Package net.openid.appauth

Class AuthorizationRequest.Builder

java.lang.Object

net.openid.appauth.AuthorizationRequest.Builder

Enclosing class:

AuthorizationRequest

public static final class AuthorizationRequest.Builder
extends Object

Creates instances of AuthorizationRequest.

Constructor Summary

Constructors

Constructor	Description
Builder(AuthorizationServiceConfiguration configuration, String clientId, String responseType, Uri redirectUri)	Creates an authorization request builder with the specified mandatory properties, and preset values for AuthorizationRequest.state, AuthorizationRequest.nonce and AuthorizationRequest.codeVerifier.

Method Summary

Modifier and Type	Method	Description
AuthorizationRequest	build()	Constructs the authorization request.
AuthorizationRequest.Builder	setAdditionalParameters(Map<String,String> additionalParameters)	Specifies additional parameters.
AuthorizationRequest.Builder	setAuthorizationServiceConfiguration(AuthorizationServiceConfiguration configuration)	Specifies the service configuration to be used in dispatching this request.
AuthorizationRequest.Builder	setClaims(JSONObject claims)	Requests that specific Claims be returned.
AuthorizationRequest.Builder	setClaimsLocales(String claimsLocales)	End-User’s preferred languages and scripts for Claims being returned, represented as a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference.
AuthorizationRequest.Builder	setClaimsLocalesValues(Iterable<String> claimsLocalesValues)	End-User’s preferred languages and scripts for Claims being returned, represented as a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference.
AuthorizationRequest.Builder	setClaimsLocalesValues(String... claimsLocalesValues)	End-User’s preferred languages and scripts for Claims being returned, represented as a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference.
AuthorizationRequest.Builder	setClientId(String clientId)	Specifies the client ID.
AuthorizationRequest.Builder	setCodeVerifier(String codeVerifier)	Specifies the code verifier to use for this authorization request.
AuthorizationRequest.Builder	setCodeVerifier(String codeVerifier, String codeVerifierChallenge, String codeVerifierChallengeMethod)	Specifies the code verifier, challenge and method strings to use for this authorization request.
AuthorizationRequest.Builder	setDisplay(String display)	Specifies the OpenID Connect 1.0 display parameter.
AuthorizationRequest.Builder	setLoginHint(String loginHint)	Specifies the OpenID Connect 1.0 login_hint parameter.
AuthorizationRequest.Builder	setNonce(String nonce)	Specifies the String value used to associate a Client session with an ID Token, and to mitigate replay attacks.
AuthorizationRequest.Builder	setPrompt(String prompt)	Specifies the encoded OpenID Connect 1.0 prompt parameter, which is a space-delimited set of case sensitive ASCII prompt values.
AuthorizationRequest.Builder	setPromptValues(Iterable<String> promptValues)	Specifies the set of OpenID Connect 1.0 prompt parameter values, which are space-delimited, case sensitive ASCII prompt values.
AuthorizationRequest.Builder	setPromptValues(String... promptValues)	Specifies the set of OpenID Connect 1.0 prompt parameter values, which are space-delimited, case sensitive ASCII prompt values.
AuthorizationRequest.Builder	setRedirectUri(Uri redirectUri)	Specifies the client’s redirect URI.
AuthorizationRequest.Builder	setResponseMode(String responseMode)	Specifies the response mode to be used for returning authorization response parameters from the authorization endpoint.
AuthorizationRequest.Builder	setResponseType(String responseType)	Specifies the expected response type.
AuthorizationRequest.Builder	setScope(String scope)	Specifies the encoded scope string, which is a space-delimited set of case-sensitive scope identifiers.
AuthorizationRequest.Builder	setScopes(Iterable<String> scopes)	Specifies the set of case-sensitive scopes.
AuthorizationRequest.Builder	setScopes(String... scopes)	Specifies the set of case-sensitive scopes.
AuthorizationRequest.Builder	setState(String state)	Specifies the opaque value used by the client to maintain state between the request and callback.
AuthorizationRequest.Builder	setUiLocales(String uiLocales)	Specifies the OpenID Connect 1.0 ui_locales parameter, which is a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference.
AuthorizationRequest.Builder	setUiLocalesValues(Iterable<String> uiLocalesValues)	Specifies the OpenID Connect 1.0 ui_locales parameter, which is a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference.
AuthorizationRequest.Builder	setUiLocalesValues(String... uiLocalesValues)	Specifies the OpenID Connect 1.0 ui_locales parameter, which is a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Builder

