Package net.openid.appauth
Class AuthorizationServiceDiscovery
- java.lang.Object
-
- net.openid.appauth.AuthorizationServiceDiscovery
-
public class AuthorizationServiceDiscovery extends Object
An OpenID Connect 1.0 Discovery Document.- See Also:
“OpenID Connect discovery 1.0, Section 3 https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3”
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
AuthorizationServiceDiscovery.MissingArgumentException
Thrown when a mandatory property is missing from the discovery document.
-
Field Summary
Fields Modifier and Type Field Description JSONObject
docJson
The JSON representation of the discovery document.
-
Constructor Summary
Constructors Constructor Description AuthorizationServiceDiscovery(JSONObject discoveryDoc)
Extracts a discovery document from its standard JSON representation.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description List<String>
getAcrValuesSupported()
The authentication context class references supported.Uri
getAuthorizationEndpoint()
The OAuth 2 authorization endpoint URI.List<String>
getClaimsLocalesSupported()
Languages and scripts supported for values in claims being returned.List<String>
getClaimsSupported()
The claim names of the claims that the provider may be able to supply values for.List<String>
getClaimTypesSupported()
The claim types supported.List<String>
getDisplayValuesSupported()
Thedisplay
parameter values supported.Uri
getEndSessionEndpoint()
The OAuth 2 emd session endpoint URI.List<String>
getGrantTypesSupported()
The OAuth 2grant_type
values supported.List<String>
getIdTokenEncryptionAlgorithmValuesSupported()
The JWE encryption algorithms (alg values) supported for encoding ID token claims.List<String>
getIdTokenEncryptionEncodingValuesSupported()
The JWE encryption encodings (enc values) supported for encoding ID token claims.List<String>
getIdTokenSigningAlgorithmValuesSupported()
The JWS signing algorithms (alg values) supported for encoding ID token claims.String
getIssuer()
The asserted issuer identifier.Uri
getJwksUri()
The JSON web key set document URI.Uri
getOpPolicyUri()
A page articulating the policy regarding the use of data provided by the provider.Uri
getOpTosUri()
A page articulating the terms of service for the provider.Uri
getRegistrationEndpoint()
The dynamic client registration endpoint URI.List<String>
getRequestObjectEncryptionAlgorithmValuesSupported()
The JWE encryption algorithms (alg values) supported for Request Objects.List<String>
getRequestObjectEncryptionEncodingValuesSupported()
The JWE encryption encodings (enc values) supported for Request Objects.List<String>
getRequestObjectSigningAlgorithmValuesSupported()
The JWS signing algorithms (alg values) supported for Request Objects.List<String>
getResponseModesSupported()
The OAuth 2response_mode
values supported.List<String>
getResponseTypesSupported()
The OAuth 2response_type
values supported.List<String>
getScopesSupported()
The OAuth 2scope
values supported.Uri
getServiceDocumentation()
A page containing human-readable information that developers might want or need to know when using this provider.List<String>
getSubjectTypesSupported()
The subject identifier types supported.Uri
getTokenEndpoint()
The OAuth 2 token endpoint URI.List<String>
getTokenEndpointAuthMethodsSupported()
The client authentication methods supported by the token endpoint.List<String>
getTokenEndpointAuthSigningAlgorithmValuesSupported()
The JWS signing algorithms (alg values) supported by the token endpoint for the signature on the JWT used to authenticate the client for theprivate_key_jwt
andclient_secret_jwt
authentication methods.List<String>
getUiLocalesSupported()
Languages and scripts supported for the user interface.List<String>
getUserinfoEncryptionAlgorithmValuesSupported()
The JWE encryption algorithms (alg values) supported by the UserInfo Endpoint for encoding ID token claims.List<String>
getUserinfoEncryptionEncodingValuesSupported()
The JWE encryption encodings (enc values) supported by the UserInfo Endpoint for encoding ID token claims.Uri
getUserinfoEndpoint()
The OpenID Connect UserInfo endpoint URI.List<String>
getUserinfoSigningAlgorithmValuesSupported()
The JWS signing algorithms (alg values) supported by the UserInfo Endpoint for encoding ID token claims.boolean
isClaimsParameterSupported()
Specifies whether theclaims
parameter is supported for authorization requests.boolean
isRequestParameterSupported()
Specifies whether therequest
parameter is supported for authorization requests.boolean
isRequestUriParameterSupported()
Specifies whether therequest_uri
parameter is supported for authorization requests.boolean
requireRequestUriRegistration()
Specifies whetherrequest_uri
values are required to be pre-registered before use.
-
-
-
Field Detail
-
docJson
@NonNull public final JSONObject docJson
The JSON representation of the discovery document.
-
-
Constructor Detail
-
AuthorizationServiceDiscovery
public AuthorizationServiceDiscovery(@NonNull JSONObject discoveryDoc) throws JSONException, AuthorizationServiceDiscovery.MissingArgumentException
Extracts a discovery document from its standard JSON representation.- Throws:
JSONException
- if the provided JSON does not match the expected structure.AuthorizationServiceDiscovery.MissingArgumentException
- if a mandatory property is missing from the discovery document.
-
-
Method Detail
-
getAuthorizationEndpoint
@NonNull public Uri getAuthorizationEndpoint()
The OAuth 2 authorization endpoint URI.
-
getTokenEndpoint
@Nullable public Uri getTokenEndpoint()
The OAuth 2 token endpoint URI.Not specified if only the implicit flow is used.
-
getEndSessionEndpoint
public Uri getEndSessionEndpoint()
The OAuth 2 emd session endpoint URI.Not specified test OAuth implementation
-
getUserinfoEndpoint
@Nullable public Uri getUserinfoEndpoint()
The OpenID Connect UserInfo endpoint URI.
-
getJwksUri
@NonNull public Uri getJwksUri()
The JSON web key set document URI.- See Also:
“JSON Web Key (RFC 7517) http://tools.ietf.org/html/rfc7517”
-
getRegistrationEndpoint
@Nullable public Uri getRegistrationEndpoint()
The dynamic client registration endpoint URI.
-
getScopesSupported
public List<String> getScopesSupported()
The OAuth 2scope
values supported.- See Also:
“OpenID Connect Dynamic Client Registration 1.0 https://openid.net/specs/openid-connect-discovery-1_0.html”
-
getResponseTypesSupported
@NonNull public List<String> getResponseTypesSupported()
The OAuth 2response_type
values supported.
-
getResponseModesSupported
@Nullable public List<String> getResponseModesSupported()
The OAuth 2response_mode
values supported.- See Also:
“OAuth 2.0 Multiple Response Type Encoding Practices http://openid.net/specs/oauth-v2-multiple-response-types-1_0.html”
-
getGrantTypesSupported
@NonNull public List<String> getGrantTypesSupported()
The OAuth 2grant_type
values supported.Defaults to
authorization_code
andimplicit
if not specified in the discovery document, as suggested by the discovery specification.
-
getAcrValuesSupported
public List<String> getAcrValuesSupported()
The authentication context class references supported.
-
getSubjectTypesSupported
@NonNull public List<String> getSubjectTypesSupported()
The subject identifier types supported.
-
getIdTokenSigningAlgorithmValuesSupported
@NonNull public List<String> getIdTokenSigningAlgorithmValuesSupported()
The JWS signing algorithms (alg values) supported for encoding ID token claims.- See Also:
“JSON Web Token (RFC 7519) https://tools.ietf.org/html/rfc7519”
-
getIdTokenEncryptionAlgorithmValuesSupported
@Nullable public List<String> getIdTokenEncryptionAlgorithmValuesSupported()
The JWE encryption algorithms (alg values) supported for encoding ID token claims.- See Also:
“JSON Web Token (RFC 7519) https://tools.ietf.org/html/rfc7519”
-
getIdTokenEncryptionEncodingValuesSupported
@Nullable public List<String> getIdTokenEncryptionEncodingValuesSupported()
The JWE encryption encodings (enc values) supported for encoding ID token claims.- See Also:
“JSON Web Token (RFC 7519) https://tools.ietf.org/html/rfc7519”
-
getUserinfoSigningAlgorithmValuesSupported
@Nullable public List<String> getUserinfoSigningAlgorithmValuesSupported()
The JWS signing algorithms (alg values) supported by the UserInfo Endpoint for encoding ID token claims.- See Also:
“JSON Web Signature (RFC 7515) https://tools.ietf.org/html/rfc7515”
,“JSON Web Algorithms (RFC 7518) https://tools.ietf.org/html/rfc7518”
,“JSON Web Token (RFC 7519) https://tools.ietf.org/html/rfc7519”
-
getUserinfoEncryptionAlgorithmValuesSupported
@Nullable public List<String> getUserinfoEncryptionAlgorithmValuesSupported()
The JWE encryption algorithms (alg values) supported by the UserInfo Endpoint for encoding ID token claims.- See Also:
“JSON Web Signature (RFC 7515) https://tools.ietf.org/html/rfc7515”
,“JSON Web Algorithms (RFC 7518) https://tools.ietf.org/html/rfc7518”
,“JSON Web Token (RFC 7519) https://tools.ietf.org/html/rfc7519”
-
getUserinfoEncryptionEncodingValuesSupported
@Nullable public List<String> getUserinfoEncryptionEncodingValuesSupported()
The JWE encryption encodings (enc values) supported by the UserInfo Endpoint for encoding ID token claims.- See Also:
“JSON Web Token (RFC 7519) https://tools.ietf.org/html/rfc7519”
-
getRequestObjectSigningAlgorithmValuesSupported
public List<String> getRequestObjectSigningAlgorithmValuesSupported()
The JWS signing algorithms (alg values) supported for Request Objects.- See Also:
“OpenID Connect Core 1.0, Section 6.1 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.6.1”
-
getRequestObjectEncryptionAlgorithmValuesSupported
@Nullable public List<String> getRequestObjectEncryptionAlgorithmValuesSupported()
The JWE encryption algorithms (alg values) supported for Request Objects.
