Class AuthenticationSuccessResponse

  • All Implemented Interfaces:
    Message, Response, SuccessResponse, AuthenticationResponse

    @Immutable
    public class AuthenticationSuccessResponse
    extends AuthorizationSuccessResponse
    implements AuthenticationResponse
    OpenID Connect authentication success response. Used to return an authorisation code, access token and / or ID Token at the Authorisation endpoint.

    Example HTTP response with code and ID Token (code flow):

     HTTP/1.1 302 Found
     Location: https://client.example.org/cb#
     code=Qcb0Orv1zh30vL1MPRsbm-diHiMwcLyZvn1arpZv-Jxf_11jnpEX3Tgfvk
     &id_token=eyJhbGciOiJSUzI1NiJ9.ew0KICAgICJpc3MiOiAiaHR0cDovL3Nlc
     nZlci5leGFtcGxlLmNvbSIsDQogICAgInVzZXJfaWQiOiAiMjQ4Mjg5NzYxMDAxI
     iwNCiAgICAiYXVkIjogInM2QmhkUmtxdDMiLA0KICAgICJub25jZSI6ICJuLTBTN
     l9XekEyTWoiLA0KICAgICJleHAiOiAxMzExMjgxOTcwLA0KICAgICJpYXQiOiAxM
     zExMjgwOTcwLA0KICAgICJjX2hhc2giOiAiTERrdEtkb1FhazNQazBjblh4Q2x0Q
     mdfckNfM1RLVWI5T0xrNWZLTzl1QSINCn0.D6JxCgpOwlyuK7DPRu5hFOIJRSRDT
     B7TQNRbOw9Vg9WroDi_XNzaqXCFSDH_YqcE-CBhoxD-Iq4eQL4E2jIjil47u7i68
     Nheev7d8AJk4wfRimgpDhQX5K8YyGDWrTs7bhsMTPAPVa9bLIBndDZ2mEdmPcmR9
     mXcwJI3IGF9JOaStYXJXMYWUMCmQARZEKG9JxIYPZNhFsqKe4TYQEmrq2s_HHQwk
     XCGAmLBdptHY-Zx277qtidojQQFXzbD2Ak1ONT5sFjy3yxPnE87pNVtOEST5GJac
     O1O88gmvmjNayu1-f5mr5Uc70QC6DjlKem3cUN5kudAQ4sLvFkUr8gkIQ
     

    Related specifications:

    • OpenID Connect Core 1.0, section 3.1.2.5, 3.1.2.6, 3.2.2.5, 3.2.2.6, 3.3.2.5 and 3.3.2.6
    • OpenID Connect Session Management 1.0 - draft 23, section 3
    • OAuth 2.0 (RFC 6749), section 3.1
    • OAuth 2.0 Multiple Response Type Encoding Practices 1.0
    • OAuth 2.0 Form Post Response Mode 1.0
    • Financial-grade API: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM)
    • OAuth 2.0 Authorization Server Issuer Identification (RFC 9207)
    • Constructor Detail

      • AuthenticationSuccessResponse

        public AuthenticationSuccessResponse​(URI redirectURI,
                                             AuthorizationCode code,
                                             com.nimbusds.jwt.JWT idToken,
                                             AccessToken accessToken,
                                             State state,
                                             State sessionState,
                                             ResponseMode rm)
        Creates a new OpenID Connect authentication success response.
        Parameters:
        redirectURI - The requested redirection URI. Must not be null.
        code - The authorisation code, null if not requested.
        idToken - The ID token (ready for output), null if not requested.
        accessToken - The UserInfo access token, null if not requested.
        state - The state, null if not requested.
        sessionState - The session state, null if session management is not supported.
        rm - The response mode, null if not specified.
      • AuthenticationSuccessResponse

        public AuthenticationSuccessResponse​(URI redirectURI,
                                             AuthorizationCode code,
                                             com.nimbusds.jwt.JWT idToken,
                                             AccessToken accessToken,
                                             State state,
                                             State sessionState,
                                             Issuer issuer,
                                             ResponseMode rm)
        Creates a new OpenID Connect authentication success response.
        Parameters:
        redirectURI - The requested redirection URI. Must not be null.
        code - The authorisation code, null if not requested.
        idToken - The ID token (ready for output), null if not requested.
        accessToken - The UserInfo access token, null if not requested.
        state - The state, null if not requested.
        sessionState - The session state, null if session management is not supported.
        rm - The response mode, null if not specified.
      • AuthenticationSuccessResponse

        public AuthenticationSuccessResponse​(URI redirectURI,
                                             com.nimbusds.jwt.JWT jwtResponse,
                                             ResponseMode rm)
        Creates a new JSON Web Token (JWT) secured OpenID Connect authentication success response.
        Parameters:
        redirectURI - The requested redirection URI. Must not be null.
        jwtResponse - The JWT-secured response. Must not be null.
        rm - The response mode, null if not specified.