Package | Description |
---|---|
com.nimbusds.oauth2.sdk |
Classes for representing, serialising and parsing OAuth 2.0 client requests
and authorisation server responses.
|
com.nimbusds.oauth2.sdk.auth |
Implementations of OAuth 2.0 client authentication methods at the Token
endpoint.
|
com.nimbusds.oauth2.sdk.auth.verifier |
Client authentication verifier framework.
|
com.nimbusds.oauth2.sdk.client |
OAuth 2.0 dynamic client registration.
|
com.nimbusds.oauth2.sdk.jose.jwk |
JSON Web Key (JWK) utilities.
|
com.nimbusds.openid.connect.sdk |
Classes for representing, serialising and parsing OpenID Connect client
requests and server responses.
|
com.nimbusds.openid.connect.sdk.rp |
OpenID Connect Relying Party (RP) classes.
|
com.nimbusds.openid.connect.sdk.validators |
Client-side OpenID Connect ID token, access token and authorisation code
validators.
|
Modifier and Type | Method and Description |
---|---|
ClientID |
TokenIntrospectionSuccessResponse.getClientID()
Returns the identifier of the OAuth 2.0 client that requested the
token.
|
ClientID |
AbstractOptionallyIdentifiedRequest.getClientID()
Gets the client identifier (for a request from a public client or a
request without explicit client authentication).
|
ClientID |
GeneralException.getClientID()
Gets the associated client identifier.
|
ClientID |
AuthorizationRequest.getClientID()
Gets the client identifier.
|
Modifier and Type | Method and Description |
---|---|
TokenIntrospectionSuccessResponse.Builder |
TokenIntrospectionSuccessResponse.Builder.clientID(ClientID clientID)
Sets the identifier for the OAuth 2.0 client that requested
the token.
|
Constructor and Description |
---|
AbstractOptionallyIdentifiedRequest(URI uri,
ClientID clientID)
Creates a new abstract request with optional client identification.
|
AuthorizationRequest(URI uri,
ResponseType rt,
ClientID clientID)
Creates a new minimal authorisation request.
|
AuthorizationRequest(URI uri,
ResponseType rt,
ResponseMode rm,
ClientID clientID,
URI redirectURI,
Scope scope,
State state)
Creates a new authorisation request.
|
AuthorizationRequest(URI uri,
ResponseType rt,
ResponseMode rm,
ClientID clientID,
URI redirectURI,
Scope scope,
State state,
CodeChallenge codeChallenge,
CodeChallengeMethod codeChallengeMethod)
Creates a new authorisation request with PKCE support.
|
AuthorizationRequest(URI uri,
ResponseType rt,
ResponseMode rm,
ClientID clientID,
URI redirectURI,
Scope scope,
State state,
CodeChallenge codeChallenge,
CodeChallengeMethod codeChallengeMethod,
Map<String,String> customParams)
Creates a new authorisation request with PKCE support and additional
custom parameters.
|
Builder(ResponseType rt,
ClientID clientID)
Creates a new authorisation request builder.
|
GeneralException(String message,
ErrorObject error,
ClientID clientID,
URI redirectURI,
ResponseMode responseMode,
State state)
Creates a new general exception.
|
GeneralException(String message,
ErrorObject error,
ClientID clientID,
URI redirectURI,
ResponseMode responseMode,
State state,
Throwable cause)
Creates a new general exception.
|
ParseException(String message,
ErrorObject error,
ClientID clientID,
URI redirectURI,
ResponseMode responseMode,
State state)
Creates a new parse exception.
|
ParseException(String message,
ErrorObject error,
ClientID clientID,
URI redirectURI,
ResponseMode responseMode,
State state,
Throwable cause)
Creates a new parse exception.
|
TokenRequest(URI uri,
ClientID clientID,
AuthorizationGrant authzGrant)
Creates a new token request, with no explicit client authentication
(may be present in the grant depending on its type).
