import { BackchannelAuthenticationCompleteResponse } from "https://deno.land/x/authlete_deno@v1.2.7/mod.ts";
Enums
The next action that the service implementation should take. |
import { BackchannelAuthenticationCompleteResponse } from "https://deno.land/x/authlete_deno@v1.2.7/mod.ts";
Response from Authlete /backchannel/authentication/complete
API.
Properties
The issued access token. This property has a non-null value only when the backchannel token delivery mode is "push" and an access token has been issued successfully.
The authorization details. This represents the value of the
authorization_details
request parameter which is defined in
"OAuth 2.0 Rich Authorization Requests".
The flag which indicates whether the client ID alias was used in the backchannel authentication request.
The client notification endpoint to which a notification needs to be sent.
This corresponds to the "client_notification_endpoint"
metadata
of the client application.
The client notification token which needs to be embedded as a
Bearer
token in the Authorization
header in the notification.
This is the value of the "client_notification_token"
request
parameter included in the backchannel authentication request.
The issued ID token. This property has a non-null value only when the backchannel token delivery mode is "push" and an ID token has been issued successfully.
The newly issued access token in JWT format.
If the authorization server is configured to issue JWT-based access
tokens (= if Service.getAccessTokenSignAlg
holds a valid value),
a JWT-based access token is issued along with the original random-string
one.
Regarding the detailed format of the JWT-based access token, see
the description of the Service
class.
The issued refresh token. This property has a non-null value only when the backchannel token delivery mode is "push" and a refresh token has been issued successfully.
Note that refresh tokens are not issued if the service does not support the refresh token flow.
The resources specified by the resource request parameters or
by the resource
property in the request object in the preceding
backchannel authentication request. If both are given, the values
in the request object take precedence.
See "Resource Indicators for OAuth 2.0" for details.
The content of the notification.
When the value of action
is NOTIFICATION
, this property has
JSON which should be used as the request body of the notification.
In successful cases, when the backchannel token delivery mode is
ping
, the JSON contains auth_req_id
. On the other hand, when
the backchannel token delivery mode is push
, the JSON contains
an access token, an ID token, and optionally a refresh token (and
some other properties).