Interface AccessTokenAuthorization
-
- All Known Implementing Classes:
MutableAccessTokenAuthorization
public interface AccessTokenAuthorization
Access token authorisation.
-
-
Method Summary
All Methods Instance Methods Abstract Methods Default Methods Modifier and Type Method Description com.nimbusds.oauth2.sdk.id.Actor
getActor()
Returns the access token actor, in impersonation and delegation scenarios.List<com.nimbusds.oauth2.sdk.id.Audience>
getAudienceList()
Returns the audience list of the access token, which may be the logical names of the intended resource servers.Set<String>
getClaimNames()
Returns the names of the consented OpenID claims to be accessed at the UserInfo endpoint.default net.minidev.json.JSONObject
getClaimsData()
Returns the optional claims fulfillment data.List<com.nimbusds.langtag.LangTag>
getClaimsLocales()
Returns the preferred locales for the consented OpenID claims.com.nimbusds.oauth2.sdk.auth.X509CertificateConfirmation
getClientCertificateConfirmation()
Returns the client X.509 certificate confirmation (SHA-256 thumbprint) for mutual TLS.com.nimbusds.oauth2.sdk.id.ClientID
getClientID()
Returns the identifier of the client to which the access token is issued.net.minidev.json.JSONObject
getData()
Returns the optional data for the access token.Instant
getExpirationTime()
Returns the expiration time of the access token.com.nimbusds.oauth2.sdk.id.Issuer
getIssuer()
Returns the issuer of the access token.Instant
getIssueTime()
Returns the issue time of the access token.default com.nimbusds.oauth2.sdk.dpop.JWKThumbprintConfirmation
getJWKThumbprintConfirmation()
Returns the JWK SHA-256 thumbprint confirmation for DPoP.com.nimbusds.oauth2.sdk.id.JWTID
getJWTID()
Returns the JSON Web Token (JWT) identifier of the access token.default com.nimbusds.oauth2.sdk.id.Subject
getLocalSubject()
Returns the access token local subject.default Map<String,Object>
getOtherTopLevelParameters()
Returns a map of other top-level parameters.net.minidev.json.JSONObject
getPresetClaims()
Returns the preset OpenID claims to be included in the UserInfo response.com.nimbusds.oauth2.sdk.Scope
getScope()
Returns the scope of the access token.com.nimbusds.oauth2.sdk.id.Subject
getSubject()
Returns the access token subject.default com.nimbusds.openid.connect.sdk.SubjectType
getSubjectType()
Returns the access token subject type.
-
-
-
Method Detail
-
getSubject
com.nimbusds.oauth2.sdk.id.Subject getSubject()
Returns the access token subject.- Returns:
- The subject,
null
if not specified.
-
getActor
com.nimbusds.oauth2.sdk.id.Actor getActor()
Returns the access token actor, in impersonation and delegation scenarios.- Returns:
- The actor,
null
if not specified.
-
getClientID
com.nimbusds.oauth2.sdk.id.ClientID getClientID()
Returns the identifier of the client to which the access token is issued.- Returns:
- The client identifier,
null
if not specified.
-
getScope
com.nimbusds.oauth2.sdk.Scope getScope()
Returns the scope of the access token.- Returns:
- The scope,
null
if not specified.
-
getExpirationTime
Instant getExpirationTime()
Returns the expiration time of the access token.- Returns:
- The expiration time,
null
if not specified.
-
getIssueTime
Instant getIssueTime()
Returns the issue time of the access token.- Returns:
- The issue time,
null
if not specified.
-
getIssuer
com.nimbusds.oauth2.sdk.id.Issuer getIssuer()
Returns the issuer of the access token.- Returns:
- The issuer,
null
if not specified.
-
getAudienceList
List<com.nimbusds.oauth2.sdk.id.Audience> getAudienceList()
Returns the audience list of the access token, which may be the logical names of the intended resource servers.- Returns:
- The audience list,
null
if not specified.
-
getSubjectType
default com.nimbusds.openid.connect.sdk.SubjectType getSubjectType()
Returns the access token subject type.- Returns:
- The subject type,
null
if not specified (may implypublic
).
-
getLocalSubject
default com.nimbusds.oauth2.sdk.id.Subject getLocalSubject()
Returns the access token local subject. Equals thegetSubject()
value unless thesubject type
is pairwise.Use this method if there is a need to get the local (system) subject for an access token which subject was made pairwise for its audience (resource server).
Note, an access token which subject is made pairwise must not have its local subject exposed in introspection responses intended for the token audience!
- Returns:
- The local subject,
null
if not specified or for a pairwisesubject type
that couldn't be reversed.
-
getJWTID
com.nimbusds.oauth2.sdk.id.JWTID getJWTID()
Returns the JSON Web Token (JWT) identifier of the access token.- Returns:
- The JWT ID,
null
if not specified or applicable.
-
getClaimNames
Set<String> getClaimNames()
Returns the names of the consented OpenID claims to be accessed at the UserInfo endpoint.- Returns:
- The claim names,
null
if not specified.
-
getClaimsLocales
List<com.nimbusds.langtag.LangTag> getClaimsLocales()
Returns the preferred locales for the consented OpenID claims.- Returns:
- The preferred claims locales,
null
if not specified.
-
getPresetClaims
net.minidev.json.JSONObject getPresetClaims()
Returns the preset OpenID claims to be included in the UserInfo response.- Returns:
- The preset OpenID claims,
null
if not specified.
-
getData
net.minidev.json.JSONObject getData()
Returns the optional data for the access token.- Returns:
- The optional data, represented as a JSON object,
null
if not specified.
-
getClientCertificateConfirmation
com.nimbusds.oauth2.sdk.auth.X509CertificateConfirmation getClientCertificateConfirmation()
Returns the client X.509 certificate confirmation (SHA-256 thumbprint) for mutual TLS.- Returns:
- The client X.509 certificate confirmation,
null
if none.
-
getJWKThumbprintConfirmation
default com.nimbusds.oauth2.sdk.dpop.JWKThumbprintConfirmation getJWKThumbprintConfirmation()
Returns the JWK SHA-256 thumbprint confirmation for DPoP.- Returns:
- The JWK thumbprint confirmation,
null
if none.
-
getOtherTopLevelParameters
default Map<String,Object> getOtherTopLevelParameters()
Returns a map of other top-level parameters.- Returns:
- Other top-level parameters, the values should map to JSON
entities,
null
if none.
-
getClaimsData
default net.minidev.json.JSONObject getClaimsData()
Returns the optional claims fulfillment data.- Returns:
- The claims fulfillment data,
null
if not specified.
-
-