Home > Class Reference > %SYS namespace > OAuth2.Server.Client

OAuth2.Server.Client

persistent class OAuth2.Server.Client extends %Library.Persistent

SQL Table Name: OAuth2_Server.Client

OAuth2.Server.Configuration is a persistent class which describes the clients which have registered with this authorization server. This class is used internally by Caché. You should not make direct use of it within your applications. There is no guarantee made about either the behavior or future operation of this class.

Properties

property ClientCredentials as %String;
ClientCredentials is the alias of the %SYS.X509Credentials object which contains the client's certificate.
Property methods: ClientCredentialsDisplayToLogical(), ClientCredentialsGet(), ClientCredentialsGetStored(), ClientCredentialsIsValid(), ClientCredentialsLogicalToDisplay(), ClientCredentialsLogicalToOdbc(), ClientCredentialsNormalize(), ClientCredentialsSet()
property ClientId as %String (MAXLEN = 1024, MINLEN = 1) [ Required ];
The unique id which we generate for this client.
Property methods: ClientIdDisplayToLogical(), ClientIdGet(), ClientIdGetStored(), ClientIdIsValid(), ClientIdLogicalToDisplay(), ClientIdLogicalToOdbc(), ClientIdNormalize(), ClientIdSet()
property ClientSecret as %String (MAXLEN = 1024);
ClientSecret is the secret which is used as a client password.
Property methods: ClientSecretDisplayToLogical(), ClientSecretGet(), ClientSecretGetStored(), ClientSecretIsValid(), ClientSecretLogicalToDisplay(), ClientSecretLogicalToOdbc(), ClientSecretNormalize(), ClientSecretSet()
property ClientType as %String (VALUELIST = ",public,confidential,resource") [ Required ];
The type of client configuration:
public - a public client. See RFC 6749 confidential - a confidential client. See RFC 6749 resource - a resource server which is not also a client.
Chosen by user during configuration. Will usually be confidential client for Cache application.
Property methods: ClientTypeDisplayToLogical(), ClientTypeGet(), ClientTypeGetStored(), ClientTypeIsValid(), ClientTypeLogicalToDisplay(), ClientTypeLogicalToOdbc(), ClientTypeNormalize(), ClientTypeSet()
property DefaultScope as %String (MAXLEN = 1024);
DefaultScope is a blank separated list containing the default for access token scope if scope is not specified in the access token request.
Property methods: DefaultScopeDisplayToLogical(), DefaultScopeGet(), DefaultScopeGetStored(), DefaultScopeIsValid(), DefaultScopeLogicalToDisplay(), DefaultScopeLogicalToOdbc(), DefaultScopeNormalize(), DefaultScopeSet()
property Description as %String (MAXLEN = 256);
Description of the client.
Chosen by user during configuration.
Property methods: DescriptionDisplayToLogical(), DescriptionGet(), DescriptionGetStored(), DescriptionIsValid(), DescriptionLogicalToDisplay(), DescriptionLogicalToOdbc(), DescriptionNormalize(), DescriptionSet()
property LaunchURL as %String (MAXLEN = 1024);
LaunchURL is the URL used to launch this client. LaunchURL may be used in some circumstances to identify the client and as the value of the aud claim.
Property methods: LaunchURLDisplayToLogical(), LaunchURLGet(), LaunchURLGetStored(), LaunchURLIsValid(), LaunchURLLogicalToDisplay(), LaunchURLLogicalToOdbc(), LaunchURLNormalize(), LaunchURLSet()
property Metadata as OAuth2.Client.Metadata;
The meta data which describes this client.
Property methods: MetadataGet(), MetadataGetObject(), MetadataGetObjectId(), MetadataGetStored(), MetadataGetSwizzled(), MetadataIsValid(), MetadataNewObject(), MetadataSet(), MetadataSetObject(), MetadataSetObjectId(), MetadataUnSwizzle()
property Name as %String (MAXLEN = 128);
Arbitrary name of client. Required only if entered manually. When dynamically registered, Name is set to "client_name" from the client metadata.
Property methods: NameDisplayToLogical(), NameGet(), NameGetStored(), NameIsValid(), NameLogicalToDisplay(), NameLogicalToOdbc(), NameNormalize(), NameSet()
property RedirectURL as list of %String (MAXLEN = 1024);
RedirectURL is the expected redirect URL for this client.
Property methods: RedirectURLBuildValueArray(), RedirectURLCollectionToDisplay(), RedirectURLCollectionToOdbc(), RedirectURLDisplayToCollection(), RedirectURLDisplayToLogical(), RedirectURLGet(), RedirectURLGetObject(), RedirectURLGetObjectId(), RedirectURLGetStored(), RedirectURLGetSwizzled(), RedirectURLIsValid(), RedirectURLLogicalToDisplay(), RedirectURLLogicalToOdbc(), RedirectURLNormalize(), RedirectURLOdbcToCollection(), RedirectURLSet(), RedirectURLSetObject(), RedirectURLSetObjectId()
property SupportedGrantTypes as %String (MAXLEN = 4, MINLEN = 1);
**** Moved to OAuth2.Client.Metadata when dynamic client support introduced
SupportedGrantTypes is the grant types that are supported to create an access token. This property is a string of 1 to 4 characters with one character for each supported grant type as follows:
- "A" - Authorization Code - "I" - Implicit - "P" - Resource Owner Password Credentials - "C" - Client Credentials
Property methods: SupportedGrantTypesDisplayToLogical(), SupportedGrantTypesGet(), SupportedGrantTypesGetStored(), SupportedGrantTypesIsValid(), SupportedGrantTypesLogicalToDisplay(), SupportedGrantTypesLogicalToOdbc(), SupportedGrantTypesNormalize(), SupportedGrantTypesSet()
property client_name as %String (MAXLEN = 128);
**** Moved to OAuth2.Client.Metadata when dynamic client support introduced
client_name is the name of the Client to be presented to the EndUser.
Property methods: client_nameDisplayToLogical(), client_nameGet(), client_nameGetStored(), client_nameIsValid(), client_nameLogicalToDisplay(), client_nameLogicalToOdbc(), client_nameNormalize(), client_nameSet()
property client_uri as %OAuth2.uri;
**** Moved to OAuth2.Client.Metadata when dynamic client support introduced
client_uri is the URL of the home page of the Client. The value of this field must point to a valid Web page. If present, the authorization server will display this URL to the EndUser in a followable fashion.
Property methods: client_uriDisplayToLogical(), client_uriGet(), client_uriGetStored(), client_uriIsValid(), client_uriLogicalToDisplay(), client_uriLogicalToOdbc(), client_uriNormalize(), client_uriSet()
property logo_uri as %OAuth2.uri;
**** Moved to OAuth2.Client.Metadata when dynamic client support introduced
logo_uri is a URL that references a logo for the Client application. If present, the authorization server will display this image to the EndUser during approval. The value of this field must point to a valid image file.
Property methods: logo_uriDisplayToLogical(), logo_uriGet(), logo_uriGetStored(), logo_uriIsValid(), logo_uriLogicalToDisplay(), logo_uriLogicalToOdbc(), logo_uriNormalize(), logo_uriSet()
property policy_uri as %OAuth2.uri;
**** Moved to OAuth2.Client.Metadata when dynamic client support introduced
policy_uri is the that the Relying Party Client provides to the EndUser to read about the how the profile data will be used. The value of this field must point to a valid web page.
Property methods: policy_uriDisplayToLogical(), policy_uriGet(), policy_uriGetStored(), policy_uriIsValid(), policy_uriLogicalToDisplay(), policy_uriLogicalToOdbc(), policy_uriNormalize(), policy_uriSet()
property tos_uri as %OAuth2.uri;
**** Moved to OAuth2.Client.Metadata when dynamic client support introduced
tos_uri is the URL that the Relying Party Client provides to the EndUser to read about the Relying Party's terms of service. The value of this field must point to a valid web page.
Property methods: tos_uriDisplayToLogical(), tos_uriGet(), tos_uriGetStored(), tos_uriIsValid(), tos_uriLogicalToDisplay(), tos_uriLogicalToOdbc(), tos_uriNormalize(), tos_uriSet()

