Package com.pingidentity.sdk.accessgrant

Interface AccessGrantManager

  • public interface AccessGrantManager
    Provides the ability to create a custom Access Grant storage mechanism.
    Since:
    8.1

    • Method Detail

      • getByRefreshToken

        AccessGrant getByRefreshToken​(String refreshTokenValue)
                       throws AccessGrantManagementException
        Retrieves an AccessGrant by its refresh token value.
        Parameters:
        refreshTokenValue - the refresh token to search for.
        Returns:
        An AccessGrant with a refresh token value matching the param.
        Throws:
        AccessGrantManagementException - Runtime exception to indicate the retrieval of the AccessGrant has failed.

      • getByUserKeyScopeClientIdGrantTypeContext

        AccessGrant getByUserKeyScopeClientIdGrantTypeContext​(String userKey,
                                                      Scope scope,
                                                      String clientId,
                                                      String grantType,
                                                      String contextQualifier)
                                               throws AccessGrantManagementException
        Retrieves an access grant based on several specific criteria specified in the params.
        Parameters:
        userKey - the unique user identifier to retrieve access grants for.
        scope - the scope to retrieve access grants for.
        clientId - the client id to retrieve access grants for.
        grantType - the grant type to retrieve access grants for.
        contextQualifier - the contextual qualifier to retrieve access grants for.
        Throws:
        AccessGrantManagementException - Runtime exception to indicate the retrieval of the AccessGrant has failed.

      • getByUserKeyClientIdGrantType

        default Collection<AccessGrant> getByUserKeyClientIdGrantType​(String userKey,
                                                              String clientId,
                                                              String grantType)
                                                       throws AccessGrantManagementException
        Retrieves a collection of access grants based on several specific criteria specified in the params.
        Parameters:
        userKey - the unique user identifier to retrieve access grants for.
        clientId - the client id to retrieve access grants for.
        grantType - the grant type to retrieve access grants for.
        Throws:
        AccessGrantManagementException - Runtime exception to indicate the retrieval of the AccessGrant has failed.
        Since:
        12.0

      • revokeGrant

        void revokeGrant​(String accessGrantGuid)
          throws AccessGrantManagementException
        Revokes an access grant that has been previously issued.
        Parameters:
        accessGrantGuid - the guid of the access grant that is to be revoked.
        Throws:
        AccessGrantManagementException - Runtime exception to indicate the retrieval of the AccessGrant has failed.

      • revokeGrant

        void revokeGrant​(String userKey,
                 String accessGrantGuid)
          throws AccessGrantManagementException
        Revokes an access grant that has been previously issued.
        Parameters:
        userKey - the user identifier of the access grant to be revoked.
        accessGrantGuid - the guid of the access grant that is to be revoked.
        Throws:
        AccessGrantManagementException - Runtime exception to indicate the retrieval of the AccessGrant has failed.

      • deleteGrant

        default void deleteGrant​(String accessGrantGuid)
                  throws AccessGrantManagementException
        Deletes an access grant that has been previously issued. The method revokeGrant(String) deletes an access grant and may take further action to notify the deletion. Override this method to delete an access grant from the underlying storage mechanism and take no further action.
        Parameters:
        accessGrantGuid - the guid of the access grant that is to be revoked.
        Throws:
        AccessGrantManagementException - Runtime exception to indicate the retrieval of the AccessGrant has failed.
        Since:
        12.0

      • updateGrantAttributes

        void updateGrantAttributes​(String accessGrantGuid,
                           AccessGrantAttributesHolder attrHolder)
                    throws AccessGrantManagementException
        Updates the access grant attributes with the specified attributes.
        Parameters:
        accessGrantGuid - the guid of the access grant that is to be updated.
        attrHolder - a list of optional access grant attributes that are to be updated within the access grant.
        Throws:
        AccessGrantManagementException - Runtime exception to indicate the retrieval of the AccessGrant has failed.

      • updateRefreshToken

        void updateRefreshToken​(AccessGrant accessGrant)
                 throws AccessGrantManagementException
        Update the refresh token of the specified access grant. Use the guid specified in the accessGrant param as the key to perform the update. The hashedRefreshTokenValue variable passed in the accessGrant will contain the new refresh value. Implementations are responsible for ensuring the updated timestamp on persisted access grants is current.
        Parameters:
        accessGrant - the access grant to update which contains the new refresh token value.
        Throws:
        AccessGrantManagementException - Runtime exception to indicate the retrieval of the AccessGrant has failed.

      • updateExpiry

        default void updateExpiry​(AccessGrant accessGrant)
                   throws AccessGrantManagementException
        Update the expiry time of the specified access grant. Use the guid specified in the accessGrant param as the key to perform the update. The expires variable passed in the accessGrant will contain the expiry time. Implementations are responsible for ensuring the updated timestamp on persisted access grants is current.
        Parameters:
        accessGrant - the access grant to update which contains the new expiry time.
        Throws:
        AccessGrantManagementException - Runtime exception to indicate the retrieval of the AccessGrant has failed.
        Since:
        12.0

      • isDataSourceInUse

        boolean isDataSourceInUse​(String datasourceId)
        Determines if the specified data source is in use. Unless you are using the built-in JDBC, LDAP or custom data stores within PingFederate, this can simply return false.
        Parameters:
        datasourceId - the datasource id in use.
        Throws:
        AccessGrantManagementException - Runtime exception to indicate the retrieval of the AccessGrant has failed.

      • deleteExpiredGrants

        void deleteExpiredGrants()
        PingFederate periodically calls this method (once per day by default) to clear out expired access grants. When this method is invoked, cycle through all access grants and delete any that are expired.
        Throws:
        AccessGrantManagementException - Runtime exception to indicate the retrieval of the AccessGrant has failed.