Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-9706

AuthzClient - allow setting token_type_hint when calling ProtectionResource.introspectRequestingPartyToken

    XMLWordPrintable

    Details

    • Type: Enhancement
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Rejected
    • Affects Version/s: 4.8.3.Final
    • Fix Version/s: None
    • Component/s: Authorization Services
    • Labels:
      None
    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      I'd like to use the org.keycloak.authorization.client.AuthzClient to introspect a token with token_type_hint="access_token". Sadly, currently it's hard-coded to token_type_hint="requesting_party_token":
      https://github.com/keycloak/keycloak/blob/master/authz/client/src/main/java/org/keycloak/authorization/client/resource/ProtectionResource.java#LL82

      To avoid breaking existing code, adding to the existing class org.keycloak.authorization.client.resource.ProtectionResource a 2nd overloaded version of
      introspectRequestingPartyToken
      that takes a "token_type_hint" parameter seems like a good solution. For example:

          /**
           * Introspects the given <code>rpt</code> using the token introspection endpoint.
           *
           * @param rpt the rpt to introspect
           * @param token_type_hint the token_type_hint value
           * @return the {@link TokenIntrospectionResponse}
           */
          public TokenIntrospectionResponse introspectRequestingPartyToken(String rpt, String token_type_hint)
      

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                buzzp Brian Brooks
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: