Package net.openid.appauth

Class AuthorizationServiceDiscovery

java.lang.Object

net.openid.appauth.AuthorizationServiceDiscovery

public class AuthorizationServiceDiscovery
extends Object

An OpenID Connect 1.0 Discovery Document.

See Also:

“OpenID Connect discovery 1.0, Section 3 https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3”

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	AuthorizationServiceDiscovery.MissingArgumentException	Thrown when a mandatory property is missing from the discovery document.

Field Summary

Fields

Modifier and Type	Field	Description
JSONObject	docJson	The JSON representation of the discovery document.

Constructor Summary

Constructors

Constructor	Description
AuthorizationServiceDiscovery(JSONObject discoveryDoc)	Extracts a discovery document from its standard JSON representation.

Method Summary

Modifier and Type	Method	Description
List<String>	getAcrValuesSupported()	The authentication context class references supported.
Uri	getAuthorizationEndpoint()	The OAuth 2 authorization endpoint URI.
List<String>	getClaimsLocalesSupported()	Languages and scripts supported for values in claims being returned.
List<String>	getClaimsSupported()	The claim names of the claims that the provider may be able to supply values for.
List<String>	getClaimTypesSupported()	The claim types supported.
List<String>	getDisplayValuesSupported()	The display parameter values supported.
Uri	getEndSessionEndpoint()	The OAuth 2 emd session endpoint URI.
List<String>	getGrantTypesSupported()	The OAuth 2 grant_type values supported.
List<String>	getIdTokenEncryptionAlgorithmValuesSupported()	The JWE encryption algorithms (alg values) supported for encoding ID token claims.
List<String>	getIdTokenEncryptionEncodingValuesSupported()	The JWE encryption encodings (enc values) supported for encoding ID token claims.
List<String>	getIdTokenSigningAlgorithmValuesSupported()	The JWS signing algorithms (alg values) supported for encoding ID token claims.
String	getIssuer()	The asserted issuer identifier.
Uri	getJwksUri()	The JSON web key set document URI.
Uri	getOpPolicyUri()	A page articulating the policy regarding the use of data provided by the provider.
Uri	getOpTosUri()	A page articulating the terms of service for the provider.
Uri	getRegistrationEndpoint()	The dynamic client registration endpoint URI.
List<String>	getRequestObjectEncryptionAlgorithmValuesSupported()	The JWE encryption algorithms (alg values) supported for Request Objects.
List<String>	getRequestObjectEncryptionEncodingValuesSupported()	The JWE encryption encodings (enc values) supported for Request Objects.
List<String>	getRequestObjectSigningAlgorithmValuesSupported()	The JWS signing algorithms (alg values) supported for Request Objects.
List<String>	getResponseModesSupported()	The OAuth 2 response_mode values supported.
List<String>	getResponseTypesSupported()	The OAuth 2 response_type values supported.
List<String>	getScopesSupported()	The OAuth 2 scope values supported.
Uri	getServiceDocumentation()	A page containing human-readable information that developers might want or need to know when using this provider.
List<String>	getSubjectTypesSupported()	The subject identifier types supported.
Uri	getTokenEndpoint()	The OAuth 2 token endpoint URI.
List<String>	getTokenEndpointAuthMethodsSupported()	The client authentication methods supported by the token endpoint.
List<String>	getTokenEndpointAuthSigningAlgorithmValuesSupported()	The JWS signing algorithms (alg values) supported by the token endpoint for the signature on the JWT used to authenticate the client for the private_key_jwt and client_secret_jwt authentication methods.
List<String>	getUiLocalesSupported()	Languages and scripts supported for the user interface.
List<String>	getUserinfoEncryptionAlgorithmValuesSupported()	The JWE encryption algorithms (alg values) supported by the UserInfo Endpoint for encoding ID token claims.
List<String>	getUserinfoEncryptionEncodingValuesSupported()	The JWE encryption encodings (enc values) supported by the UserInfo Endpoint for encoding ID token claims.
Uri	getUserinfoEndpoint()	The OpenID Connect UserInfo endpoint URI.
List<String>	getUserinfoSigningAlgorithmValuesSupported()	The JWS signing algorithms (alg values) supported by the UserInfo Endpoint for encoding ID token claims.
boolean	isClaimsParameterSupported()	Specifies whether the claims parameter is supported for authorization requests.
boolean	isRequestParameterSupported()	Specifies whether the request parameter is supported for authorization requests.
boolean	isRequestUriParameterSupported()	Specifies whether the request_uri parameter is supported for authorization requests.
boolean	requireRequestUriRegistration()	Specifies whether request_uri values are required to be pre-registered before use.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

docJson

@NonNull
public final JSONObject docJson

The JSON representation of the discovery document.

