Class TokenClaimsSet.Builder<T extends TokenClaimsSet>
- java.lang.Object
-
- org.geant.idpextension.oidc.token.support.TokenClaimsSet.Builder<T>
-
- Type Parameters:
T- claim set type
- Direct Known Subclasses:
AccessTokenClaimsSet.Builder,AuthorizeCodeClaimsSet.Builder
- Enclosing class:
- TokenClaimsSet
public abstract static class TokenClaimsSet.Builder<T extends TokenClaimsSet> extends Object
Abstract builder to extend builders from that are instantiating claims sets extending TokenClaimsSet.
-
-
Field Summary
Fields Modifier and Type Field Description protected com.nimbusds.openid.connect.sdk.claims.ACRacrAuthentication context class reference value of the authentication.protected InstantauthTimeAuthentication time of the user.protected com.nimbusds.openid.connect.sdk.ClaimsRequestclaimsClaims request of the authentication request.protected net.minidev.json.JSONArraycnsntdClaimsconsented claims.protected net.minidev.json.JSONArraycnsntlClaimsConsentable claims.protected StringcodeChallengeCode challenge.protected com.nimbusds.openid.connect.sdk.claims.ClaimsSetdlClaimsToken delivery claims delivered both for id token and userinfo response.protected com.nimbusds.openid.connect.sdk.claims.ClaimsSetdlClaimsIDToken delivery claims delivered for id token.protected com.nimbusds.openid.connect.sdk.claims.ClaimsSetdlClaimsUIToken delivery claims delivered for userinfo response.protected InstantexpExpiration time of the claims set.protected InstantiatIssue time of the claims set.protected net.shibboleth.utilities.java.support.security.IdentifierGenerationStrategyidGenGenerator for pseudo unique identifier for the claims set.protected StringissOP issuer value.protected com.nimbusds.openid.connect.sdk.NoncenonceNonce of the authentication request.protected URIredirectValidated redirect URI of the authentication request.protected com.nimbusds.oauth2.sdk.ScopereqScopeScope of the authentication request.protected com.nimbusds.oauth2.sdk.id.ClientIDrpIdClient Id of the rp.protected StringsubSubject claim value of the authenticated user.protected StringusrPrincipalUser Principal of the authenticated user.
-
Constructor Summary
Constructors Modifier Constructor Description protectedBuilder(net.shibboleth.utilities.java.support.security.IdentifierGenerationStrategy idGenerator, com.nimbusds.oauth2.sdk.id.ClientID clientID, String issuer, String userPrincipal, String subject, Instant issuedAt, Instant expiresAt, Instant authenticationTime, URI redirectURI, com.nimbusds.oauth2.sdk.Scope scope)Constructor for authorize code builder.
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description abstract Tbuild()Builds claims set.TokenClaimsSet.Builder<T>setACR(com.nimbusds.openid.connect.sdk.claims.ACR authenticationContextReference)Set authentication context class reference value of the authentication.TokenClaimsSet.Builder<T>setClaims(com.nimbusds.openid.connect.sdk.ClaimsRequest requestedClaims)Set claims request of the authentication request.TokenClaimsSet.Builder<T>setCodeChallenge(String challenge)Set code challenge.TokenClaimsSet.Builder<T>setConsentableClaims(net.minidev.json.JSONArray consentableClaims)Set consentable claims.TokenClaimsSet.Builder<T>setConsentedClaims(net.minidev.json.JSONArray consentedClaims)Set consented claims.TokenClaimsSet.Builder<T>setDlClaims(com.nimbusds.openid.connect.sdk.claims.ClaimsSet deliveryClaims)Set token delivery claims delivered both for id token and userinfo response.TokenClaimsSet.Builder<T>setDlClaimsID(com.nimbusds.openid.connect.sdk.claims.ClaimsSet deliveryClaimsIDToken)Set token delivery claims delivered for id token.TokenClaimsSet.Builder<T>setDlClaimsUI(com.nimbusds.openid.connect.sdk.claims.ClaimsSet deliveryClaimsUserInfo)Set token delivery claims delivered for userinfo response.TokenClaimsSet.Builder<T>setNonce(com.nimbusds.openid.connect.sdk.Nonce requestNonce)Set nonce of the authentication request.
