import { TokenResponse } from "https://deno.land/x/authlete_deno@v1.2.7/mod.ts";
Enums
The next action that the service implementation should take. |
import { TokenResponse } from "https://deno.land/x/authlete_deno@v1.2.7/mod.ts";
Response from Authlete /auth/token
API.
Properties
The newly issued access token. This property holds a valid value
only when the value of the action
property is TokenResponse.Action.OK
.
If the service is configured to issue JWT-based access tokens,
a JWT-based access token is issued additionally. In the case,
the jwtAccessToken
property holds the JWT-based access token.
The date in milliseconds since the Unix epoch (1970-01-01) at which the access token will expire.
The target resources of the access token being issued.
See _"Resource Indicators for OAuth 2.0" for details.
The next action that the service implementation should take.
The authorization details. This represents the value of the
authorization_details
request parameter which is defined in
"OAuth 2.0 Rich Authorization Requests".
When the value of the action
property is TokenResponse.Action.PASSWORD
,
this property an array that represents the authorization_details
request parameter included in the token request. In other successful
cases, this property holds the authorization details associated
with the issued access token.
Arbitrary attributes associated with the client.
The client authentication method that should be performed at the token endpoint.
If the client could not be identified by the information in the request, this property is unset.
The client ID alias.
If the client did not have an alias, the value of this property is unset.
The flag which indicates whether the client ID alias was used when the token request was made.
The grant type of the token request.
The ID token.
An ID token
is issued from a token endpoint when the authorization code
flow is used
and openid
is included in the scope list.
The newly issued access token in JWT format.
If the authorization server is configured to issue JWT-based access
tokens (= if Service.getAccessTokenSignAlg
holds a valid value),
a JWT-based access token is issued along with the original random-string
one.
Regarding the detailed format of the JWT-based access token, see
the description of the Service
class.
The password
request parameter.
This property holds a valid value only when the value of grant_type
request parameter in the token request is password
.
The extra properties associated with the access token. This property is unset when no extra property is associated with the issued access token.
The refresh token. This property holds a valid value only when
the action
property is TokenResponse.Action.OK
and the service
supports the refresh token
flow.
The date in milliseconds since the Unix epoch (1970-01-01) at which the refresh token will expire.
The resources specified by the resource
request parameters
in the token request.
See "Resource Indicators for OAuth 2.0" for details.
The response content which can be used as the entity body of the response returned to the client application.
Arbitrary attributes associated with the service.
The subject (= resource owner's ID) of the access token.
Even if an access token has been issued by the call of /auth/token
API, this property is unset if the flow of the token request was
Client Credentials Flow
(grant_type=client_credentials
) because it means the access
token is not associated with any specific end-user.
The ticket issued from Authlete /auth/token
endpoint. The value
is to be used as ticket
request parameter for /auth/token/issue
API or /auth/token/fail
API.
This method returns a valid value only when action
is
TokenResponse.Action#PASSWORD PASSWORD
.
The username
request parameter.
This property holds a valid value only when the value of grant_type
request parameter in the token request is password
.