All Classes Interface Summary Class Summary Enum Summary Exception Summary
Class |
Description |
AbstractJWTValidator |
Abstract JSON Web Token (JWT) validator for ID tokens and logout tokens.
|
AbstractOptionallyAuthenticatedRequest |
Abstract request with optional client authentication.
|
AbstractOptionallyIdentifiedRequest |
Abstract request with optional client authentication or client
identification.
|
AbstractRequest |
The base abstract class for requests.
|
AccessToken |
The base abstract class for access tokens.
|
AccessTokenHash |
Access token hash (at_hash ).
|
AccessTokenResponse |
Access token response from the Token endpoint.
|
AccessTokenType |
Access token type.
|
AccessTokenValidator |
Access token validator, using the at_hash ID token claim.
|
ACR |
Authentication Context Class Reference (acr ).
|
ACRRequest |
Resolved authentication Context Class Reference (ACR) request.
|
Actor |
Authorised actor in impersonation and delegation cases.
|
Address |
UserInfo address claims set, serialisable to a JSON object.
|
AggregatedClaims |
Aggregated OpenID claims set.
|
AMR |
Authentication Method Reference (amr ).
|
ApplicationType |
Enumeration of OpenID Connect client application types.
|
AssertionDetails |
Common assertion details used in JWT bearer assertions and SAML 2.0 bearer
assertions.
|
AssertionGrant |
Assertion grant.
|
Audience |
Audience identifier.
|
AuthenticationErrorResponse |
OpenID Connect authentication error response.
|
AuthenticationRequest |
OpenID Connect authentication request.
|
AuthenticationRequest.Builder |
Builder for constructing OpenID Connect authentication requests.
|
AuthenticationRequestDetector |
OpenID authentication request detector.
|
AuthenticationRequestResolver<C extends com.nimbusds.jose.proc.SecurityContext> |
Resolves the final OpenID Connect authentication request by superseding its
parameters with those found in the optional OpenID Connect request object.
|
AuthenticationResponse |
OpenID Connect authentication response.
|
AuthenticationResponseParser |
Parser of OpenID Connect authentication response messages.
|
AuthenticationSuccessResponse |
OpenID Connect authentication success response.
|
AuthorizationCode |
Authorisation code.
|
AuthorizationCodeGrant |
Authorisation code grant.
|
AuthorizationCodeValidator |
Authorisation code validator, using the c_hash ID token claim.
|
AuthorizationErrorResponse |
Authorisation error response.
|
AuthorizationGrant |
Authorisation grant.
|
AuthorizationRequest |
Authorisation request.
|
AuthorizationRequest.Builder |
Builder for constructing authorisation requests.
|
AuthorizationResponse |
The base abstract class for authorisation success and error responses.
|
AuthorizationServerConfigurationRequest |
OAuth 2.0 Authorisation Server (AS) configuration request.
|
AuthorizationServerEndpointMetadata |
OAuth 2.0 Authorisation Server (AS) metadata for the endpoints.
|
AuthorizationServerMetadata |
OAuth 2.0 Authorisation Server (AS) metadata.
|
AuthorizationSuccessResponse |
Authorisation success response.
|
AuthorizedParty |
Authorised party.
|
AuthorizedParty |
OAuth 2.0 client authorized to use the ID Token as an OAuth access token,
if different than the client that requested the ID Token (azp ).
|
BackChannelLogoutRequest |
Back-channel logout request initiated by an OpenID provider (OP).
|
BadJWTExceptions |
Common bad JWT exceptions.
|
BadSAML2AssertionException |
Bad SAML 2.0 assertion exception.
|
BearerAccessToken |
Bearer access token.
|
BearerTokenError |
OAuth 2.0 bearer token error.
|
Birthplace |
Birthplace claims set, serialisable to a JSON object.
|
ClaimRequirement |
Enumeration of the claim requirement types.
|
ClaimsRequest |
Specifies the individual claims to return from the UserInfo endpoint and /
or in the ID Token.
|
ClaimsRequest.Entry |
Individual claim request.
|
ClaimsSet |
Claims set with basic getters and setters, serialisable to a JSON object.
|
ClaimsTransport |
Enumeration of the available claims transports.
|
ClaimType |
Enumeration of the claim types.
|
ClientAuthentication |
Base abstract class for client authentication at the Token endpoint.
|
ClientAuthenticationMethod |
Client authentication method at the Token endpoint.
|
ClientAuthenticationVerifier<T> |
Client authentication verifier.