public Builder(@NonNull
               AuthorizationServiceConfiguration configuration,
               @NonNull
               String clientId,
               @NonNull
               String responseType,
               @NonNull
               Uri redirectUri)

Creates an authorization request builder with the specified mandatory properties, and preset values for AuthorizationRequest.state, AuthorizationRequest.nonce and AuthorizationRequest.codeVerifier.

Method Detail

setAuthorizationServiceConfiguration

public AuthorizationRequest.Builder setAuthorizationServiceConfiguration(@NonNull
                                                                         AuthorizationServiceConfiguration configuration)

Specifies the service configuration to be used in dispatching this request.

setClientId

@NonNull
public AuthorizationRequest.Builder setClientId(@NonNull
                                                String clientId)

Specifies the client ID.

Cannot be null or empty.

See Also:

“The OAuth 2.0 Authorization Framework (RFC 6749), Section 4 https://tools.ietf.org/html/rfc6749#section-4”, “The OAuth 2.0 Authorization Framework (RFC 6749), Section 4.1.1 https://tools.ietf.org/html/rfc6749#section-4.1.1”

setDisplay

public AuthorizationRequest.Builder setDisplay(@Nullable
                                               String display)

Specifies the OpenID Connect 1.0 display parameter.

See Also:

AuthorizationRequest.Display, “OpenID Connect Core 1.0, Section 3.1.2.1 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.1.2.1”

setLoginHint

public AuthorizationRequest.Builder setLoginHint(@Nullable
                                                 String loginHint)

Specifies the OpenID Connect 1.0 login_hint parameter.

See Also:

“OpenID Connect Core 1.0, Section 3.1.2.1 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.1.2.1”

setPrompt

@NonNull
public AuthorizationRequest.Builder setPrompt(@Nullable
                                              String prompt)

Specifies the encoded OpenID Connect 1.0 prompt parameter, which is a space-delimited set of case sensitive ASCII prompt values.

Replaces any previously specified prompt values.

See Also:

AuthorizationRequest.Prompt, “OpenID Connect Core 1.0, Section 3.1.2.1 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.1.2.1”

setPromptValues

@NonNull
public AuthorizationRequest.Builder setPromptValues(@Nullable
                                                    String... promptValues)

Specifies the set of OpenID Connect 1.0 prompt parameter values, which are space-delimited, case sensitive ASCII prompt values.

Replaces any previously specified prompt values.

See Also:

AuthorizationRequest.Prompt, “OpenID Connect Core 1.0, Section 3.1.2.1 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.1.2.1”

setPromptValues

@NonNull
public AuthorizationRequest.Builder setPromptValues(@Nullable
                                                    Iterable<String> promptValues)

Specifies the set of OpenID Connect 1.0 prompt parameter values, which are space-delimited, case sensitive ASCII prompt values.

Replaces any previously specified prompt values.

See Also:

AuthorizationRequest.Prompt, “OpenID Connect Core 1.0, Section 3.1.2.1 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.1.2.1”

setUiLocales

public AuthorizationRequest.Builder setUiLocales(@Nullable
                                                 String uiLocales)

Specifies the OpenID Connect 1.0 ui_locales parameter, which is a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference.

It represents End-User’s preferred languages and scripts for the user interface. Replaces any previously specified ui_locales values.

See Also:

“OpenID Connect Core 1.0, Section 3.1.2.1 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.1.2.1”

setUiLocalesValues

@NonNull
public AuthorizationRequest.Builder setUiLocalesValues(@Nullable
                                                       String... uiLocalesValues)

Specifies the OpenID Connect 1.0 ui_locales parameter, which is a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference.

