Interface AccessTokenAuthorization
-
- All Known Implementing Classes:
MutableAccessTokenAuthorization
public interface AccessTokenAuthorization
Access token authorisation.
-
-
Method Summary
All Methods Instance Methods Abstract Methods Default Methods Modifier and Type Method Description @Nullable com.nimbusds.oauth2.sdk.id.Actor
getActor()
Returns the access token actor, in impersonation and delegation scenarios.@Nullable List<com.nimbusds.oauth2.sdk.id.Audience>
getAudienceList()
Returns the audience list of the access token, which may be the logical names of the intended resource servers.@Nullable Set<String>
getClaimNames()
Returns the names of the consented OpenID claims to be accessed at the UserInfo endpoint.default @Nullable net.minidev.json.JSONObject
getClaimsData()
Returns the optional OpenID claims fulfillment data.@Nullable List<com.nimbusds.langtag.LangTag>
getClaimsLocales()
Returns the preferred locales for the consented OpenID claims.@Nullable com.nimbusds.oauth2.sdk.auth.X509CertificateConfirmation
getClientCertificateConfirmation()
Returns the client X.509 certificate confirmation (SHA-256 thumbprint) for mutual TLS.@Nullable com.nimbusds.oauth2.sdk.id.ClientID
getClientID()
Returns the identifier of the client to which the access token is issued.@Nullable net.minidev.json.JSONObject
getData()
Returns the optional data for the access token.@Nullable Instant
getExpirationTime()
Returns the expiration time of the access token.@Nullable com.nimbusds.oauth2.sdk.id.Issuer
getIssuer()
Returns the issuer of the access token.@Nullable Instant
getIssueTime()
Returns the issue time of the access token.default @Nullable com.nimbusds.oauth2.sdk.dpop.JWKThumbprintConfirmation
getJWKThumbprintConfirmation()
Returns the JWK SHA-256 thumbprint confirmation for DPoP.@Nullable com.nimbusds.oauth2.sdk.id.JWTID
getJWTID()
Returns the JSON Web Token (JWT) identifier of the access token.default @Nullable com.nimbusds.oauth2.sdk.id.Subject
getLocalSubject()
Returns the access token local subject.default @Nullable Map<String,Object>
getOtherTopLevelParameters()
Returns a map of other top-level parameters.@Nullable net.minidev.json.JSONObject
getPresetClaims()
Returns the preset OpenID claims to be included in the UserInfo response.@Nullable com.nimbusds.oauth2.sdk.Scope
getScope()
Returns the scope of the access token.@Nullable com.nimbusds.oauth2.sdk.id.Subject
getSubject()
Returns the access token subject.default @Nullable com.nimbusds.openid.connect.sdk.SubjectType
getSubjectType()
Returns the access token subject type.
-
-
-
Method Detail
-
getSubject
@Nullable com.nimbusds.oauth2.sdk.id.Subject getSubject()
Returns the access token subject.- Returns:
- The subject,
null
if not specified.
-
getActor
@Nullable com.nimbusds.oauth2.sdk.id.Actor getActor()
Returns the access token actor, in impersonation and delegation scenarios.- Returns:
- The actor,
null
if not specified.
-
getClientID
@Nullable com.nimbusds.oauth2.sdk.id.ClientID getClientID()
Returns the identifier of the client to which the access token is issued.- Returns:
- The client identifier,
null
if not specified.
-
getScope
@Nullable com.nimbusds.oauth2.sdk.Scope getScope()
Returns the scope of the access token.- Returns:
- The scope,
null
if not specified.
-
getExpirationTime
@Nullable Instant getExpirationTime()
Returns the expiration time of the access token.- Returns:
- The expiration time,
null
if not specified.
-
getIssueTime
@Nullable Instant getIssueTime()
Returns the issue time of the access token.- Returns:
- The issue time,
null
if not specified.
-
getIssuer
@Nullable com.nimbusds.oauth2.sdk.id.Issuer getIssuer()
Returns the issuer of the access token.- Returns:
- The issuer,
null
if not specified.
-
getAudienceList
@Nullable List<com.nimbusds.oauth2.sdk.id.Audience> getAudienceList()
Returns the audience list of the access token, which may be the logical names of the intended resource servers.- Returns:
- The audience list,
null
if not specified.
-
getSubjectType
default @Nullable com.nimbusds.openid.connect.sdk.SubjectType getSubjectType()
Returns the access token subject type.- Returns:
- The subject type,
null
if not specified (may implypublic
).
-
getLocalSubject
default @Nullable com.nimbusds.oauth2.sdk.id.Subject getLocalSubject()
Returns the access token local subject. Equals thegetSubject()
value unless thesubject type
is pairwise.Use this method if there is a need to get the local (system) subject for an access token which subject was made pairwise for its audience (resource server).
Note, an access token which subject is made pairwise must not have its local subject exposed in introspection responses intended for the token audience!
- Returns:
- The local subject,
null
if not specified or for a pairwisesubject type
that couldn't be reversed.
-
getJWTID
@Nullable com.nimbusds.oauth2.sdk.id.JWTID getJWTID()
Returns the JSON Web Token (JWT) identifier of the access token.- Returns:
- The JWT ID,
null
if not specified or applicable.
-
getClaimNames
@Nullable Set<String> getClaimNames()
Returns the names of the consented OpenID claims to be accessed at the UserInfo endpoint.- Returns:
- The claim names,
null
if not specified.
-
getClaimsLocales
@Nullable List<com.nimbusds.langtag.LangTag> getClaimsLocales()
Returns the preferred locales for the consented OpenID claims.- Returns:
- The preferred claims locales,
null
if not specified.
-
getPresetClaims
@Nullable net.minidev.json.JSONObject getPresetClaims()
Returns the preset OpenID claims to be included in the UserInfo response.- Returns:
- The preset OpenID claims,
null
if not specified.
-
getData
@Nullable net.minidev.json.JSONObject getData()
Returns the optional data for the access token.- Returns:
- The optional data, represented as a JSON object,
null
if not specified.
-
getClientCertificateConfirmation
@Nullable com.nimbusds.oauth2.sdk.auth.X509CertificateConfirmation getClientCertificateConfirmation()
Returns the client X.509 certificate confirmation (SHA-256 thumbprint) for mutual TLS.- Returns:
- The client X.509 certificate confirmation,
null
if none.
-
getJWKThumbprintConfirmation
default @Nullable com.nimbusds.oauth2.sdk.dpop.JWKThumbprintConfirmation getJWKThumbprintConfirmation()
Returns the JWK SHA-256 thumbprint confirmation for DPoP.- Returns:
- The JWK thumbprint confirmation,
null
if none.
-
getOtherTopLevelParameters
default @Nullable Map<String,Object> getOtherTopLevelParameters()
Returns a map of other top-level parameters.- Returns:
- Other top-level parameters, the values should map to JSON
entities,
null
if none.
-
getClaimsData
default @Nullable net.minidev.json.JSONObject getClaimsData()
Returns the optional OpenID claims fulfillment data.- Returns:
- The OpenID claims fulfillment data,
null
if not specified.
-
-