|
ClientCredentialsGrant |
Client credentials grant.
|
ClientCredentialsParser |
Client credentials parser.
|
ClientCredentialsSelector<T> |
Selector of client credential candidates for client authentication
verification.
|
ClientDeleteRequest |
Client delete request.
|
ClientID |
Client identifier.
|
ClientInformation |
Client information.
|
ClientInformationResponse |
Client information response.
|
ClientMetadata |
Client metadata.
|
ClientReadRequest |
Client read request.
|
ClientRegistrationErrorResponse |
Client registration error response.
|
ClientRegistrationRequest |
Client registration request.
|
ClientRegistrationResponse |
The base abstract for client registration responses.
|
ClientSecretBasic |
Client secret basic authentication at the Token endpoint.
|
ClientSecretJWT |
Client secret JWT authentication at the Token endpoint.
|
ClientSecretPost |
Client secret post authentication at the Token endpoint.
|
ClientType |
Enumeration of the OAuth 2.0 client types.
|
ClientUpdateRequest |
Client registration request.
|
ClientX509CertificateBindingVerifier<T> |
Deprecated.
|
CodeChallenge |
Authorisation code challenge.
|
CodeChallengeMethod |
Method that was used to derive an authorisation code challenge.
|
CodeHash |
Authorisation code hash (c_hash ).
|
CodeVerifier |
Authorisation code verifier.
|
CollectionUtils |
Collection utilities.
|
CommonContentTypes |
Common content types used in the OAuth 2.0 protocol and implementing
applications.
|
ContentTypeUtils |
Content type matching.
|
Context<T> |
Generic context for passing objects.
|
CountryCode |
Abstract class for country codes.
|
DateWithTimeZoneOffset |
Date with timezone offset.
|
DeviceAuthorizationErrorResponse |
OAuth 2.0 device authorization error response.
|
DeviceAuthorizationGrantError |
OAuth 2.0 Device Authorization Grant specific errors.
|
DeviceAuthorizationRequest |
Device authorisation request.
|
DeviceAuthorizationRequest.Builder |
Builder for constructing authorisation requests.
|
DeviceAuthorizationResponse |
Token endpoint response.
|
DeviceAuthorizationSuccessResponse |
A device authorization response from the device authorization endpoint.
|
DeviceCode |
Device code.
|
DeviceCodeGrant |
Device code grant for the OAuth 2.0 Device Authorization Grant.
|
Display |
Enumeration of the display types for authentication and consent UIs.
|
DistributedClaims |
Distributed OpenID claims set.
|
ErrorObject |
Error object, used to encapsulate OAuth 2.0 and other errors.
|
ErrorResponse |
Response message indicating an error.
|
Gender |
|
GeneralException |
The base class for checked exceptions defined in this SDK.
|
GrantType |
Authorisation grant type.
|
HashBasedPairwiseSubjectCodec |
SHA-256 based encoder of pairwise subject identifiers.
|
HashClaim |
The base class for SHA-2 based claims.
|
Hint |
Hints intended for the client authentication verifier.
|
HTTPEndpoint |
HTTP endpoint.
|
HTTPRequest |
|
HTTPRequest.Method |
Enumeration of the HTTP methods used in OAuth 2.0 requests.
|
HTTPResponse |
|
IDDocumentDescription |
Identity document description.
|
IDDocumentEvidence |
Identity document used as identity evidence.
|
IDDocumentType |
Identity document type.
|
Identifier |
The base class for representing identifiers and identities.
|
IdentityEvidence |
The base abstract class for identity evidences.
|
IdentityEvidenceType |
Identity evidence type.
|
IdentityTrustFramework |
Identity trust framework identifiers.
|
IdentityVerification |
Identity verification.
|
IdentityVerificationMethod |
Identity verification method.
|
IdentityVerifier |
Legal entity that performed an identity verification on behalf of an OpenID
provider.
|
IDTokenClaimsSet |
ID token claims set, serialisable to a JSON object.
|
IDTokenClaimsVerifier |
ID token claims verifier.
|
IDTokenValidator |
Validator of ID tokens issued by an OpenID Provider (OP).
|
InvalidClientException |
Invalid client exception.
|
InvalidHashException |
Invalid access token / code hash exception.
|
InvalidPairwiseSubjectException |
Invalid pairwise subject exception.
|
ISO3166_1Alpha2CountryCode |
ISO 3166-1 alpha-2 (two-letter) country code.
