Nimbus OAuth 2.0 SDK with OpenID Connect 1.0 extensions v11.12
This open source SDK is your starting point for developing OAuth 2.0 and OpenID Connect based applications in Java. Available under the terms of the Apache 2.0 license.
The implemented standards and drafts are listed in the SDK README.md.
Packages
Package
Description
Classes for representing, serialising and parsing core OAuth 2.0 concepts.
OAuth 2.0 Authorisation Server (AS) classes.
Common SAML 2.0 and JWT bearer assertion classes.
JWT bearer assertions.
SAML 2.0 bearer assertions.
Implementations of OAuth 2.0 client authentication methods at the Token
endpoint.
Client authentication verifier framework.
OpenID Connect Client Initiated Backchannel Authentication (CIBA) Flow -
Core 1.0 classes.
OAuth 2.0 dynamic client registration.
Confirmation classes.
OAuth 2.0 device authorisation grant classes.
OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)
utilities.
DPoP proof JWT verifiers for the token endpoint and protected resources.
HTTP message and utility classes.
Common OAuth 2.0 identifier and identity classes.
JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) utilities.
JavaScript Object Signing and Encryption (JOSE) utilities.
Proof Key for Code Exchange (PKCE) classes.
OAuth 2.0 Rich Authorization Request (RAR) classes.
OAuth 2.0 access and refresh token implementations.
OAuth 2.0 token exchange.
Common utility classes.
Date / time utilities.
Single use checker.
TLS / SSL utilities.
Classes for representing, serialising and parsing core OpenID Connect
concepts.
OpenID Connect for Identity Assurance 1.0 classes.
OpenID Connect for Identity Assurance 1.0 claims.
OpenID Connect for Identity Assurance 1.0 evidence classes.
OpenID Connect for Identity Assurance 1.0 evidence attachment classes.
OpenID Connect for Identity Assurance 1.0 request classes.
Claims and claim sets used in OpenID Connect.
OpenID Connect Federation 1.0 classes.
OpenID Connect Federation 1.0 API classes.
OpenID Connect Federation 1.0 entity configuration request and response
classes.
OpenID Connect Federation 1.0 entity classes.
OpenID Connect Federation 1.0 policy.
Interfaces and classes for the OpenID Connect Federation 1.0 policy
language.
OpenID Connect Federation 1.0 policy operations.
OpenID Connect Federation 1.0 explicit client registration.
OpenID Connect Federation 1.0 trust chains and resolution.
OpenID Connect Federation 1.0 trust chain constraints.
Federation trust marks.
OpenID Connect Federation 1.0 utilities.
Common OpenID Connect identifier and identity classes.
OpenID Connect Provider (OP) classes.
OpenID Connect Relying Party (RP) classes.
Software statement processing.
OpenID Connect token extensions.
Client-side OpenID Connect ID token, access token and authorisation code
validators.
Security event claims.