Constructor Detail

AuthorizationServiceDiscovery

public AuthorizationServiceDiscovery(@NonNull
                                     JSONObject discoveryDoc)
                              throws JSONException,
                                     AuthorizationServiceDiscovery.MissingArgumentException

Extracts a discovery document from its standard JSON representation.

Throws:

JSONException - if the provided JSON does not match the expected structure.

AuthorizationServiceDiscovery.MissingArgumentException - if a mandatory property is missing from the discovery document.

Method Detail

getIssuer

@NonNull
public String getIssuer()

The asserted issuer identifier.

getAuthorizationEndpoint

@NonNull
public Uri getAuthorizationEndpoint()

The OAuth 2 authorization endpoint URI.

getTokenEndpoint

@Nullable
public Uri getTokenEndpoint()

The OAuth 2 token endpoint URI.

Not specified if only the implicit flow is used.

getEndSessionEndpoint

public Uri getEndSessionEndpoint()

The OAuth 2 emd session endpoint URI.

Not specified test OAuth implementation

getUserinfoEndpoint

@Nullable
public Uri getUserinfoEndpoint()

The OpenID Connect UserInfo endpoint URI.

getJwksUri

@NonNull
public Uri getJwksUri()

The JSON web key set document URI.

See Also:

“JSON Web Key (RFC 7517) http://tools.ietf.org/html/rfc7517”

getRegistrationEndpoint

@Nullable
public Uri getRegistrationEndpoint()

The dynamic client registration endpoint URI.

getScopesSupported

public List<String> getScopesSupported()

The OAuth 2 scope values supported.

See Also:

“OpenID Connect Dynamic Client Registration 1.0 https://openid.net/specs/openid-connect-discovery-1_0.html”

getResponseTypesSupported

@NonNull
public List<String> getResponseTypesSupported()

The OAuth 2 response_type values supported.

getResponseModesSupported

@Nullable
public List<String> getResponseModesSupported()

The OAuth 2 response_mode values supported.

See Also:

“OAuth 2.0 Multiple Response Type Encoding Practices http://openid.net/specs/oauth-v2-multiple-response-types-1_0.html”

getGrantTypesSupported

@NonNull
public List<String> getGrantTypesSupported()

The OAuth 2 grant_type values supported.

Defaults to authorization_code and implicit if not specified in the discovery document, as suggested by the discovery specification.

getAcrValuesSupported

public List<String> getAcrValuesSupported()

The authentication context class references supported.

getSubjectTypesSupported

@NonNull
public List<String> getSubjectTypesSupported()

The subject identifier types supported.

getIdTokenSigningAlgorithmValuesSupported

@NonNull
public List<String> getIdTokenSigningAlgorithmValuesSupported()

The JWS signing algorithms (alg values) supported for encoding ID token claims.

See Also:

“JSON Web Token (RFC 7519) https://tools.ietf.org/html/rfc7519”

getIdTokenEncryptionAlgorithmValuesSupported

@Nullable
public List<String> getIdTokenEncryptionAlgorithmValuesSupported()

The JWE encryption algorithms (alg values) supported for encoding ID token claims.

See Also:

“JSON Web Token (RFC 7519) https://tools.ietf.org/html/rfc7519”

getIdTokenEncryptionEncodingValuesSupported

@Nullable
public List<String> getIdTokenEncryptionEncodingValuesSupported()

The JWE encryption encodings (enc values) supported for encoding ID token claims.

See Also:

“JSON Web Token (RFC 7519) https://tools.ietf.org/html/rfc7519”

getUserinfoSigningAlgorithmValuesSupported

@Nullable
public List<String> getUserinfoSigningAlgorithmValuesSupported()

The JWS signing algorithms (alg values) supported by the UserInfo Endpoint for encoding ID token claims.

See Also:

“JSON Web Signature (RFC 7515) https://tools.ietf.org/html/rfc7515”, “JSON Web Algorithms (RFC 7518) https://tools.ietf.org/html/rfc7518”, “JSON Web Token (RFC 7519) https://tools.ietf.org/html/rfc7519”

getUserinfoEncryptionAlgorithmValuesSupported

@Nullable
public List<String> getUserinfoEncryptionAlgorithmValuesSupported()

The JWE encryption algorithms (alg values) supported by the UserInfo Endpoint for encoding ID token claims.