-
getRequestObjectEncryptionEncodingValuesSupported
@Nullable public List<String> getRequestObjectEncryptionEncodingValuesSupported()
The JWE encryption encodings (enc values) supported for Request Objects.
-
getTokenEndpointAuthMethodsSupported
@NonNull public List<String> getTokenEndpointAuthMethodsSupported()
The client authentication methods supported by the token endpoint.Defaults to
client_secret_basic
if the discovery document does not specify a value, as suggested by the discovery specification.- See Also:
“OpenID Connect Core 1.0, Section 9 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.9”
,“The OAuth 2.0 Authorization Framework (RFC 6749), Section 2.3.1 https://tools.ietf.org/html/rfc6749#section-2.3.1”
-
getTokenEndpointAuthSigningAlgorithmValuesSupported
@Nullable public List<String> getTokenEndpointAuthSigningAlgorithmValuesSupported()
The JWS signing algorithms (alg values) supported by the token endpoint for the signature on the JWT used to authenticate the client for theprivate_key_jwt
andclient_secret_jwt
authentication methods.- See Also:
“JSON Web Token (RFC 7519) https://tools.ietf.org/html/rfc7519”
-
getDisplayValuesSupported
@Nullable public List<String> getDisplayValuesSupported()
Thedisplay
parameter values supported.- See Also:
“OpenID Connect Core 1.0, Section 3.1.2.1 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.1.2.1”
-
getClaimTypesSupported
public List<String> getClaimTypesSupported()
The claim types supported.Defaults to
normal
if not specified by the discovery document JSON, as suggested by the discovery specification.- See Also:
“OpenID Connect Core 1.0, Section 5.6 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.5.6”
-
getClaimsSupported
@Nullable public List<String> getClaimsSupported()
The claim names of the claims that the provider may be able to supply values for.
-
getServiceDocumentation
@Nullable public Uri getServiceDocumentation()
A page containing human-readable information that developers might want or need to know when using this provider.
-
getClaimsLocalesSupported
@Nullable public List<String> getClaimsLocalesSupported()
Languages and scripts supported for values in claims being returned.Represented as a list of BCP47 language tag values.
- See Also:
“Tags for Identifying Languages (RFC 5646) http://tools.ietf.org/html/rfc5646”
-
getUiLocalesSupported
@Nullable public List<String> getUiLocalesSupported()
Languages and scripts supported for the user interface.Represented as a list of BCP47 language tag values.
- See Also:
“Tags for Identifying Languages (RFC 5646) http://tools.ietf.org/html/rfc5646”
-
isClaimsParameterSupported
public boolean isClaimsParameterSupported()
Specifies whether theclaims
parameter is supported for authorization requests.- See Also:
“OpenID Connect Core 1.0, Section 5.5 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.5.5”
-
isRequestParameterSupported
public boolean isRequestParameterSupported()
Specifies whether therequest
parameter is supported for authorization requests.- See Also:
“OpenID Connect Core 1.0, Section 6.1 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.6.1”
-
isRequestUriParameterSupported
public boolean isRequestUriParameterSupported()
Specifies whether therequest_uri
parameter is supported for authorization requests.- See Also:
“OpenID Connect Core 1.0, Section 6.2 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.6.2”
-
requireRequestUriRegistration
public boolean requireRequestUriRegistration()
Specifies whetherrequest_uri
values are required to be pre-registered before use.- See Also:
“OpenID Connect Core 1.0, Section 6.2 https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.6.2”
-
getOpPolicyUri
@Nullable public Uri getOpPolicyUri()
A page articulating the policy regarding the use of data provided by the provider.
-
getOpTosUri
@Nullable public Uri getOpTosUri()
A page articulating the terms of service for the provider.
-
-