public class IDTokenClaimsSet extends ClaimsSet
Example ID token claims set:
{ "iss" : "https://server.example.com", "sub" : "24400320", "aud" : "s6BhdRkqt3", "nonce" : "n-0S6_WzA2Mj", "exp" : 1311281970, "iat" : 1311280970, "auth_time" : 1311280969, "acr" : "urn:mace:incommon:iap:silver", "at_hash" : "MTIzNDU2Nzg5MDEyMzQ1Ng" }
Related specifications:
Modifier and Type | Field and Description |
---|---|
static String |
ACR_CLAIM_NAME
The ACR claim name.
|
static String |
AMR_CLAIM_NAME
The AMRs claim name.
|
static String |
AT_HASH_CLAIM_NAME
The access token hash claim name.
|
static String |
AUD_CLAIM_NAME
The audience claim name.
|
static String |
AUTH_TIME_CLAIM_NAME
The subject authentication time claim name.
|
static String |
AZP_CLAIM_NAME
The authorised party claim name.
|
static String |
C_HASH_CLAIM_NAME
The authorisation code hash claim name.
|
static String |
EXP_CLAIM_NAME
The expiration time claim name.
|
static String |
IAT_CLAIM_NAME
The issue time claim name.
|
static String |
ISS_CLAIM_NAME
The issuer claim name.
|
static String |
NONCE_CLAIM_NAME
The nonce claim name.
|
static String |
SUB_CLAIM_NAME
The subject claim name.
|
static String |
SUB_JWK_CLAIM_NAME
The subject JWK claim name.
|
Constructor and Description |
---|
IDTokenClaimsSet(Issuer iss,
Subject sub,
List<Audience> aud,
Date exp,
Date iat)
Creates a new minimal ID token claims set.
|
IDTokenClaimsSet(com.nimbusds.jwt.ReadOnlyJWTClaimsSet jwtClaimsSet)
Creates a new ID token claims set from the specified JSON Web Token
(JWT) claims set.
|
Modifier and Type | Method and Description |
---|---|
AccessTokenHash |
getAccessTokenHash()
Gets the access token hash.
|
ACR |
getACR()
Gets the Authentication Context Class Reference (ACR).
|
List<AMR> |
getAMR()
Gets the Authentication Methods References (AMRs).
|
List<Audience> |
getAudience()
Gets the ID token audience.
|
Date |
getAuthenticationTime()
Gets the subject authentication time.
|
AuthorizedParty |
getAuthorizedParty()
Gets the authorised party for the ID token.
|
CodeHash |
getCodeHash()
Gets the authorisation code hash.
|
Date |
getExpirationTime()
Gets the ID token expiration time.
|
Issuer |
getIssuer()
Gets the ID token issuer.
|
Date |
getIssueTime()
Gets the ID token issue time.
|
Nonce |
getNonce()
Gets the ID token nonce.
|
static Set<String> |
getStandardClaimNames()
Gets the names of the standard top-level ID token claims.
|
Subject |
getSubject()
Gets the ID token subject.
|
com.nimbusds.jose.jwk.JWK |
getSubjectJWK()
Gets the subject's JSON Web Key (JWK) for a self-issued OpenID
Connect provider.
|
boolean |
hasRequiredClaims(ResponseType rt)
Checks if this ID token claims set contains all required claims for
the specified OpenID Connect response type.
|
static IDTokenClaimsSet |
parse(String json)
Parses an ID token claims set from the specified JSON object string.
|
void |
setAccessTokenHash(AccessTokenHash atHash)
Sets the access token hash.
|
void |
setACR(ACR acr)
Sets the Authentication Context Class Reference (ACR).
|
void |
setAMR(List<AMR> amr)
Sets the Authentication Methods References (AMRs).
|
void |
setAuthenticationTime(Date authTime)
Sets the subject authentication time.
|
void |
setAuthorizedParty(AuthorizedParty azp)
Sets the authorised party for the ID token.
|
void |
setCodeHash(CodeHash cHash)
Sets the authorisation code hash.
|
void |
setNonce(Nonce nonce)
Sets the ID token nonce.
|
void |
setSubjectJWK(com.nimbusds.jose.jwk.JWK subJWK)
Sets the subject's JSON Web Key (JWK) for a self-issued OpenID
Connect provider.