It represents End-User’s preferred languages and scripts for the user interface. Replaces any previously specified ui_locales values.

See Also:

“OpenID Connect Core 1.0, Section 3.1.2.1 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.1.2.1”

setUiLocalesValues

@NonNull
public AuthorizationRequest.Builder setUiLocalesValues(@Nullable
                                                       Iterable<String> uiLocalesValues)

Specifies the OpenID Connect 1.0 ui_locales parameter, which is a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference.

It represents End-User’s preferred languages and scripts for the user interface. Replaces any previously specified ui_locales values.

See Also:

“OpenID Connect Core 1.0, Section 3.1.2.1 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.1.2.1”

setResponseType

@NonNull
public AuthorizationRequest.Builder setResponseType(@NonNull
                                                    String responseType)

Specifies the expected response type.

Cannot be null or empty.

See Also:

“The OAuth 2.0 Authorization Framework (RFC 6749), Section 2.2 https://tools.ietf.org/html/rfc6749#section-2.2”, “OpenID Connect Core 1.0, Section 3 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3”

setRedirectUri

@NonNull
public AuthorizationRequest.Builder setRedirectUri(@NonNull
                                                   Uri redirectUri)

Specifies the client’s redirect URI.

Cannot be null or empty.

See Also:

“The OAuth 2.0 Authorization Framework (RFC 6749), Section 3.1.2 https://tools.ietf.org/html/rfc6749#section-3.1.2”

setScope

@NonNull
public AuthorizationRequest.Builder setScope(@Nullable
                                             String scope)

Specifies the encoded scope string, which is a space-delimited set of case-sensitive scope identifiers.

Replaces any previously specified scope.

See Also:

“The OAuth 2.0 Authorization Framework (RFC 6749), Section 3.3 https://tools.ietf.org/html/rfc6749#section-3.3”

setScopes

@NonNull
public AuthorizationRequest.Builder setScopes(String... scopes)

Specifies the set of case-sensitive scopes.

Replaces any previously specified set of scopes. If no arguments are provided, the scope string will be set to null. Individual scope strings cannot be null or empty.

See Also:

“The OAuth 2.0 Authorization Framework (RFC 6749), Section 3.3 https://tools.ietf.org/html/rfc6749#section-3.3”

setScopes

@NonNull
public AuthorizationRequest.Builder setScopes(@Nullable
                                              Iterable<String> scopes)

Specifies the set of case-sensitive scopes.

Replaces any previously specified set of scopes. If the iterable is empty, the scope string will be set to null. Individual scope strings cannot be null or empty.

See Also:

“The OAuth 2.0 Authorization Framework (RFC 6749), Section 3.3 https://tools.ietf.org/html/rfc6749#section-3.3”

setState

@NonNull
public AuthorizationRequest.Builder setState(@Nullable
                                             String state)

Specifies the opaque value used by the client to maintain state between the request and callback.

If this value is not explicitly set, this library will automatically add state and perform appropriate validation of the state in the authorization response. It is recommended that the default implementation of this parameter be used wherever possible. Typically used to prevent CSRF attacks, as recommended in RFC6819 Section 5.3.5.

See Also:

“The OAuth 2.0 Authorization Framework (RFC 6749), Section 4.1.1 https://tools.ietf.org/html/rfc6749#section-4.1.1”, “The OAuth 2.0 Authorization Framework (RFC 6749), Section 5.3.5 https://tools.ietf.org/html/rfc6749#section-5.3.5”

setNonce

@NonNull
public AuthorizationRequest.Builder setNonce(@Nullable
                                             String nonce)

Specifies the String value used to associate a Client session with an ID Token, and to mitigate replay attacks.

The value is passed through unmodified from the Authentication Request to the ID Token. If this value is not explicitly set, this library will automatically add nonce and perform appropriate validation of the ID Token. It is recommended that the default implementation of this parameter be used wherever possible.

