OidcTokenV1 (stSoftware API)

java.lang.Object
- com.aspc.cms.rest.plugin.oidc.OidcTokenV1

All Implemented Interfaces:

RestPluginProcess, RestPluginThrottling
```
public class OidcTokenV1
extends java.lang.Object
implements RestPluginProcess, RestPluginThrottling
```
REST plugin that returns the current access token and ID token after OIDC authentication.
Endpoint: GET /oidc/token

The frontend calls this endpoint after the callback redirect to obtain tokens for Bearer authentication. Two authentication flows are supported:
1. One-time session token — the session cookie set during the callback redirect is used to retrieve cached tokens. The token is invalidated after first use to prevent replay.
2. Refresh token cookie — if no session token is present, the refresh token cookie is used to obtain new access and ID tokens from Cognito.
Returns HTTP 401 if no valid authentication cookie is present.
Author:

Claude

Field Summary

Fields
Modifier and Type	Field and Description
`static int`	`DEFAULT_EXPIRES_IN` Default token expiry in seconds (1 hour).
`static int`	`RATE_LIMIT_PERIOD_SECONDS` Throttling period in seconds (1 minute).
`static int`	`RATE_LIMIT_REQUESTS` Maximum requests per throttling period.

Constructor Summary

Constructors
Constructor and Description

OidcTokenV1()

Constructors
Constructor and Description
`OidcTokenV1()`

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`static JSONObject`	`buildErrorResponse()` Builds the JSON error response for unauthenticated requests.
`static JSONObject`	`buildTokenResponse(java.lang.String accessToken, java.lang.String idToken, int expiresIn)` Builds the JSON token response returned to the frontend.
`java.lang.String`	`getCounterKey(WebClient client, RestDefinition restDefinition)` get the key of the throttling counter, the key has to be shorter than 255 characters
`int`	`getPeriod(WebClient client, RestDefinition rd)` get the throttling period in seconds
`int`	`getRequestLimit(WebClient client, RestDefinition rd)` -1 is no limit 0 is always reject n is allow n requests in each throttling period
`java.lang.Object`	`restCreate(WebClient client, RestDefinition restDefinition, MutableDataSource mds)` HTTP POST calls the the Create ReST service.
`java.lang.Object`	`restDelete(WebClient client, RestDefinition restDefinition, MutableDataSource mds)` HTTP DELETE calls the the Delete ReST service.
`java.lang.Object`	`restRetrieve(WebClient client, RestDefinition restDefinition, ReadOnlyDataSource rds)` HTTP GET calls the the Retrieval ReST service.
`java.lang.Object`	`restUpdate(WebClient client, RestDefinition restDefinition, MutableDataSource mds)` HTTP PUT calls the the Update ReST service.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail
- DEFAULT_EXPIRES_IN
```
public static final int DEFAULT_EXPIRES_IN
```
  Default token expiry in seconds (1 hour).
  
  See Also:
  
  Constant Field Values
- RATE_LIMIT_REQUESTS
```
public static final int RATE_LIMIT_REQUESTS
```
  Maximum requests per throttling period.
  
  See Also:
  
  Constant Field Values
- RATE_LIMIT_PERIOD_SECONDS
```
public static final int RATE_LIMIT_PERIOD_SECONDS
```
  Throttling period in seconds (1 minute).
  
  See Also:
  
  Constant Field Values

Constructor Detail
- OidcTokenV1
```
public OidcTokenV1()
```

Method Detail

restRetrieve

@CheckReturnValue
 @Nonnull
public java.lang.Object restRetrieve(@Nonnull
                                                                 WebClient client,
                                                                 @Nonnull
                                                                 RestDefinition restDefinition,
                                                                 @Nonnull
                                                                 ReadOnlyDataSource rds)
                                                          throws java.lang.Exception

Description copied from interface: RestPluginProcess

HTTP GET calls the the Retrieval ReST service.

Specified by:: restRetrieve in interface RestPluginProcess
Parameters:: client - the client. Null means check only of ops; restDefinition - the definition; rds - the data source to use
Returns:: the JSON object/array if processed.
Throws:: java.lang.UnsupportedOperationException - if this method is NOT supported.; java.lang.Exception - an error has occurred.

restCreate

@CheckReturnValue
 @Nonnull
public java.lang.Object restCreate(@Nonnull
                                                               WebClient client,
                                                               @Nonnull
                                                               RestDefinition restDefinition,
                                                               @Nonnull
                                                               MutableDataSource mds)
                                                        throws java.lang.Exception

Description copied from interface: RestPluginProcess

HTTP POST calls the the Create ReST service.