|
Issuer |
Issuer identifier.
|
JARMClaimsVerifier |
JSON Web Token (JWT) encoded authorisation response claims verifier.
|
JARMUtils |
JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) utilities.
|
JARMValidator |
Validator of JSON Web Token (JWT) secured authorisation responses (JARM).
|
JSONArrayUtils |
JSON array helper methods for parsing and typed retrieval of values.
|
JSONObjectUtils |
JSON object helper methods for parsing and typed retrieval of member values.
|
JWTAssertionDetails |
JSON Web Token (JWT) bearer assertion details (claims set) for OAuth 2.0
client authentication and authorisation grants.
|
JWTAssertionDetailsVerifier |
JSON Web Token (JWT) bearer assertion details (claims set) verifier for
OAuth 2.0 client authentication and authorisation grants.
|
JWTAssertionFactory |
Static JWT bearer assertion factory.
|
JWTAuthentication |
Base abstract class for JSON Web Token (JWT) based client authentication at
the Token endpoint.
|
JWTAuthenticationClaimsSet |
JWT client authentication claims set, serialisable to a JSON object and JWT
claims set.
|
JWTBearerGrant |
JWT bearer grant.
|
JWTClaimsSetUtils |
JSON Web Token (JWT) claims set utilities.
|
JWTID |
JSON Web Token (JWT) identifier.
|
LogoutRequest |
Logout request initiated by an OpenID relying party (RP).
|
LogoutTokenClaimsSet |
Back-channel logout token claims set, serialisable to a JSON object.
|
LogoutTokenClaimsVerifier |
ID token claims verifier.
|
LogoutTokenValidator |
Validator of logout tokens issued by an OpenID Provider (OP).
|
MapUtils |
Map utilities.
|
Message |
Marker interface for OAuth 2.0 authorisation framework messages.
|
MultivaluedMapUtils |
Multi-valued map utilities.
|
Nonce |
Nonce.
|
OAuth2Error |
Standard OAuth 2.0 authorisation and token endpoint errors.
|
OIDCClientInformation |
OpenID Connect client information.
|
OIDCClientInformationResponse |
OpenID Connect client information response.
|
OIDCClientMetadata |
OpenID Connect client metadata.
|
OIDCClientRegistrationRequest |
OpenID Connect client registration request.
|
OIDCClientRegistrationResponseParser |
Parser of OpenID Connect client registration response messages.
|
OIDCClientUpdateRequest |
OpenID Connect client registration request.
|
OIDCError |
OpenID Connect specific errors.
|
OIDCProviderConfigurationRequest |
OpenID Provider (OP) configuration request.
|
OIDCProviderEndpointMetadata |
OpenID Provider (OP) endpoint metadata.
|
OIDCProviderMetadata |
OpenID Provider (OP) metadata.
|
OIDCResponseTypeValue |
OpenID Connect id_token response type value constant.
|
OIDCScopeValue |
Standard OpenID Connect scope value.
|
OIDCTokenResponse |
OpenID Connect token response from the Token endpoint.
|
OIDCTokenResponseParser |
Parser of OpenID Connect token endpoint response messages.
|
OIDCTokens |
ID token, access token and optional refresh token.
|
OrderedJSONObject |
Ordered JSON object.
|
PairwiseSubjectCodec |
Encoder and decoder of pairwise subject identifiers.
|
ParseException |
Parse exception.
|
PersonClaims |
|
PKIClientX509CertificateBindingVerifier<T> |
Client X.509 certificate binding verifier.
|
PKITLSClientAuthentication |
PKI mutual TLS client authentication at the Token endpoint.
|
PlainClientSecret |
Base abstract class for plain secret based client authentication at the
Token endpoint.
|
PrivateKeyJWT |
Private key JWT authentication at the Token endpoint.
|
Prompt |
Prompts for end-user re-authentication and consent.
|
Prompt.Type |
Enumeration of the prompt types.
|
ProtectedResourceRequest |
Base abstract class for protected resource requests using an OAuth 2.0
access token.
|
PushedAuthorizationErrorResponse |
Pushed authorisation error response.
|
PushedAuthorizationRequest |
Pushed authorisation request.
|
PushedAuthorizationResponse |
Pushed authorisation response.
|
PushedAuthorizationSuccessResponse |
Pushed authorisation success response.
|
QESEvidence |
Qualified electronic signature (QES) used as identity evidence.
|
RefreshToken |
Refresh token.