|
TokenRequest(URI uri,
ClientID clientID,
AuthorizationGrant authzGrant,
Scope scope)
Creates a new token request, with no explicit client authentication
(may be present in the grant depending on its type).
|
TokenRequest(URI uri,
ClientID clientID,
AuthorizationGrant authzGrant,
Scope scope,
Map<String,String> customParams)
Creates a new token request, with no explicit client authentication
(may be present in the grant depending on its type) and additional
custom parameters.
|
TokenRevocationRequest(URI uri,
ClientID clientID,
Token token)
Creates a new token revocation request for a public client.
|
Modifier and Type | Method and Description |
---|---|
ClientID |
JWTAuthenticationClaimsSet.getClientID()
Gets the client identifier.
|
ClientID |
ClientAuthentication.getClientID()
Gets the client identifier.
|
protected static ClientID |
JWTAuthentication.parseClientID(Map<String,String> params)
Parses the specified parameters map for an optional client
identifier.
|
Constructor and Description |
---|
ClientAuthentication(ClientAuthenticationMethod method,
ClientID clientID)
Creates a new abstract client authentication.
|
ClientSecretBasic(ClientID clientID,
Secret secret)
Creates a new client secret basic authentication.
|
ClientSecretJWT(ClientID clientID,
URI tokenEndpoint,
com.nimbusds.jose.JWSAlgorithm jwsAlgorithm,
Secret clientSecret)
Creates a new client secret JWT authentication.
|
ClientSecretPost(ClientID clientID,
Secret secret)
Creates a new client secret post authentication.
|
JWTAuthenticationClaimsSet(ClientID clientID,
Audience aud)
Creates a new JWT client authentication claims set.
|
JWTAuthenticationClaimsSet(ClientID clientID,
List<Audience> aud,
Date exp,
Date nbf,
Date iat,
JWTID jti)
Creates a new JWT client authentication claims set.
|
PlainClientSecret(ClientAuthenticationMethod method,
ClientID clientID,
Secret secret)
Creates a new plain secret based client authentication.
|
PrivateKeyJWT(ClientID clientID,
URI tokenEndpoint,
com.nimbusds.jose.JWSAlgorithm jwsAlgorithm,
ECPrivateKey ecPrivateKey,
String keyID,
Provider jcaProvider)
Creates a new EC private key JWT authentication.
|
PrivateKeyJWT(ClientID clientID,
URI tokenEndpoint,
com.nimbusds.jose.JWSAlgorithm jwsAlgorithm,
RSAPrivateKey rsaPrivateKey,
String keyID,
Provider jcaProvider)
Creates a new RSA private key JWT authentication.
|
SelfSignedTLSClientAuthentication(ClientID clientID,
SSLSocketFactory sslSocketFactory)
Creates a new self-signed TLS / X.509 certificate client
authentication.
|
SelfSignedTLSClientAuthentication(ClientID clientID,
X509Certificate x509Certificate)
Creates a new self-signed TLS / X.509 certificate client
authentication.
|
TLSClientAuthentication(ClientID clientID,
SSLSocketFactory sslSocketFactory)
Creates a new TLS / X.509 certificate client authentication.
|
TLSClientAuthentication(ClientID clientID,
String certSubjectDN,
String certRootDN)
Creates a new TLS / X.509 certificate client authentication.
|
Modifier and Type | Method and Description |
---|---|
List<Secret> |
ClientCredentialsSelector.selectClientSecrets(ClientID claimedClientID,
ClientAuthenticationMethod authMethod,
Context<T> context)
Selects one or more client secret candidates for
client_secret_basic ,
client_secret_post and
client_secret_jwt
authentication. |
List<? extends PublicKey> |
ClientCredentialsSelector.selectPublicKeys(ClientID claimedClientID,
ClientAuthenticationMethod authMethod,
com.nimbusds.jose.JWSHeader jwsHeader,
boolean forceRefresh,
Context<T> context)
Selects one or more public key candidates (e.g.