|
getBooleanClaim, getClaim, getClaim, getDateClaim, getEmailClaim, getLangTaggedClaim, getNumberClaim, getStringClaim, getStringClaim, getStringListClaim, getURIClaim, getURLClaim, putAll, setClaim, setClaim, setDateClaim, setEmailClaim, setURIClaim, setURLClaim, toJSONObject, toJWTClaimsSet
public static final String ISS_CLAIM_NAME
public static final String SUB_CLAIM_NAME
public static final String AUD_CLAIM_NAME
public static final String EXP_CLAIM_NAME
public static final String IAT_CLAIM_NAME
public static final String AUTH_TIME_CLAIM_NAME
public static final String NONCE_CLAIM_NAME
public static final String AT_HASH_CLAIM_NAME
public static final String C_HASH_CLAIM_NAME
public static final String ACR_CLAIM_NAME
public static final String AMR_CLAIM_NAME
public static final String AZP_CLAIM_NAME
public static final String SUB_JWK_CLAIM_NAME
public IDTokenClaimsSet(Issuer iss, Subject sub, List<Audience> aud, Date exp, Date iat)
iss
- The issuer. Must not be null
.sub
- The subject. Must not be null
.aud
- The audience. Must not be null
.exp
- The expiration time. Must not be null
.iat
- The issue time. Must not be null
.public IDTokenClaimsSet(com.nimbusds.jwt.ReadOnlyJWTClaimsSet jwtClaimsSet) throws ParseException
jwtClaimsSet
- The JWT claims set. Must not be null
.ParseException
- If the JSON object doesn't contain the
minimally required issuer iss
,
subject sub
, audience list
aud
, expiration date exp
and
issue date iat
claims.public static Set<String> getStandardClaimNames()
public boolean hasRequiredClaims(ResponseType rt)
rt
- The OpenID Connect response type. Must not be
null
.true
if the required claims are contained, else
false
.public Issuer getIssuer()
iss
claim.public Subject getSubject()
sub
claim.public List<Audience> getAudience()
aud
claim.public Date getExpirationTime()
exp
claim.public Date getIssueTime()
iss
claim.public Date getAuthenticationTime()
auth_time
claim.null
if not specified or
parsing failed.public void setAuthenticationTime(Date authTime)
auth_time
claim.authTime
- The authentication time, null
if not
specified.public Nonce getNonce()
nonce
claim.null
if not specified or parsing failed.public void setNonce(Nonce nonce)
nonce
claim.nonce
- The nonce, null
if not specified.public AccessTokenHash getAccessTokenHash()
at_hash
claim.null
if not specified or
parsing failed.public void setAccessTokenHash(AccessTokenHash atHash)
at_hash
claim.atHash
- The access token hash, null
if not specified.public CodeHash getCodeHash()
c_hash
claim.null
if not specified
or parsing failed.public void setCodeHash(CodeHash cHash)
c_hash
claim.cHash
- The authorisation code hash, null
if not
specified.public ACR getACR()
acr
claim.null
if not specified or parsing failed.public void setACR(ACR acr)
acr
claim.acr
- The Authentication Context Class Reference (ACR),
null
if not specified.public List<AMR> getAMR()
amr
claim.null
if not specified or parsing failed.public void setAMR(List<AMR> amr)
amr
claim.amr
- The Authentication Methods Reference (AMR) list,
null
if not specified.public AuthorizedParty getAuthorizedParty()
azp
claim.null
if not specified or
parsing failed.public void setAuthorizedParty(AuthorizedParty azp)
azp
claim.azp
- The authorised party, null
if not specified.public com.nimbusds.jose.jwk.JWK getSubjectJWK()
sub_jwk
claim.null
if not specified or parsing
failed.public void setSubjectJWK(com.nimbusds.jose.jwk.JWK subJWK)
sub_jwk
claim.subJWK
- The subject's JWK (must be public), null
if
not specified.public static IDTokenClaimsSet parse(String json) throws ParseException
json
- The JSON object string to parse. Must not be
null
.ParseException
- If parsing failed.Copyright © 2015 Connect2id Ltd.. All Rights Reserved.