001/* 002 * oauth2-oidc-sdk 003 * 004 * Copyright 2012-2016, Connect2id Ltd and contributors. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.openid.connect.sdk.claims; 019 020 021import net.jcip.annotations.Immutable; 022 023import com.nimbusds.oauth2.sdk.id.Identifier; 024 025 026/** 027 * Authentication Method Reference ({@code amr}). It identifies the method 028 * used in authentication. 029 * 030 * <p>The AMR is represented by a string or an URI string. 031 * 032 * <p>Related specifications: 033 * 034 * <ul> 035 * <li>OpenID Connect Core 1.0, section 2. 036 * </ul> 037 */ 038@Immutable 039public final class AMR extends Identifier { 040 041 042 /** 043 * Retina scan biometric. 044 */ 045 public static final AMR EYE = new AMR("eye"); 046 047 048 /** 049 * Fingerprint biometric. 050 */ 051 public static final AMR FPT = new AMR("fpt"); 052 053 054 /** 055 * Knowledge-based authentication (see NIST.800-63-2). 056 */ 057 public static final AMR KBA = new AMR("kba"); 058 059 060 /** 061 * Multiple-channel authentication. The authentication involves 062 * communication over more than one distinct channel. 063 */ 064 public static final AMR MCA = new AMR("mca"); 065 066 067 /** 068 * Multiple-factor authentication (see NIST.800-63-2). When this is 069 * present, specific authentication methods used may also be included. 070 */ 071 public static final AMR MFA = new AMR("mfa"); 072 073 074 /** 075 * One-time password. One-time password specifications that this 076 * authentication method applies to include RFC 4226 and RFC 6238. 077 */ 078 public static final AMR OTP = new AMR("otp"); 079 080 081 /** 082 * Proof-of-possession (PoP) of a key. See Appendix C of RFC 4211 for a 083 * discussion on PoP. 084 */ 085 public static final AMR POP = new AMR("pop"); 086 087 088 /** 089 * Password-based authentication. 090 */ 091 public static final AMR PWD = new AMR("pwd"); 092 093 094 /** 095 * Risk-based authentication. See <a href="http://utica.edu/academic/institutes/ecii/publications/articles/51D6D996-90F2-F468-AC09C4E8071575AE.pdf">Enhanced 096 * Authentication In Online Banking</a>, Journal of Economic Crime 097 * Management 4.2: 18-19, 2006. 098 */ 099 public static final AMR RBA = new AMR("rba"); 100 101 102 /** 103 * Smart card. 104 */ 105 public static final AMR SC = new AMR("sc"); 106 107 108 /** 109 * Confirmation by SMS reply. 110 */ 111 public static final AMR SMS = new AMR("sms"); 112 113 114 /** 115 * Confirmation by telephone call. 116 */ 117 public static final AMR TEL = new AMR("tel"); 118 119 120 /** 121 * User presence test. 122 */ 123 public static final AMR USER = new AMR("user"); 124 125 126 /** 127 * Voice biometric. 128 */ 129 public static final AMR VBM = new AMR("vbm"); 130 131 132 /** 133 * Windows integrated authentication. See 134 * <a href="http://blogs.msdn.com/b/benjaminperkins/archive/2011/09/14/iis-integrated-windows-authentication-with-negotiate.aspx">Integrated 135 * Windows Authentication with Negotiate</a>, September 2011. 136 */ 137 public static final AMR WIA = new AMR("wia"); 138 139 140 141 /** 142 * Creates a new Authentication Method Reference (AMR) with the 143 * specified value. 144 * 145 * @param value The AMR value. Must not be {@code null}. 146 */ 147 public AMR(final String value) { 148 149 super(value); 150 } 151 152 153 @Override 154 public boolean equals(final Object object) { 155 156 return object instanceof AMR && 157 this.toString().equals(object.toString()); 158 } 159}