See Also:

“OpenID Connect Core 1.0, Section 3.1.2.1 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.1.2.1”

setCodeVerifier

@NonNull
public AuthorizationRequest.Builder setCodeVerifier(@Nullable
                                                    String codeVerifier)

Specifies the code verifier to use for this authorization request.

The default challenge method (typically AuthorizationRequest.CODE_CHALLENGE_METHOD_S256) implemented by CodeVerifierUtil will be used, and a challenge will be generated using this method. If the use of a code verifier is not desired, set the code verifier to null.

See Also:

“Proof Key for Code Exchange by OAuth Public Clients (RFC 7636), Section 4.3 https://tools.ietf.org/html/rfc7636#section-4.3”

setCodeVerifier

@NonNull
public AuthorizationRequest.Builder setCodeVerifier(@Nullable
                                                    String codeVerifier,
                                                    @Nullable
                                                    String codeVerifierChallenge,
                                                    @Nullable
                                                    String codeVerifierChallengeMethod)

Specifies the code verifier, challenge and method strings to use for this authorization request.

If these values are not explicitly set, they will be automatically generated and used. It is recommended that this default behavior be used wherever possible. If a null code verifier is set (to indicate that a code verifier is not to be used), then the challenge and method must also be null. If a non-null code verifier is set, the code verifier challenge and method must also be set.

See Also:

“Proof Key for Code Exchange by OAuth Public Clients (RFC 7636), Section 4.3 https://tools.ietf.org/html/rfc7636#section-4.3”

setResponseMode

@NonNull
public AuthorizationRequest.Builder setResponseMode(@Nullable
                                                    String responseMode)

Specifies the response mode to be used for returning authorization response parameters from the authorization endpoint.

See Also:

“OpenID Connect Core 1.0, Section 3.1.2.1 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.1.2.1”, “OAuth 2.0 Multiple Response Type Encoding Practices, Section 2 http://openid.net/specs/oauth-v2-multiple-response-types-1_0.html#rfc.section.2”

setClaims

@NonNull
public AuthorizationRequest.Builder setClaims(@Nullable
                                              JSONObject claims)

Requests that specific Claims be returned.

The value is a JSON object listing the requested Claims.

See Also:

“OpenID Connect Core 1.0, Section 5.5 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.5.5”

setClaimsLocales

public AuthorizationRequest.Builder setClaimsLocales(@Nullable
                                                     String claimsLocales)

End-User’s preferred languages and scripts for Claims being returned, represented as a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference.

See Also:

“OpenID Connect Core 1.0, Section 5.2 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.5.2”

setClaimsLocalesValues

@NonNull
public AuthorizationRequest.Builder setClaimsLocalesValues(@Nullable
                                                           String... claimsLocalesValues)

End-User’s preferred languages and scripts for Claims being returned, represented as a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference.

See Also:

“OpenID Connect Core 1.0, Section 5.2 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.5.2”

setClaimsLocalesValues

@NonNull
public AuthorizationRequest.Builder setClaimsLocalesValues(@Nullable
                                                           Iterable<String> claimsLocalesValues)

End-User’s preferred languages and scripts for Claims being returned, represented as a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference.

See Also:

“OpenID Connect Core 1.0, Section 5.2 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.5.2”

setAdditionalParameters

@NonNull
public AuthorizationRequest.Builder setAdditionalParameters(@Nullable
                                                            Map<String,String> additionalParameters)

Specifies additional parameters.

Replaces any previously provided set of parameters. Parameter keys and values cannot be null or empty.

See Also:

“The OAuth 2.0 Authorization Framework (RFC 6749), Section 3.1 https://tools.ietf.org/html/rfc6749#section-3.1”

build

@NonNull
public AuthorizationRequest build()

Constructs the authorization request.

At a minimum the following fields must have been set:

• The client ID
• The expected response type
• The redirect URI

Failure to specify any of these parameters will result in a runtime exception.