|
RefreshTokenGrant |
Refresh token grant.
|
RegistrationError |
OAuth 2.0 client registration errors.
|
Request |
Request message, serialises to an HTTP request.
|
RequestObjectPOSTErrorResponse |
Deprecated. |
RequestObjectPOSTRequest |
Deprecated. |
RequestObjectPOSTResponse |
Deprecated. |
RequestObjectPOSTSuccessResponse |
Deprecated. |
ResolveException |
Resolve exception.
|
ResourceOwnerPasswordCredentialsGrant |
Resource owner password credentials grant.
|
ResourceUtils |
Resource server URI utilities.
|
Response |
Response message, serialises to an HTTP response.
|
ResponseMode |
Authorisation response mode.
|
ResponseType |
Authorisation response type.
|
ResponseType.Value |
Authorisation response type value.
|
Role |
Enumeration of the OAuth 2.0 roles.
|
SAML2AssertionDetails |
SAML 2.0 bearer assertion details for OAuth 2.0 client authentication and
authorisation grants.
|
SAML2AssertionDetailsVerifier |
SAML 2.0 bearer assertion details verifier for OAuth 2.0 client
authentication and authorisation grants.
|
SAML2AssertionFactory |
Static SAML 2.0 bearer assertion factory.
|
SAML2AssertionValidator |
SAML 2.0 assertion validator.
|
SAML2BearerGrant |
SAML 2.0 bearer grant.
|
Scope |
Authorisation scope.
|
Scope.Value |
Authorisation scope value.
|
Scope.Value.Requirement |
Enumeration of the scope value requirements for
application-specific authorisation requests.
|
Secret |
Secret.
|
SecretKeyDerivation |
Derives an AES secret key from a client secret.
|
SectorID |
Sector identifier.
|
SectorIDURIValidator |
Sector identifier URI validator.
|
SelfSignedTLSClientAuthentication |
Self-signed certificate mutual TLS client authentication at the Token
endpoint.
|
SerializeException |
Serialization exception (unchecked).
|
ServletUtils |
HTTP servlet utilities.
|
SessionID |
Session identifier.
|
SimpleDate |
Simple date.
|
SIVAESBasedPairwiseSubjectCodec |
SIV AES - based encoder / decoder of pairwise subject identifiers.
|
SoftwareID |
Identifier for an OAuth 2.0 client software.
|
SoftwareVersion |
Version identifier for an OAuth 2.0 client software.
|
State |
Opaque value used to maintain state between a request and a callback.
|
StateHash |
State hash (s_hash ).
|
StateValidator |
State validator, using the optional s_hash ID token claim.
|
StringUtils |
String utilities.
|
Subject |
Subject (user) identifier.
|
SubjectType |
Enumeration of the subject identifier types.
|
SuccessResponse |
Response message indicating success.
|
TLSClientAuthentication |
The base abstract class for mutual TLS client authentication at the Token
endpoint.
|
Token |
The base abstract class for access and refresh tokens.
|
TokenEncoding |
Enumeration of the possible token encodings.
|
TokenErrorResponse |
OAuth 2.0 Token error response.
|
TokenIntrospectionErrorResponse |
Token introspection error response.
|
TokenIntrospectionRequest |
Token introspection request.
|
TokenIntrospectionResponse |
Token introspection response.
|
TokenIntrospectionSuccessResponse |
Token introspection success response.
|
TokenIntrospectionSuccessResponse.Builder |
Builder for constructing token introspection success responses.
|
TokenRequest |
Token request.
|
TokenResponse |
Token endpoint response.
|
TokenRevocationRequest |
Token revocation request.
|
Tokens |
Access and optional refresh token.
|
TXN |
Transaction identifier.
|
TypelessAccessToken |
Typeless access token, cannot be serialised.
|
URIUtils |
URI operations.
|
URLUtils |
URL operations.
|
UserCode |
User code.
|
UserInfo |
UserInfo claims set, serialisable to a JSON object.
|
UserInfoErrorResponse |
UserInfo error response.
|
UserInfoRequest |
UserInfo request.
|
UserInfoResponse |
The base abstract class for UserInfo success and error responses.
|
UserInfoSuccessResponse |
UserInfo success response.
|
UtilityBillEvidence |
Utility bill used as identity evidence.
|
VerifiedClaimsSet |
Verified claims set.
|
X509CertificateConfirmation |
X.509 certificate SHA-256 confirmation.
|
X509CertificateUtils |
X.509 certificate utilities.
|