See Also:

“JSON Web Signature (RFC 7515) https://tools.ietf.org/html/rfc7515”, “JSON Web Algorithms (RFC 7518) https://tools.ietf.org/html/rfc7518”, “JSON Web Token (RFC 7519) https://tools.ietf.org/html/rfc7519”

getUserinfoEncryptionEncodingValuesSupported

@Nullable
public List<String> getUserinfoEncryptionEncodingValuesSupported()

The JWE encryption encodings (enc values) supported by the UserInfo Endpoint for encoding ID token claims.

See Also:

“JSON Web Token (RFC 7519) https://tools.ietf.org/html/rfc7519”

getRequestObjectSigningAlgorithmValuesSupported

public List<String> getRequestObjectSigningAlgorithmValuesSupported()

The JWS signing algorithms (alg values) supported for Request Objects.

See Also:

“OpenID Connect Core 1.0, Section 6.1 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.6.1”

getRequestObjectEncryptionAlgorithmValuesSupported

@Nullable
public List<String> getRequestObjectEncryptionAlgorithmValuesSupported()

The JWE encryption algorithms (alg values) supported for Request Objects.

getRequestObjectEncryptionEncodingValuesSupported

@Nullable
public List<String> getRequestObjectEncryptionEncodingValuesSupported()

The JWE encryption encodings (enc values) supported for Request Objects.

getTokenEndpointAuthMethodsSupported

@NonNull
public List<String> getTokenEndpointAuthMethodsSupported()

The client authentication methods supported by the token endpoint.

Defaults to client_secret_basic if the discovery document does not specify a value, as suggested by the discovery specification.

See Also:

“OpenID Connect Core 1.0, Section 9 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.9”, “The OAuth 2.0 Authorization Framework (RFC 6749), Section 2.3.1 https://tools.ietf.org/html/rfc6749#section-2.3.1”

getTokenEndpointAuthSigningAlgorithmValuesSupported

@Nullable
public List<String> getTokenEndpointAuthSigningAlgorithmValuesSupported()

The JWS signing algorithms (alg values) supported by the token endpoint for the signature on the JWT used to authenticate the client for the private_key_jwt and client_secret_jwt authentication methods.

See Also:

“JSON Web Token (RFC 7519) https://tools.ietf.org/html/rfc7519”

getDisplayValuesSupported

@Nullable
public List<String> getDisplayValuesSupported()

The display parameter values supported.

See Also:

“OpenID Connect Core 1.0, Section 3.1.2.1 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.1.2.1”

getClaimTypesSupported

public List<String> getClaimTypesSupported()

The claim types supported.

Defaults to normal if not specified by the discovery document JSON, as suggested by the discovery specification.

See Also:

“OpenID Connect Core 1.0, Section 5.6 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.5.6”

getClaimsSupported

@Nullable
public List<String> getClaimsSupported()

The claim names of the claims that the provider may be able to supply values for.

getServiceDocumentation

@Nullable
public Uri getServiceDocumentation()

A page containing human-readable information that developers might want or need to know when using this provider.

getClaimsLocalesSupported

@Nullable
public List<String> getClaimsLocalesSupported()

Languages and scripts supported for values in claims being returned.

Represented as a list of BCP47 language tag values.

See Also:

“Tags for Identifying Languages (RFC 5646) http://tools.ietf.org/html/rfc5646”

getUiLocalesSupported

@Nullable
public List<String> getUiLocalesSupported()

Languages and scripts supported for the user interface.

Represented as a list of BCP47 language tag values.

See Also:

“Tags for Identifying Languages (RFC 5646) http://tools.ietf.org/html/rfc5646”

isClaimsParameterSupported

public boolean isClaimsParameterSupported()

Specifies whether the claims parameter is supported for authorization requests.

See Also:

“OpenID Connect Core 1.0, Section 5.5 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.5.5”

isRequestParameterSupported

public boolean isRequestParameterSupported()

Specifies whether the request parameter is supported for authorization requests.

See Also:

“OpenID Connect Core 1.0, Section 6.1 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.6.1”

isRequestUriParameterSupported

public boolean isRequestUriParameterSupported()

Specifies whether the request_uri parameter is supported for authorization requests.

See Also:

“OpenID Connect Core 1.0, Section 6.2 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.6.2”

requireRequestUriRegistration

public boolean requireRequestUriRegistration()

Specifies whether request_uri values are required to be pre-registered before use.

See Also:

“OpenID Connect Core 1.0, Section 6.2 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.6.2”

getOpPolicyUri

@Nullable
public Uri getOpPolicyUri()

A page articulating the policy regarding the use of data provided by the provider.

getOpTosUri

@Nullable
public Uri getOpTosUri()

A page articulating the terms of service for the provider.