Differences between the OAuthMappingExtUtils classes and traditional Verify Access OAuthMappingExtUtils classes

Input argument and return value type differences

1. List type

IBM Security Verify Access OIDC Provider uses a JS array instead of the java.util.List that is used in IBM Security Verify Access.

• Input argument: Use a JavaScript array to create the variable.

  JavaScript

  OAuthMappingExtUtils.batchDelete("asaa282-sa248834-bed72aa", ["attr1", "attr2"]);
  

• Return value: Access the return values as a JavaScript array.

  JavaScript

  let keys = OAuthMappingExtUtils.getAssociationKeys("asaa282-sa248834-bed72aa");
  if (keys != null) {
      for (let i = 0; i < keys.length; i++) {
          let key = keys[i];
          // Do something...
      }
  }
  

2. Map type

IBM Security Verify Access OIDC Provider uses a JS object is used instead of java.util.Map that is used in IBM Security Verify Access.

• Input argument: Use JavaScript object to create the variable.

  JavaScript

  var attrs = {
      "given_name": "John",
      "family_name": "Smith",
      "age": "25"
  }
  var createErr = OAuthMappingExtUtils.batchCreate("asaa282-sa248834-bed72aa", attrs);
  if (createErr != null) {
   // handle error
  }
  

• Return value: Access the return values as a JavaScript Object

  JavaScript

  var associations = OAuthMappingExtUtils.retrieveAllAssociations("asaa282-sa248834-bed72aa");
  if (associations != null) {
      for(let key of Object.keys(associations)) {
          let value = associations[key]
          // do something
      }
  }
  

API differences

1. OAuthMappingExtUtils vs com.tivoli.am.fim.trustserver.sts.utilities.OAuthMappingExtUtils

• Constructors: Not applicable
• Supported methods:
  • associate
    • associate(java.lang.String stateID, java.lang.String attrKey, java.lang.String attrValue) is supported.
    • associate(java.lang.String stateID, java.lang.String attrKey, java.lang.String attrValue, boolean sensitive, boolean readonly) is NOT supported.
  • disassociate
  • getAssociation
  • getAssociationKeys: Refer to Input Argument and Return Value Type Differences for return type differences
  • retrieveAllAssociations: Refer to Input Argument and Return Value Type Differences for return type differences
  • batchCreate: Refer to Input Argument and Return Value Type Differences for input argument type differences
  • batchUpdate: Refer to Input Argument and Return Value Type Differences for input argument type differences
  • batchDelete
  • throwSTSException
  • throwSTSUserMessageException
  • throwSTSCustomUserPageException
  • throwSTSCustomUserMessageException
  • throwSTSInvalidGrantMessageException
  • throwSTSAccessDeniedMessageException
• Unsupported methods:
  • createClient
  • createTokenElement
  • deleteAllTokensForUser
  • deleteClient
  • deleteGrant
  • deleteHashedToken
  • deleteToken
  • deleteTokens
  • extractIssuer
  • generateRandomString
  • getActiveToken
  • getActiveTokens
  • getAllActiveTokensForUser
  • getAllTokensForUser
  • getCertificateChain
  • getCertificateThumbprint
  • getCertificateThumbprint_S256
  • getClient
  • getClientsByCompanyName
  • getClientsByContactPerson
  • getClientsByEmail
  • getDefinition
  • getDefinitionByID
  • getEmptyMap
  • getGrants
  • getToken
  • getTokens
  • httpGet
  • httpPost
  • isFapiCompliantByDefinitionID
  • isOidcCompliantByDefinitionID
  • parseSTSUUToJson
  • retrieveActor
  • retrieveAllAssociations
  • SHA256Sum
  • SHA384Sum
  • SHA512Sum
  • storeJwtActor
  • updateClient
  • updateToken