@ThreadSafe public class AuthenticationRequestResolver<C extends com.nimbusds.jose.proc.SecurityContext> extends Object
request
parameter, or by URL using the
request_uri
parameter.
To process signed and optionally encrypted request objects a
JWT processor
for the expected JWS / JWE algorithms
must be provided at construction time.
To fetch OpenID Connect request objects specified by URL a
JWT retriever
must be provided, otherwise only
inlined request objects can be processed.
Related specifications:
Constructor | Description |
---|---|
AuthenticationRequestResolver() |
Creates a new minimal OpenID Connect authentication request
resolver.
|
AuthenticationRequestResolver(com.nimbusds.jwt.proc.JWTProcessor<C> jwtProcessor) |
Creates a new OpenID Connect authentication request resolver that
supports OpenID Connect request objects passed by value (using the
authentication
request parameter). |
AuthenticationRequestResolver(com.nimbusds.jwt.proc.JWTProcessor<C> jwtProcessor,
com.nimbusds.jose.util.ResourceRetriever jwtRetriever) |
Creates a new OpenID Connect request object resolver that supports
OpenID Connect request objects passed by value (using the
authentication
request parameter) or by reference (using the
authentication request_uri parameter). |
Modifier and Type | Method | Description |
---|---|---|
com.nimbusds.jwt.proc.JWTProcessor<C> |
getJWTProcessor() |
Returns the JWT processor.
|
com.nimbusds.jose.util.ResourceRetriever |
getJWTRetriever() |
Returns the JWT retriever.
|
static Map<String,List<String>> |
reformatClaims(com.nimbusds.jwt.JWTClaimsSet claimsSet) |
Reformats the specified JWT claims set to a
java.util.Map instance.
|
AuthenticationRequest |
resolve(AuthenticationRequest request,
C securityContext) |
Resolves the specified OpenID Connect authentication request by
superseding its parameters with those found in the optional OpenID
Connect request object (if any).
|
public AuthenticationRequestResolver()
ResolveException
if the authentication request
includes a request
or request_uri
parameter.public AuthenticationRequestResolver(com.nimbusds.jwt.proc.JWTProcessor<C> jwtProcessor)
request
parameter). It will throw a
ResolveException
if the authentication request includes a
request_uri
parameter.jwtProcessor
- A configured JWT processor providing JWS
validation and optional JWE decryption of the
request objects. Must not be null
.public AuthenticationRequestResolver(com.nimbusds.jwt.proc.JWTProcessor<C> jwtProcessor, com.nimbusds.jose.util.ResourceRetriever jwtRetriever)
request
parameter) or by reference (using the
authentication request_uri
parameter).jwtProcessor
- A configured JWT processor providing JWS
validation and optional JWE decryption of the
request objects. Must not be null
.jwtRetriever
- A configured JWT retriever for OpenID Connect
request objects passed by URI. Must not be
null
.public com.nimbusds.jwt.proc.JWTProcessor<C> getJWTProcessor()
null
if not specified.public com.nimbusds.jose.util.ResourceRetriever getJWTRetriever()
null
if not specified.public static Map<String,List<String>> reformatClaims(com.nimbusds.jwt.JWTClaimsSet claimsSet)
claimsSet
- The JWT claims set to reformat. Must not be
null
.public AuthenticationRequest resolve(AuthenticationRequest request, C securityContext) throws ResolveException, com.nimbusds.jose.JOSEException
request
- The OpenID Connect authentication request.
Must not be null
.securityContext
- Optional security context to pass to the JWT
processor, null
if not specified.ResolveException
- If the request couldn't be resolved.com.nimbusds.jose.JOSEException
- If an invalid request JWT is found.Copyright © 2018 Connect2id Ltd.. All rights reserved.