@Immutable public final class ClientSecretJWT extends JWTAuthentication
ClientAuthenticationMethod.CLIENT_SECRET_JWT
.
Supported signature JSON Web Algorithms (JWAs) by this implementation:
Related specifications:
CLIENT_ASSERTION_TYPE
Constructor and Description |
---|
ClientSecretJWT(ClientID clientID,
URI tokenEndpoint,
com.nimbusds.jose.JWSAlgorithm jwsAlgorithm,
Secret clientSecret)
Creates a new client secret JWT authentication.
|
ClientSecretJWT(com.nimbusds.jwt.SignedJWT clientAssertion)
Creates a new client secret JWT authentication.
|
Modifier and Type | Method and Description |
---|---|
static ClientSecretJWT |
parse(HTTPRequest httpRequest)
Parses the specified HTTP POST request for a client secret JSON Web
Token (JWT) authentication.
|
static ClientSecretJWT |
parse(Map<String,String> params)
Parses the specified parameters map for a client secret JSON Web
Token (JWT) authentication.
|
static ClientSecretJWT |
parse(String paramsString)
Parses a client secret JSON Web Token (JWT) authentication from the
specified
application/x-www-form-urlencoded encoded
parameters string. |
static Set<com.nimbusds.jose.JWSAlgorithm> |
supportedJWAs()
Returns the supported signature JSON Web Algorithms (JWAs).
|
applyTo, ensureClientAssertionType, getClientAssertion, getJWTAuthenticationClaimsSet, parseClientAssertion, parseClientID, toParameters
getClientID, getMethod
public ClientSecretJWT(ClientID clientID, URI tokenEndpoint, com.nimbusds.jose.JWSAlgorithm jwsAlgorithm, Secret clientSecret) throws com.nimbusds.jose.JOSEException
clientID
- The client identifier. Must not be
null
.tokenEndpoint
- The token endpoint URI of the authorisation
server. Must not be null
.jwsAlgorithm
- The expected HMAC algorithm (HS256, HS384 or
HS512) for the client secret JWT assertion.
Must be supported and not null
.clientSecret
- The client secret. Must be at least 256-bits
long.com.nimbusds.jose.JOSEException
- If the client secret is too short, or HMAC
computation failed.public ClientSecretJWT(com.nimbusds.jwt.SignedJWT clientAssertion)
clientAssertion
- The client assertion, corresponding to the
client_assertion_parameter
, as a
supported HMAC-protected JWT. Must be signed
and not null
.public static Set<com.nimbusds.jose.JWSAlgorithm> supportedJWAs()
public static ClientSecretJWT parse(Map<String,String> params) throws ParseException
application/x-www-form-urlencoded
encoded.params
- The parameters map to parse. The client secret JSON
Web Token (JWT) parameters must be keyed under
"client_assertion" and "client_assertion_type". The
map must not be null
.ParseException
- If the parameters map couldn't be parsed to a
client secret JSON Web Token (JWT)
authentication.public static ClientSecretJWT parse(String paramsString) throws ParseException
application/x-www-form-urlencoded
encoded
parameters string.paramsString
- The parameters string to parse. The client secret
JSON Web Token (JWT) parameters must be keyed
under "client_assertion" and
"client_assertion_type". The string must not be
null
.ParseException
- If the parameters string couldn't be parsed
to a client secret JSON Web Token (JWT)
authentication.public static ClientSecretJWT parse(HTTPRequest httpRequest) throws ParseException
httpRequest
- The HTTP POST request to parse. Must not be
null
and must contain a valid
application/x-www-form-urlencoded
encoded
parameters string in the entity body. The client
secret JSON Web Token (JWT) parameters must be
keyed under "client_assertion" and
"client_assertion_type".ParseException
- If the HTTP request header couldn't be parsed
to a client secret JSON Web Token (JWT)
authentication.Copyright © 2018 Connect2id Ltd.. All rights reserved.