getResourceOauth2Token method

Future<GetResourceOauth2TokenResponse> getResourceOauth2Token({ required Oauth2FlowType oauth2Flow, required String resourceCredentialProviderName, required List<String> scopes, required String workloadIdentityToken, List<String>? audiences, Map<String, String>? customParameters, String? customState, bool? forceAuthentication, String? resourceOauth2ReturnUrl, List<String>? resources, String? sessionUri, })

Returns the OAuth 2.0 token of the provided resource.

May throw AccessDeniedException. May throw InternalServerException. May throw ResourceNotFoundException. May throw ThrottlingException. May throw UnauthorizedException. May throw ValidationException.

Parameter oauth2Flow : The type of flow to be performed.

Parameter resourceCredentialProviderName : The name of the resource's credential provider.

Parameter scopes : The OAuth scopes being requested.

Parameter workloadIdentityToken : The identity token of the workload from which you want to retrieve the OAuth2 token.

Parameter audiences : The audiences to include in the token request. These are used to specify the intended recipients of the OAuth2 token.

Parameter customParameters : A map of custom parameters to include in the authorization request to the resource credential provider. These parameters are in addition to the standard OAuth 2.0 flow parameters, and will not override them.

Parameter customState : An opaque string that will be sent back to the callback URL provided in resourceOauth2ReturnUrl. This state should be used to protect the callback URL of your application against CSRF attacks by ensuring the response corresponds to the original request.

Parameter forceAuthentication : Indicates whether to always initiate a new three-legged OAuth (3LO) flow, regardless of any existing session.

Parameter resourceOauth2ReturnUrl : The callback URL to redirect to after the OAuth 2.0 token retrieval is complete. This URL must be one of the provided URLs configured for the workload identity.

Parameter resources : The resources to include in the token request. These are used to specify the target resources for which the OAuth2 token is being requested.

Parameter sessionUri : Unique identifier for the user's authentication session for retrieving OAuth2 tokens. This ID tracks the authorization flow state across multiple requests and responses during the OAuth2 authentication process.

Implementation

Future<GetResourceOauth2TokenResponse> getResourceOauth2Token({
  required Oauth2FlowType oauth2Flow,
  required String resourceCredentialProviderName,
  required List<String> scopes,
  required String workloadIdentityToken,
  List<String>? audiences,
  Map<String, String>? customParameters,
  String? customState,
  bool? forceAuthentication,
  String? resourceOauth2ReturnUrl,
  List<String>? resources,
  String? sessionUri,
}) async {
  final $payload = <String, dynamic>{
    'oauth2Flow': oauth2Flow.value,
    'resourceCredentialProviderName': resourceCredentialProviderName,
    'scopes': scopes,
    'workloadIdentityToken': workloadIdentityToken,
    if (audiences != null) 'audiences': audiences,
    if (customParameters != null) 'customParameters': customParameters,
    if (customState != null) 'customState': customState,
    if (forceAuthentication != null)
      'forceAuthentication': forceAuthentication,
    if (resourceOauth2ReturnUrl != null)
      'resourceOauth2ReturnUrl': resourceOauth2ReturnUrl,
    if (resources != null) 'resources': resources,
    if (sessionUri != null) 'sessionUri': sessionUri,
  };
  final response = await _protocol.send(
    payload: $payload,
    method: 'POST',
    requestUri: '/identities/oauth2/token',
    exceptionFnMap: _exceptionFns,
  );
  return GetResourceOauth2TokenResponse.fromJson(response);
}