Specified by:: restCreate in interface RestPluginProcess
Parameters:: client - the client. Null means check only of ops; restDefinition - the definition; mds - the data source to use
Returns:: the JSON object/array if processed.
Throws:: java.lang.UnsupportedOperationException - if this method is NOT supported.; ExceptionResponse - an error has occurred.; java.lang.Exception

restUpdate

@CheckReturnValue
 @Nonnull
public java.lang.Object restUpdate(@Nonnull
                                                               WebClient client,
                                                               @Nonnull
                                                               RestDefinition restDefinition,
                                                               @Nonnull
                                                               MutableDataSource mds)
                                                        throws java.lang.Exception

Description copied from interface: RestPluginProcess

HTTP PUT calls the the Update ReST service.

Specified by:: restUpdate in interface RestPluginProcess
Parameters:: client - the client. Null means check only of ops; restDefinition - the definition; mds - the data source to use
Returns:: the JSON object/array if processed.
Throws:: java.lang.UnsupportedOperationException - if this method is NOT supported.; ExceptionResponse - an error has occurred.; java.lang.Exception

restDelete

@CheckReturnValue
 @Nonnull
public java.lang.Object restDelete(@Nonnull
                                                               WebClient client,
                                                               @Nonnull
                                                               RestDefinition restDefinition,
                                                               @Nonnull
                                                               MutableDataSource mds)
                                                        throws java.lang.Exception

Description copied from interface: RestPluginProcess

HTTP DELETE calls the the Delete ReST service.

Specified by:: restDelete in interface RestPluginProcess
Parameters:: client - the client. Null means check only of ops; restDefinition - the definition; mds - the data source to use.
Returns:: the JSON object/array if processed.
Throws:: java.lang.UnsupportedOperationException - if this method is NOT supported.; ExceptionResponse - an error has occurred.; java.lang.Exception

getCounterKey

@CheckReturnValue
 @Nullable
public java.lang.String getCounterKey(@Nonnull
                                                                   WebClient client,
                                                                   @Nonnull
                                                                   RestDefinition restDefinition)
                                                            throws java.lang.Exception

Description copied from interface: RestPluginThrottling

get the key of the throttling counter, the key has to be shorter than 255 characters

Specified by:: getCounterKey in interface RestPluginThrottling
Parameters:: client - the client. Null means check only of ops; restDefinition - the definition
Returns:: The throttling counter key. Does NOT throttling if this method return null or empty string
Throws:: java.lang.UnsupportedOperationException - if this method is NOT supported.; java.lang.Exception - an error has occurred.

getRequestLimit
```
public int getRequestLimit(@Nonnull
                           WebClient client,
                           @Nonnull
                           RestDefinition rd)
                    throws java.lang.Exception
```
Description copied from interface: RestPluginThrottling

-1 is no limit 0 is always reject n is allow n requests in each throttling period

Specified by:

getRequestLimit in interface RestPluginThrottling

Parameters:

client - the client. Null means check only of ops

rd - the definition

Returns:

Throws:

java.lang.UnsupportedOperationException - use default throttling settings configured in RestDefinition record

java.lang.Exception

getPeriod
```
public int getPeriod(@Nonnull
                     WebClient client,
                     @Nonnull
                     RestDefinition rd)
              throws java.lang.Exception
```
Description copied from interface: RestPluginThrottling

get the throttling period in seconds

Specified by:

getPeriod in interface RestPluginThrottling

Parameters:

client - the client. Null means check only of ops

rd - the definition

Returns:

Throws:

java.lang.UnsupportedOperationException - use default throttling settings configured in RestDefinition record

java.lang.Exception

buildTokenResponse

@CheckReturnValue
 @Nonnull
public static JSONObject buildTokenResponse(@Nonnull
                                                                        java.lang.String accessToken,
                                                                        @Nonnull
                                                                        java.lang.String idToken,
                                                                        int expiresIn)

Builds the JSON token response returned to the frontend.

Parameters:: accessToken - the OAuth2 access token; idToken - the OpenID Connect ID token; expiresIn - the token lifetime in seconds
Returns:: the JSON response object

buildErrorResponse
```
@CheckReturnValue
 @Nonnull
public static JSONObject buildErrorResponse()
```
Builds the JSON error response for unauthenticated requests.

Returns:

the JSON error response

Class OidcTokenV1

Endpoint: `GET /oidc/token`

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

DEFAULT_EXPIRES_IN

RATE_LIMIT_REQUESTS

RATE_LIMIT_PERIOD_SECONDS

Constructor Detail

OidcTokenV1

Method Detail

restRetrieve

restCreate

restUpdate

restDelete

getCounterKey

getRequestLimit

getPeriod

buildTokenResponse

buildErrorResponse

Class OidcTokenV1

Endpoint: GET /oidc/token

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

DEFAULT_EXPIRES_IN

RATE_LIMIT_REQUESTS

RATE_LIMIT_PERIOD_SECONDS

Constructor Detail

OidcTokenV1

Method Detail

restRetrieve

restCreate

restUpdate

restDelete

getCounterKey

getRequestLimit

getPeriod

buildTokenResponse

buildErrorResponse

Endpoint: `GET /oidc/token`