OAuthBearerToken (kafka 2.8.1 API)

```
@Evolving
public interface OAuthBearerToken
```
The b64token value as defined in RFC 6750 Section 2.1 along with the token's specific scope and lifetime and principal name.
A network request would be required to re-hydrate an opaque token, and that could result in (for example) an IOException, but retrievers for various attributes (scope(), lifetimeMs(), etc.) declare no exceptions. Therefore, if a network request is required for any of these retriever methods, that request could be performed at construction time so that the various attributes can be reliably provided thereafter. For example, a constructor might declare throws IOException in such a case. Alternatively, the retrievers could throw unchecked exceptions.
This interface was introduced in 2.0.0 and, while it feels stable, it could evolve. We will try to evolve the API in a compatible manner (easier now that Java 7 and its lack of default methods doesn't have to be supported), but we reserve the right to make breaking changes in minor releases, if necessary. We will update the InterfaceStability annotation and this notice once the API is considered stable.

See Also:

RFC 6749 Section 1.4 and RFC 6750 Section 2.1

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method	Description
`long`	`lifetimeMs()`	The token's lifetime, expressed as the number of milliseconds since the epoch, as per RFC 6749 Section 1.4
`String`	`principalName()`	The name of the principal to which this credential applies
`Set<String>`	`scope()`	The token's scope of access, as per RFC 6749 Section 1.4
`Long`	`startTimeMs()`	When the credential became valid, in terms of the number of milliseconds since the epoch, if known, otherwise null.
`String`	`value()`	The `b64token` value as defined in RFC 6750 Section 2.1

- Method Detail
  - value
```
String value()
```
    The b64token value as defined in RFC 6750 Section 2.1
    
    Returns:
    
    b64token value as defined in RFC 6750 Section 2.1
  - scope
```
Set<String> scope()
```
    The token's scope of access, as per RFC 6749 Section 1.4
    
    Returns:
    
    the token's (always non-null but potentially empty) scope of access, as per RFC 6749 Section 1.4. Note that all values in the returned set will be trimmed of preceding and trailing whitespace, and the result will never contain the empty string.
  - lifetimeMs
```
long lifetimeMs()
```
    The token's lifetime, expressed as the number of milliseconds since the epoch, as per RFC 6749 Section 1.4
    
    Returns:
    
    the token'slifetime, expressed as the number of milliseconds since the epoch, as per RFC 6749 Section 1.4.
  - principalName
```
String principalName()
```
    The name of the principal to which this credential applies
    
    Returns:
    
    the always non-null/non-empty principal name
  - startTimeMs
```
Long startTimeMs()
```
    When the credential became valid, in terms of the number of milliseconds since the epoch, if known, otherwise null. An expiring credential may not necessarily indicate when it was created -- just when it expires -- so we need to support a null return value here.
    
    Returns:
    
    the time when the credential became valid, in terms of the number of milliseconds since the epoch, if known, otherwise null