Lyle/eng 3375/introspect and libs

src/main/java/io/fusionauth/domain/oauth2/AccessTokenIntrospectRequest.java

@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2025, FusionAuth, All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
+ */
+package io.fusionauth.domain.oauth2;
+
+/**
+ * The request object for introspecting an access token.
+ *
+ * @author Lyle Schemmerling
+ */
+public class AccessTokenIntrospectRequest {
+
+  /**
+   * The unique client identifier. The client Id is the Id of the FusionAuth Application for which this token was generated.
+   */
+  public String client_id;
+
+  /**
+   * (Optional) The Id of the tenant to which this request is being made.
+   */
+  public String tenantId;
+
+  /**
+   * The access token returned by this OAuth provider as the result of a successful client credentials grant.
+   */
+  public String token;
+}

src/main/java/io/fusionauth/domain/oauth2/ClientCredentialsAccessTokenIntrospectRequest.java

@@ -0,0 +1,33 @@
+/*
+ * Copyright (c) 2025, FusionAuth, All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
+ */
+package io.fusionauth.domain.oauth2;
+
+/**
+ * Contains the parameters used to introspect an access token that was obtained via the client credentials grant.
+ *
+ * @author Lyle Schemmerling
+ */
+public class ClientCredentialsAccessTokenIntrospectRequest {
+  /**
+   * (Optional) The Id of the tenant to which this request is being made.
+   */
+  public String tenantId;
+
+  /**
+   * The access token returned by this OAuth provider as the result of a successful client credentials grant.
+   */
+  public String token;
+}

src/main/java/io/fusionauth/domain/oauth2/ClientCredentialsGrantRequest.java

@@ -0,0 +1,51 @@
+/*
+ * Copyright (c) 2025, FusionAuth, All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
+ */
+package io.fusionauth.domain.oauth2;
+
+/**
+ * The request object to make a Client Credentials grant request to obtain an access token.
+ *
+ * @author Lyle Schemmerling
+ */
+public class ClientCredentialsGrantRequest {
+  /**
+   * (Optional) The unique Id of the FusionAuth Application to use for this request. If not provided, the client_id must be a
+   * valid API key.
+   */
+  public String client_id;
+
+  /**
+   * (Optional) The client secret used to authenticate this request.
+   * This parameter is optional when Basic Authorization is used to authenticate this request.
+   */
+  public String client_secret;
+
+  /**
+   * The grant type to be used. This value must be set to client_credentials
+   */
+  public String grant_type;
+
+  /**
+   * (Optional) This parameter is used to indicate which target entity you are requesting access. To request access to an entity, use the format
+   * target-entity:<target-entity-id>:<roles>. Roles are an optional comma separated list.
+   */
+  public String scope;
+
+  /**
+   * (Optional) The Id of the tenant to which this request is being made.
+   */
+  public String tenantId;
+}

src/main/java/io/fusionauth/domain/oauth2/DeviceApprovalRequest.java

@@ -0,0 +1,50 @@
+/*
+ * Copyright (c) 2025, FusionAuth, All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
+ */
+package io.fusionauth.domain.oauth2;
+
+import java.util.UUID;
+
+/**
+ * The request object to approve a device grant.
+ *
+ * @author Lyle Schemmerling
+ */
+public class DeviceApprovalRequest {
+  /**
+   * (Optional) The unique client identifier. The client Id is the Id of the FusionAuth Application in which you are attempting to authenticate.
+   */
+  public String client_id;
+
+  /**
+   * (Optional) The client secret. This value will be required if client authentication is enabled.
+   */
+  public String client_secret;
+
+  /**
+   * (Optional) The Id of the tenant to which this request is being made.
+   */
+  public UUID tenantId;
+
+  /**
+   * The access token used to identify the user.
+   */
+  public String token;
+
+  /**
+   * The end-user verification code.
+   */
+  public String user_code;
+}

src/main/java/io/fusionauth/domain/oauth2/DeviceAuthorizationRequest.java

@@ -0,0 +1,43 @@
+/*
+ * Copyright (c) 2025, FusionAuth, All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
+ */
+package io.fusionauth.domain.oauth2;
+
+import java.util.UUID;
+
+/**
+ * @author Lyle Schemmerling
+ */
+public class DeviceAuthorizationRequest {
+  /**
+   * The unique client identifier. The client Id is the Id of the FusionAuth Application in which you are attempting to authenticate.
+   */
+  public String client_id;
+
+  /**
+   * (Optional) The client secret. This value may optionally be provided in the request body instead of the Authorization header.
+   */
+  public String client_secret;
+
+  /**
+   * (Optional) A space-delimited string of the requested scopes. Defaults to all scopes configured in the Application's OAuth configuration.
+   */
+  public String scope;
+
+  /**
+   * (Optional) The Id of the tenant to use for this request.
+   */
+  public UUID tenantId;
+}

src/main/java/io/fusionauth/domain/oauth2/OAuthCodeAccessTokenRequest.java

@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2025, FusionAuth, All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
+ */
+package io.fusionauth.domain.oauth2;
+
+/**
+ * The request object for exchanging an OAuth authorization code for an access token.
+ *
+ * @author Lyle Schemmerling
+ */
+public class OAuthCodeAccessTokenRequest {
+  /**
+   * (Optional) The unique client identifier. The client Id is the Id of the FusionAuth Application in which you are attempting to authenticate.",
+   * This field is optional when Basic Authorization is used to authenticate this request.
+   */
+  public String client_id;
+
+  /**
+   * (Optional) The client secret. This value will be required if client authentication is enabled.
+   */
+  public String client_secret;
+
+  /**
+   * The authorization code returned on the /oauth2/authorize response.
+   */
+  public String code;
+
+  /**
+   * The grant type to be used. This value must be set to authorization_code
+   */
+  public String grant_type;
+
+  /**
+   * The URI to redirect to upon a successful request.
+   */
+  public String redirect_uri;
+
+  /**
+   * (Optional) The Id of the tenant to which this request is being made.
+   */
+  public String tenantId;
+}

src/main/java/io/fusionauth/domain/oauth2/OAuthCodePKCEAccessTokenRequest.java

@@ -0,0 +1,63 @@
+/*
+ * Copyright (c) 2025, FusionAuth, All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
+ */
+package io.fusionauth.domain.oauth2;
+
+import java.util.UUID;
+
+/**
+ * The request object to make a request to the Token endpoint to exchange the authorization code returned from the Authorize endpoint and a
+ * code_verifier for an access token.
+ *
+ * @author Lyle Schemmerling
+ */
+public class OAuthCodePKCEAccessTokenRequest {
+  /**
+   * (Optional) The unique client identifier. The client Id is the Id of the FusionAuth Application in which you are attempting to authenticate.
+   * This parameter is optional when the Authorization header is provided.
+   */
+  public String client_id;
+
+  /**
+   * (Optional) The client secret. This value may optionally be provided in the request body instead of the Authorization header.
+   */
+  public String client_secret;
+
+  /**
+   * The authorization code returned on the /oauth2/authorize response.
+   */
+  public String code;
+
+  /**
+   * The random string generated previously. Will be compared with the code_challenge sent previously, which allows the OAuth provider to authenticate
+   * your app.
+   */
+  public String code_verifier;
+
+  /**
+   * The grant type to be used. This value must be set to authorization_code
+   */
+  public String grant_type;
+
+  /**
+   * The URI to redirect to upon a successful request.
+   */
+  public String redirect_uri;
+
+  /**
+   * (Optional) The Id of the tenant to which this request is being made.
+   */
+  public UUID tenantId;
+}