Nav

OAuth Module Documentation Reference

An extension to hook OAuth2 to HTTP extension connectors.

Configurations


Config

Default configuration

Parameters

Name Type Description Default Value Required

Name

String

The name for this configuration. Connectors reference the configuration with this name.

x 

Operations

Invalidate Oauth Context

<oauth:invalidate-oauth-context>

Clears the oauth context for a token manager and a resource owner id.

Parameters

Name Type Description Default Value Required

Token Manager

The token manager which holds the credentials to invalidate.

x 

Resource Owner Id

String

The resource owner id to invalidate. This attribute is only allowed for authorization code grant type.

default

 

Retrieve Access Token

<oauth:retrieve-access-token>

Returns the access token of the token manager for the parametrized resource owner ID

Parameters

Name Type Description Default Value Required

Token Manager

The token manager which holds the access token.

x 

Resource Owner Id

String

The resource owner id to invalidate. This attribute is only allowed for authorization code grant type.

default

 

Output Mime Type

String

The mime type of the payload that this operation outputs.

 

Target Variable

String

The name of a variable on which the operation's output will be placed

 

Target Value

String

An expression that will be evaluated against the operation's output and the outcome of that expression will be stored in the target variable

#[payload]

 

Output

Type

String

Retrieve Custom Token Response Param

<oauth:retrieve-custom-token-response-param>

Returns the value of the parameter that was extracted during the dance from the token manager for the parametrized resource owner ID

Parameters

Name Type Description Default Value Required

Token Manager

The token manager which holds the access token.

x 

Resource Owner Id

String

The resource owner id to invalidate. This attribute is only allowed for authorization code grant type.

default

 

Key

String

to look for in the elements that has been extracted after the previous OAuth dance.

x 

Target Variable

String

The name of a variable on which the operation's output will be placed

 

Target Value

String

An expression that will be evaluated against the operation's output and the outcome of that expression will be stored in the target variable

#[payload]

 

Output

Type

Any

Retrieve Expires In

<oauth:retrieve-expires-in>

Returns the expiration of the oauth context for the parametrized resource owner ID

Parameters

Name Type Description Default Value Required

Token Manager

The token manager which holds the access token.

x 

Resource Owner Id

String

The resource owner id to invalidate. This attribute is only allowed for authorization code grant type.

default

 

Output Mime Type

String

The mime type of the payload that this operation outputs.

 

Target Variable

String

The name of a variable on which the operation's output will be placed

 

Target Value

String

An expression that will be evaluated against the operation's output and the outcome of that expression will be stored in the target variable

#[payload]

 

Output

Type

String

Retrieve Refresh Token

<oauth:retrieve-refresh-token>

Returns the refresh token of the oauth context for the parametrized resource owner ID

Parameters

Name Type Description Default Value Required

Token Manager

The token manager which holds the refresh token.

x 

Resource Owner Id

String

The resource owner id to invalidate. This attribute is only allowed for authorization code grant type.

default

 

Output Mime Type

String

The mime type of the payload that this operation outputs.

 

Target Variable

String

The name of a variable on which the operation's output will be placed

 

Target Value

String

An expression that will be evaluated against the operation's output and the outcome of that expression will be stored in the target variable

#[payload]

 

Output

Type

String

Retrieve State

<oauth:retrieve-state>

Returns the state of the oauth context for the parametrized resource owner ID

Parameters

Name Type Description Default Value Required

Token Manager

The token manager which holds the access token.

x 

Resource Owner Id

String

The resource owner id to invalidate. This attribute is only allowed for authorization code grant type.

default

 

Output Mime Type

String

The mime type of the payload that this operation outputs.

 

Target Variable

String

The name of a variable on which the operation's output will be placed

 

Target Value

String

An expression that will be evaluated against the operation's output and the outcome of that expression will be stored in the target variable

#[payload]

 

Output

Type

String

Types

Token Manager Config

Field Type Description Default Value Required

Object Store

Authorization Code Grant Type

Field Type Description Default Value Required

Local Callback Config

String

Local Callback Config Path

String

Local Callback Url

String

External Callback Url

String

x

State

String

Local Authorization Url Resource Owner Id

String

Local Authorization Url

String

x

Authorization Url

String

x

Custom Parameters

Object

Resource Owner Id

String

default

Client Id

String

x

Client Secret

String

x

Scopes

String

Token Manager

Token Url

String

x

Response Access Token

String

#[payload.access_token]

Response Refresh Token

String

#[payload.refresh_token]

Response Expires In

String

#[payload.expires_in]

Custom Parameter Extractors

Refresh Token When

Boolean

#[attributes.statusCode == 401 or attributes.statusCode == 403]

Tls Context Factory

Tls

Parameter Extractor

Field Type Description Default Value Required

Param Name

String

x

Value

String

x

Tls

Field Type Description Default Value Required

Enabled Protocols

String

A comma separated list of protocols enabled for this context.

Enabled Cipher Suites

String

A comma separated list of cipher suites enabled for this context.

Trust Store

Key Store

Trust Store

Field Type Description Default Value Required

Path

String

The location (which will be resolved relative to the current classpath and file system, if possible) of the trust store.

Password

String

The password used to protect the trust store.

Type

String

The type of store used.

Algorithm

String

The algorithm used by the trust store.

Insecure

Boolean

If true, no certificate validations will be performed, rendering connections vulnerable to attacks. Use at your own risk.

Key Store

Field Type Description Default Value Required

Path

String

The location (which will be resolved relative to the current classpath and file system, if possible) of the key store.

Type

String

The type of store used.

Alias

String

When the key store contains many private keys, this attribute indicates the alias of the key that should be used. If not defined, the first key in the file will be used by default.

Key Password

String

The password used to protect the private key.

Password

String

The password used to protect the key store.

Algorithm

String

The algorithm used by the key store.

Client Credentials Grant Type

Field Type Description Default Value Required

Encode Client Credentials In Body

Boolean

false

Client Id

String

x

Client Secret

String

x

Scopes

String

Token Manager

Token Url

String

x

Response Access Token

String

#[payload.access_token]

Response Refresh Token

String

#[payload.refresh_token]

Response Expires In

String

#[payload.expires_in]

Custom Parameter Extractors

Refresh Token When

Boolean

#[attributes.statusCode == 401 or attributes.statusCode == 403]

Tls Context Factory

Tls