returned back to the client in case of errors.

Constructor Summary

Constructors
Constructor	Description
`ResourceServerFilter(AccessTokenResolver resolver, org.forgerock.util.time.TimeService time, ResourceAccess resourceAccess, String realm)`	Creates a new `OAuth2Filter`.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`org.forgerock.util.promise.Promise<org.forgerock.http.protocol.Response,org.forgerock.util.promise.NeverThrowsException>`	`filter(org.forgerock.services.context.Context context, org.forgerock.http.protocol.Request request, org.forgerock.http.Handler next)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail
- ResourceServerFilter
```
public ResourceServerFilter(AccessTokenResolver resolver,
                            org.forgerock.util.time.TimeService time,
                            ResourceAccess resourceAccess,
                            String realm)
```
  Creates a new OAuth2Filter.
  
  Parameters:
  
  resolver - A AccessTokenResolver instance.
  
  time - A TimeService instance used to check if token is expired or not.
  
  resourceAccess - A ResourceAccess instance.
  
  realm - Name of the realm (used in authentication challenge returned in case of error).

Method Detail

filter

public org.forgerock.util.promise.Promise<org.forgerock.http.protocol.Response,org.forgerock.util.promise.NeverThrowsException> filter(org.forgerock.services.context.Context context,
                                                                                                                                             org.forgerock.http.protocol.Request request,
                                                                                                                                             org.forgerock.http.Handler next)

Specified by:: filter in interface org.forgerock.http.Filter

Class ResourceServerFilter

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

ResourceServerFilter

Method Detail

filter