OAuth2FlowType (Vert.x Stack

java.lang.Object
- java.lang.Enum<OAuth2FlowType>
- - io.vertx.ext.auth.oauth2.OAuth2FlowType

All Implemented Interfaces:

Serializable, Comparable<OAuth2FlowType>
```
public enum OAuth2FlowType
extends Enum<OAuth2FlowType>
```
OAuth2 Flows

Author:

Paulo Lopes

Enum Constant Summary

Enum Constants
Enum Constant and Description
`AAD_OBO` Extension OAuth2 flows to perform JSON Web Token Bearer Token authentication "On-Behalf-Of an existing user.
`AUTH_CODE` The authorization code is obtained by using an authorization server as an intermediary between the client and resource owner.
`AUTH_JWT` RFC7523: JSON Web Token Bearer Token as a means for requesting an OAuth 2.0 access token as well as for client authentication.
`CLIENT` The client credentials (or other forms of client authentication) can be used as an authorization grant when the authorization scope is limited to the protected resources under the control of the client, or to protected resources previously arranged with the authorization server.
`IMPLICIT` The implicit grant is a simplified authorization code flow optimized for clients implemented in a browser using a scripting language such as JavaScript.
`PASSWORD` The resource owner password credentials (i.e., username and password) can be used directly as an authorization grant to obtain an access token.

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`static OAuth2FlowType`	`getFlow(String grantType)`
`String`	`getGrantType()`
`static OAuth2FlowType`	`valueOf(String name)` Returns the enum constant of this type with the specified name.
`static OAuth2FlowType[]`	`values()` Returns an array containing the constants of this enum type, in the order they are declared.

Methods inherited from class java.lang.Enum
clone, compareTo, equals, finalize, getDeclaringClass, hashCode, name, ordinal, toString, valueOf

Methods inherited from class java.lang.Object
getClass, notify, notifyAll, wait, wait, wait

- Enum Constant Detail
  - AUTH_CODE
```
public static final OAuth2FlowType AUTH_CODE
```
    The authorization code is obtained by using an authorization server as an intermediary between the client and resource owner. Instead of requesting authorization directly from the resource owner, the client directs the resource owner to an authorization server (via its user-agent as defined in [RFC2616]), which in turn directs the resource owner back to the client with the authorization code.
    Before directing the resource owner back to the client with the authorization code, the authorization server authenticates the resource owner and obtains authorization. Because the resource owner only authenticates with the authorization server, the resource owner's credentials are never shared with the client.
    The authorization code provides a few important security benefits, such as the ability to authenticate the client, as well as the transmission of the access token directly to the client without passing it through the resource owner's user-agent and potentially exposing it to others, including the resource owner.
  - IMPLICIT
```
public static final OAuth2FlowType IMPLICIT
```
    The implicit grant is a simplified authorization code flow optimized for clients implemented in a browser using a scripting language such as JavaScript. In the implicit flow, instead of issuing the client an authorization code, the client is issued an access token directly (as the result of the resource owner authorization). The grant type is implicit, as no intermediate credentials (such as an authorization code) are issued (and later used to obtain an access token).
    When issuing an access token during the implicit grant flow, the authorization server does not authenticate the client. In some cases, the client identity can be verified via the redirection URI used to deliver the access token to the client. The access token may be exposed to the resource owner or other applications with access to the resource owner's user-agent.
    Implicit grants improve the responsiveness and efficiency of some clients (such as a client implemented as an in-browser application), since it reduces the number of round trips required to obtain an access token. However, this convenience should be weighed against the security implications of using implicit grants, especially when the authorization code grant type is available.
  - PASSWORD
```
public static final OAuth2FlowType PASSWORD
```
    The resource owner password credentials (i.e., username and password) can be used directly as an authorization grant to obtain an access token. The credentials should only be used when there is a high degree of trust between the resource owner and the client (e.g., the client is part of the device operating system or a highly privileged application), and when other authorization grant types are not available (such as an authorization code).
    Even though this grant type requires direct client access to the resource owner credentials, the resource owner credentials are used for a single request and are exchanged for an access token. This grant type can eliminate the need for the client to store the resource owner credentials for future use, by exchanging the credentials with a long-lived access token or refresh token.
  - CLIENT
```
public static final OAuth2FlowType CLIENT
```
    The client credentials (or other forms of client authentication) can be used as an authorization grant when the authorization scope is limited to the protected resources under the control of the client, or to protected resources previously arranged with the authorization server. Client credentials are used as an authorization grant typically when the client is acting on its own behalf (the client is also the resource owner) or is requesting access to protected resources based on an authorization previously arranged with the authorization server.
  - AUTH_JWT
```
public static final OAuth2FlowType AUTH_JWT
```
    RFC7523: JSON Web Token Bearer Token as a means for requesting an OAuth 2.0 access token as well as for client authentication.
  - AAD_OBO
```
public static final OAuth2FlowType AAD_OBO
```
    Extension OAuth2 flows to perform JSON Web Token Bearer Token authentication "On-Behalf-Of an existing user.
- Method Detail
  - values
```
public static OAuth2FlowType[] values()
```
    Returns an array containing the constants of this enum type, in the order they are declared. This method may be used to iterate over the constants as follows:
```
for (OAuth2FlowType c : OAuth2FlowType.values())
    System.out.println(c);
```
    Returns:
    
    an array containing the constants of this enum type, in the order they are declared
  - valueOf
```
public static OAuth2FlowType valueOf(String name)
```
    Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)
    
    Parameters:
    
    name - the name of the enum constant to be returned.
    
    Returns:
    
    the enum constant with the specified name
    
    Throws:
    
    IllegalArgumentException - if this enum type has no constant with the specified name
    
    NullPointerException - if the argument is null
  - getGrantType
```
public String getGrantType()
```
  - getFlow
```
public static OAuth2FlowType getFlow(String grantType)
```

Enum OAuth2FlowType

Enum Constant Summary

Method Summary

Methods inherited from class java.lang.Enum

Methods inherited from class java.lang.Object

Enum Constant Detail

AUTH_CODE

IMPLICIT

PASSWORD

CLIENT

AUTH_JWT

AAD_OBO

Method Detail

values

valueOf

getGrantType

getFlow