ballerina/oauth2

Overview

This module provides a framework for interacting with OAuth2 authorization servers as specified in the RFC 6749 and RFC 7662.

The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service or by allowing the third-party application to obtain access on its own behalf.

The Ballerina oauth2 module facilitates auth providers that are to be used by the clients and listeners of different protocol connectors.

Listener OAuth2 Provider

Represents the listener OAuth2 provider, which is used to validate the received credential (access token) by calling the configured OAuth2 introspection server.

Client OAuth2 Provider

Represents the client OAuth2 provider, which is used to generate OAuth2 access tokens using the configured OAuth2 authorization server configurations. This supports the client credentials grant type, password grant type, and refresh token grant type.

Classes

[2]

ClientOAuth2Provider

Represents the client OAuth2 provider, which is used to generate OAuth2 access tokens using the configured OAuth2 authorization server configurations.

ListenerOAuth2Provider

Represents the listener OAuth2 provider, which is used to validate the received credential (access token) by calling the configured OAuth2 introspection server.

Records

[8]

CertKey

Represents the combination of the certificate file path, private key file path, and private key password if encrypted.

ClientConfiguration

Represents the configurations of the client used to call the introspection endpoint.

ClientCredentialsGrantConfig

Represents the data structure, which is used to configure the OAuth2 client credentials grant type.

IntrospectionConfig

Represents the introspection server configurations.

IntrospectionResponse

Represents the introspection server response.

PasswordGrantConfig

Represents the data structure, which is used to configure the OAuth2 password grant type.

RefreshTokenGrantConfig

Represents the data structure, which is used to configure the OAuth2 refresh token grant type.

SecureSocket

Represents the SSL/TLS configurations.

Enums

[2]

CredentialBearer

Represents the credential-bearing methods.

HttpVersion

Represents the HTTP versions.

Types

[2]

ClientAuth

Represents the the authentication configuration types for the HTTP client used for token introspection.

GrantConfig

Represents the grant type configurations supported for OAuth2.

Errors

[1]

Error

Represents the error type of the module.