|
void |
ClientX509CertificateBindingVerifier.verifyCertificateBinding(ClientID clientID,
String subjectDN,
String rootDN,
Context<T> context)
Verifies that the specified X.509 certificate issuer DN and subject
DN bind to the claimed client ID.
|
Modifier and Type | Method and Description |
---|---|
ClientID |
ClientUpdateRequest.getClientID()
Gets the client ID.
|
ClientID |
ClientInformation.getID()
Gets the client identifier.
|
static ClientID |
ClientCredentialsParser.parseID(net.minidev.json.JSONObject jsonObject)
Parses a client identifier from the specified JSON object.
|
Constructor and Description |
---|
ClientInformation(ClientID id,
Date issueDate,
ClientMetadata metadata,
Secret secret)
Creates a new client information instance.
|
ClientInformation(ClientID id,
Date issueDate,
ClientMetadata metadata,
Secret secret,
URI registrationURI,
BearerAccessToken accessToken)
Creates a new client information instance permitting dynamic client
registration management.
|
ClientUpdateRequest(URI uri,
ClientID id,
BearerAccessToken accessToken,
ClientMetadata metadata,
Secret secret)
Creates a new client update request.
|
Constructor and Description |
---|
ImmutableClientSecret(ClientID id,
com.nimbusds.jose.jwk.OctetSequenceKey secret)
Deprecated.
Creates a new immutable client secret.
|
ImmutableClientSecret(ClientID id,
Secret secret)
Deprecated.
Creates a new immutable client secret.
|
Constructor and Description |
---|
AuthenticationRequest(URI uri,
ResponseType rt,
ResponseMode rm,
Scope scope,
ClientID clientID,
URI redirectURI,
State state,
Nonce nonce,
Display display,
Prompt prompt,
int maxAge,
List<com.nimbusds.langtag.LangTag> uiLocales,
List<com.nimbusds.langtag.LangTag> claimsLocales,
com.nimbusds.jwt.JWT idTokenHint,
String loginHint,
List<ACR> acrValues,
ClaimsRequest claims,
com.nimbusds.jwt.JWT requestObject,
URI requestURI,
CodeChallenge codeChallenge,
CodeChallengeMethod codeChallengeMethod)
Creates a new OpenID Connect authentication request.
|
AuthenticationRequest(URI uri,
ResponseType rt,
ResponseMode rm,
Scope scope,
ClientID clientID,
URI redirectURI,
State state,
Nonce nonce,
Display display,
Prompt prompt,
int maxAge,
List<com.nimbusds.langtag.LangTag> uiLocales,
List<com.nimbusds.langtag.LangTag> claimsLocales,
com.nimbusds.jwt.JWT idTokenHint,
String loginHint,
List<ACR> acrValues,
ClaimsRequest claims,
com.nimbusds.jwt.JWT requestObject,
URI requestURI,
CodeChallenge codeChallenge,
CodeChallengeMethod codeChallengeMethod,
Map<String,String> customParams)
Creates a new OpenID Connect authentication request with additional
custom parameters.
|
AuthenticationRequest(URI uri,
ResponseType rt,
Scope scope,
ClientID clientID,
URI redirectURI,
State state,
Nonce nonce)
Creates a new minimal OpenID Connect authentication request.
|
Builder(ResponseType rt,
Scope scope,
ClientID clientID,
URI redirectURI)
Creates a new OpenID Connect authentication request builder.
|
Constructor and Description |
---|
OIDCClientInformation(ClientID id,
Date issueDate,
OIDCClientMetadata metadata,
Secret secret)
Creates a new OpenID Connect client information instance.
|
OIDCClientInformation(ClientID id,
Date issueDate,
OIDCClientMetadata metadata,
Secret secret,
URI registrationURI,
BearerAccessToken accessToken)
Creates a new OpenID Connect client information instance permitting
dynamic client registration management.
|
OIDCClientUpdateRequest(URI uri,
ClientID id,
BearerAccessToken accessToken,
OIDCClientMetadata metadata,
Secret secret)
Creates a new OpenID Connect client update request.
