OidcTokenExchange (stSoftware API)

java.lang.Object
- com.aspc.cms.rest.plugin.oidc.OidcTokenExchange

```
public final class OidcTokenExchange
extends java.lang.Object
```
Handles server-side HTTP calls to Cognito's /oauth2/token endpoint for exchanging authorisation codes and refreshing tokens.
All methods read configuration from OidcConfig and POST form-encoded requests to the Cognito token endpoint.

Author:

Claude

Method Summary

All Methods Static Methods Concrete Methods
Modifier and Type	Method and Description
`static OidcTokenResponse`	`exchangeAuthCode(java.lang.String code)` Exchanges an authorisation code for tokens using the `authorization_code` grant type.
`static OidcTokenResponse`	`parseTokenResponse(java.lang.String responseBody)` Parses a successful JSON response into an `OidcTokenResponse`.
`static OidcTokenResponse`	`postTokenRequest(java.lang.String tokenEndpoint, java.lang.String formBody)` Posts a form-encoded request to the given token endpoint and parses the JSON response.
`static OidcTokenResponse`	`refreshTokens(java.lang.String refreshToken)` Exchanges a refresh token for new access and ID tokens using the `refresh_token` grant type.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

exchangeAuthCode
```
@CheckReturnValue
 @Nonnull
public static OidcTokenResponse exchangeAuthCode(@Nonnull
                                                                             java.lang.String code)
                                                                      throws OidcTokenExchangeException
```
Exchanges an authorisation code for tokens using the authorization_code grant type.

Parameters:

code - the authorisation code received from Cognito's callback

Returns:

the token response containing access, ID, and refresh tokens

Throws:

OidcTokenExchangeException - if Cognito returns an error or the request fails

refreshTokens
```
@CheckReturnValue
 @Nonnull
public static OidcTokenResponse refreshTokens(@Nonnull
                                                                          java.lang.String refreshToken)
                                                                   throws OidcTokenExchangeException
```
Exchanges a refresh token for new access and ID tokens using the refresh_token grant type.
Note: Cognito does not return a new refresh token in the response for refresh_token grants.

Parameters:

refreshToken - the refresh token

Returns:

the token response containing new access and ID tokens

Throws:

OidcTokenExchangeException - if Cognito returns an error or the request fails

postTokenRequest

@CheckReturnValue
 @Nonnull
public static OidcTokenResponse postTokenRequest(@Nonnull
                                                                             java.lang.String tokenEndpoint,
                                                                             @Nonnull
                                                                             java.lang.String formBody)
                                                                      throws OidcTokenExchangeException

Posts a form-encoded request to the given token endpoint and parses the JSON response.

Parameters:: tokenEndpoint - the Cognito token endpoint URL; formBody - the URL-encoded form body
Returns:: the parsed token response
Throws:: OidcTokenExchangeException - on HTTP or parsing errors

parseTokenResponse

@CheckReturnValue
 @Nonnull
public static OidcTokenResponse parseTokenResponse(@Nonnull
                                                                               java.lang.String responseBody)
                                                                        throws OidcTokenExchangeException

Parses a successful JSON response into an OidcTokenResponse.

Throws:: OidcTokenExchangeException

Class OidcTokenExchange

Method Summary

Methods inherited from class java.lang.Object

Method Detail

exchangeAuthCode

refreshTokens

postTokenRequest

parseTokenResponse