Methods

classmethod DeleteId(id As %String) as %Status
Delete this client configuration.
classmethod Open(clientId As %String, Output sc As %Status) as OAuth2.Server.Client
Open the OAuth2.Server.Client instance.
method Save() as %Status
Save this OAuth2.Server.Client instance.
method SetPublicJWKS(publicJWKS As %String, jwksUri As %String) as %Status
Manually set the client supplied public JWKS and optionally jwks_uri.
method UpdateJWKS(server As OAuth2.Server.Configuration, Output sc As %Status) as %Boolean
Get and save a new public JWKS for this client if the JWKS was specified using jwks_uri metadata. Return true if new JWKS was obtained

Inherited Methods

%AddToSaveSet() %GUIDSet() %OriginalNamespace()
%AddToSyncSet() %GetLock() %PackageName()
%BMEBuilt() %GetParameter() %PhysicalAddress()
%CheckConstraints() %GetSwizzleObject() %PurgeIndices()
%CheckConstraintsForExtent() %Id() %Reload()
%ClassIsLatestVersion() %InsertBatch() %RemoveFromSaveSet()
%ClassName() %IsA() %ResolveConcurrencyConflict()
%ComposeOid() %IsModified() %RollBack()
%ConstructClone() %IsNull() %Save()
%Delete() %KillExtent() %SaveDirect()
%DeleteExtent() %KillExtentData() %SaveIndices()
%DeleteId() %LoadFromMemory() %SerializeObject()
%DispatchClassMethod() %LockExtent() %SetModified()
%DispatchGetModified() %LockId() %SortBegin()
%DispatchGetProperty() %New() %SortEnd()
%DispatchMethod() %NormalizeObject() %SyncObjectIn()
%DispatchSetModified() %ObjectIsNull() %SyncTransport()
%DispatchSetMultidimProperty() %ObjectModified() %UnlockExtent()
%DispatchSetProperty() %Oid() %UnlockId()
%Exists() %OnBeforeAddToSync() %ValidateIndices()
%ExistsId() %OnDetermineClass() %ValidateObject()
%Extends() %Open()
%GUID() %OpenId()

Queries

query List()
SQL Query:
SELECT Name, ClientId, ClientType, RedirectURL, Description FROM Client ORDER BY Name
List client registrations for SMP page

Indexes

index (ClientIndex on ClientId) [IdKey, Type = key, Unique];
The IDKEY for the client configuration class.
Index methods: ClientIndexCheck(), ClientIndexDelete(), ClientIndexExists(), ClientIndexOpen(), ClientIndexSQLCheckUnique(), ClientIndexSQLExists(), ClientIndexSQLFindPKeyByConstraint(), ClientIndexSQLFindRowIDByConstraint()

Storage

Storage Model: CacheStorage (OAuth2.Server.Client)

^OAuth2.Server.ClientD(ID)
=
%%CLASSNAME
ClientSecret
RedirectURL
DefaultScope
SupportedGrantTypes
Description
ClientType
Name
LaunchURL
ClientCredentials
logo_uri
client_uri
policy_uri
tos_uri
LogoUri
ClientUri
PolicyUri
TosUri
client_name
Metadata
PrivateJWKS
PublicJWKS
RemotePublicJWKS