Package com.nimbusds.openid.connect.sdk.claims

Class ACR

java.lang.Object

com.nimbusds.oauth2.sdk.id.Identifier

com.nimbusds.openid.connect.sdk.claims.ACR

All Implemented Interfaces:

Serializable, Comparable<Identifier>, net.minidev.json.JSONAware

@Immutable
public final class ACR
extends Identifier

Authentication Context Class Reference (acr). It identifies the authentication context, i.e. the information that the relying party may require before it makes an entitlements decision with respect to an authentication response. Such context may include, but is not limited to, the actual authentication method used or level of assurance such as ITU-T X.1254 | ISO/IEC 29115 entity authentication assurance level.

The ACR is represented by a string or a URI string.

Related specifications:

• OpenID Connect Core 1.0
• OpenID Connect Extended Authentication Profile (EAP) ACR Values 1.0
• RFC 6711
• See ISO/IEC DIS 29115

See Also:

• Serialized Form

Field Summary

Fields

Modifier and Type	Field	Description
static final ACR	PHR	Phishing-Resistant.
static final ACR	PHRH	Phishing-Resistant Hardware-Protected.

Fields inherited from class com.nimbusds.oauth2.sdk.id.Identifier

DEFAULT_BYTE_LENGTH, secureRandom

Constructor Summary

Constructors

Constructor	Description
ACR(String value)	Creates a new Authentication Context Class Reference (ACR) with the specified value.

Method Summary

Modifier and Type	Method	Description
boolean	equals(Object object)

Methods inherited from class com.nimbusds.oauth2.sdk.id.Identifier

compareTo, getValue, hashCode, toJSONString, toString, toStringList

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Details

PHR

public static final ACR PHR

Phishing-Resistant. An authentication mechanism where a party potentially under the control of the Relying Party cannot gain sufficient information to be able to successfully authenticate to the End User's OpenID Provider as if that party were the End User. (Note that the potentially malicious Relying Party controls where the User-Agent is redirected to and thus may not send it to the End User's actual OpenID Provider). NOTE: These semantics are the same as those specified in [OpenID.PAPE].

PHRH

public static final ACR PHRH

Phishing-Resistant Hardware-Protected. An authentication mechanism meeting the requirements for phishing-resistant PHR authentication in which additionally information needed to be able to successfully authenticate to the End User's OpenID Provider as if that party were the End User is held in a hardware-protected device or component.

Constructor Details

ACR

public ACR(String value)

Creates a new Authentication Context Class Reference (ACR) with the specified value.

Parameters:

value - The ACR value. Must not be null.

Method Details

equals

public boolean equals(Object object)

Overrides:

equals in class Identifier