|
Modifier and Type | Method and Description |
---|---|
ClientID |
IDTokenClaimsVerifier.getClientID()
Returns the client ID for verifying the ID token audience.
|
ClientID |
LogoutTokenClaimsVerifier.getClientID()
Returns the client ID for verifying the ID token audience.
|
Constructor and Description |
---|
IDTokenClaimsVerifier(Issuer issuer,
ClientID clientID,
Nonce nonce,
int maxClockSkew)
Creates a new ID token claims verifier.
|
IDTokenValidator(Issuer expectedIssuer,
ClientID clientID)
Creates a new validator for unsecured (plain) ID tokens.
|
IDTokenValidator(Issuer expectedIssuer,
ClientID clientID,
com.nimbusds.jose.JWSAlgorithm expectedJWSAlg,
com.nimbusds.jose.jwk.JWKSet jwkSet)
Creates a new validator for RSA or EC signed ID tokens where the
OpenID Provider's JWK set is specified by value.
|
IDTokenValidator(Issuer expectedIssuer,
ClientID clientID,
com.nimbusds.jose.JWSAlgorithm expectedJWSAlg,
Secret clientSecret)
Creates a new validator for HMAC protected ID tokens.
|
IDTokenValidator(Issuer expectedIssuer,
ClientID clientID,
com.nimbusds.jose.JWSAlgorithm expectedJWSAlg,
URL jwkSetURI)
Creates a new validator for RSA or EC signed ID tokens where the
OpenID Provider's JWK set is specified by URL.
|
IDTokenValidator(Issuer expectedIssuer,
ClientID clientID,
com.nimbusds.jose.JWSAlgorithm expectedJWSAlg,
URL jwkSetURI,
com.nimbusds.jose.util.ResourceRetriever resourceRetriever)
Creates a new validator for RSA or EC signed ID tokens where the
OpenID Provider's JWK set is specified by URL.
|
IDTokenValidator(Issuer expectedIssuer,
ClientID clientID,
com.nimbusds.jose.proc.JWSKeySelector jwsKeySelector,
com.nimbusds.jose.proc.JWEKeySelector jweKeySelector)
Creates a new ID token validator.
|
LogoutTokenClaimsVerifier(Issuer issuer,
ClientID clientID)
Creates a new logout token claims verifier.
|
LogoutTokenValidator(Issuer expectedIssuer,
ClientID clientID,
com.nimbusds.jose.JWSAlgorithm expectedJWSAlg,
com.nimbusds.jose.jwk.JWKSet jwkSet)
Creates a new validator for RSA or EC signed logout tokens where the
OpenID Provider's JWK set is specified by value.
|
LogoutTokenValidator(Issuer expectedIssuer,
ClientID clientID,
com.nimbusds.jose.JWSAlgorithm expectedJWSAlg,
Secret clientSecret)
Creates a new validator for HMAC protected logout tokens.
|
LogoutTokenValidator(Issuer expectedIssuer,
ClientID clientID,
com.nimbusds.jose.JWSAlgorithm expectedJWSAlg,
URL jwkSetURI)
Creates a new validator for RSA or EC signed logout tokens where the
OpenID Provider's JWK set is specified by URL.
|
LogoutTokenValidator(Issuer expectedIssuer,
ClientID clientID,
com.nimbusds.jose.JWSAlgorithm expectedJWSAlg,
URL jwkSetURI,
com.nimbusds.jose.util.ResourceRetriever resourceRetriever)
Creates a new validator for RSA or EC signed logout tokens where the
OpenID Provider's JWK set is specified by URL.
|
LogoutTokenValidator(Issuer expectedIssuer,
ClientID clientID,
com.nimbusds.jose.proc.JWSKeySelector jwsKeySelector,
com.nimbusds.jose.proc.JWEKeySelector jweKeySelector)
Creates a new logout token validator.
|
Copyright © 2017 Connect2id Ltd.. All rights reserved.