@ThreadSafe public class OIDCAuthorizationRequestResolver extends Object
request
parameter, or by URL using the
request_uri
parameter.
To process signed (JWS) and optionally encrypted (JWE) request object
JWTs a JWT decoder
for the expected JWS / JWE algorithms must be provided at construction time.
To fetch OpenID Connect request objects specified by URL a
JWT retriever
must be provided, otherwise only inlined request objects can be processed.
This class is thread-safe.
Related specifications:
Constructor and Description |
---|
OIDCAuthorizationRequestResolver()
Creates a new minimal OpenID Connect authorisation request resolver.
|
OIDCAuthorizationRequestResolver(JWTDecoder jwtDecoder)
Creates a new OpenID Connect authorisation request resolver that
supports OpenID Connect request objects passed by value (using the
authorisation
request parameter). |
OIDCAuthorizationRequestResolver(JWTDecoder jwtDecoder,
ResourceRetriever jwtRetriever)
Creates a new OpenID Connect request object resolver that supports
OpenID Connect request objects passed by value (using the
authorisation
request parameter) or by reference (using the
authorisation request_uri parameter). |
Modifier and Type | Method and Description |
---|---|
JWTDecoder |
getJWTDecoder()
Gets the JWT decoder.
|
ResourceRetriever |
getJWTRetriever()
Gets the JWT retriever.
|
static Map<String,String> |
reformatClaims(com.nimbusds.jwt.ReadOnlyJWTClaimsSet claimsSet)
Reformats the specified JWT claims set to a
java.util.Map<String,String> instance. |
OIDCAuthorizationRequest |
resolve(OIDCAuthorizationRequest request)
Resolves the specified OpenID Connect authorisation request by
superseding its parameters with those found in the optional OpenID
Connect request object (if any).
|
public OIDCAuthorizationRequestResolver()
ResolveException
if the authorisation request includes a
request
or request_uri
parameter.public OIDCAuthorizationRequestResolver(JWTDecoder jwtDecoder)
request
parameter). It will throw a
ResolveException
if the authorisation request includes a
request_uri
parameter.jwtDecoder
- A configured JWT decoder providing JWS validation
and optional JWE decryption of the request
objects. Must not be null
.public OIDCAuthorizationRequestResolver(JWTDecoder jwtDecoder, ResourceRetriever jwtRetriever)
request
parameter) or by reference (using the
authorisation request_uri
parameter).jwtDecoder
- A configured JWT decoder providing JWS
validation and optional JWE decryption of the
request objects. Must not be null
.jwtRetriever
- A configured JWT retriever for OpenID Connect
request objects passed by URL. Must not be
null
.public JWTDecoder getJWTDecoder()
null
if not specified.public ResourceRetriever getJWTRetriever()
null
if not specified.public static Map<String,String> reformatClaims(com.nimbusds.jwt.ReadOnlyJWTClaimsSet claimsSet) throws ResolveException
java.util.Map<String,String>
instance.claimsSet
- The JWT claims set to reformat. Must not be
null
.ResolveException
- If reformatting of the JWT claims set
failed.public OIDCAuthorizationRequest resolve(OIDCAuthorizationRequest request) throws ResolveException
request
- The OpenID Connect authorisation request. Must not be
null
.ResolveException
- If the request couldn't be resolved.Copyright © 2013 NimbusDS. All Rights Reserved.