-
-
-
Field Detail
-
idGen
@Nonnull protected net.shibboleth.utilities.java.support.security.IdentifierGenerationStrategy idGen
Generator for pseudo unique identifier for the claims set.
-
rpId
@Nonnull protected com.nimbusds.oauth2.sdk.id.ClientID rpId
Client Id of the rp.
-
iss
@Nonnull protected String iss
OP issuer value.
-
usrPrincipal
@Nonnull protected String usrPrincipal
User Principal of the authenticated user.
-
sub
@Nonnull protected String sub
Subject claim value of the authenticated user.
-
acr
@Nonnull protected com.nimbusds.openid.connect.sdk.claims.ACR acr
Authentication context class reference value of the authentication.
-
iat
@Nonnull protected Instant iat
Issue time of the claims set.
-
exp
@Nonnull protected Instant exp
Expiration time of the claims set.
-
authTime
@Nonnull protected Instant authTime
Authentication time of the user.
-
redirect
@Nonnull protected URI redirect
Validated redirect URI of the authentication request.
-
reqScope
@Nonnull protected com.nimbusds.oauth2.sdk.Scope reqScope
Scope of the authentication request.
-
nonce
@Nullable protected com.nimbusds.openid.connect.sdk.Nonce nonce
Nonce of the authentication request.
-
claims
@Nullable protected com.nimbusds.openid.connect.sdk.ClaimsRequest claims
Claims request of the authentication request.
-
dlClaims
@Nullable protected com.nimbusds.openid.connect.sdk.claims.ClaimsSet dlClaims
Token delivery claims delivered both for id token and userinfo response.
-
dlClaimsID
@Nullable protected com.nimbusds.openid.connect.sdk.claims.ClaimsSet dlClaimsID
Token delivery claims delivered for id token.
-
dlClaimsUI
@Nullable protected com.nimbusds.openid.connect.sdk.claims.ClaimsSet dlClaimsUI
Token delivery claims delivered for userinfo response.
-
cnsntlClaims
@Nullable protected net.minidev.json.JSONArray cnsntlClaims
Consentable claims.
-
cnsntdClaims
@Nullable protected net.minidev.json.JSONArray cnsntdClaims
consented claims.
-
codeChallenge
@Nullable protected String codeChallenge
Code challenge.
-
-
Constructor Detail
-
Builder
protected Builder(@Nonnull net.shibboleth.utilities.java.support.security.IdentifierGenerationStrategy idGenerator, @Nonnull com.nimbusds.oauth2.sdk.id.ClientID clientID, @Nonnull String issuer, @Nonnull String userPrincipal, @Nonnull String subject, @Nonnull Instant issuedAt, @Nonnull Instant expiresAt, @Nonnull Instant authenticationTime, @Nonnull URI redirectURI, @Nonnull com.nimbusds.oauth2.sdk.Scope scope)Constructor for authorize code builder.- Parameters:
idGenerator- Generator for pseudo unique identifier for the claims set. Must not be NULL.clientID- Client Id of the rp. Must not be NULL.issuer- OP issuer value. Must not be NULL.userPrincipal- User Principal of the authenticated user. Must not be NULL.subject- subject of the authenticated user. Must not be NULLissuedAt- Issue time of the authorize code. Must not be NULL.expiresAt- Expiration time of the authorize code. Must not be NULL.authenticationTime- Authentication time of the user. Must not be NULL.redirectURI- Validated redirect URI of the authentication request. Must not be NULL.scope- Scope of the authentication request. Must not be NULL.
-
-
Method Detail
-
setACR
public TokenClaimsSet.Builder<T> setACR(@Nullable com.nimbusds.openid.connect.sdk.claims.ACR authenticationContextReference)
Set authentication context class reference value of the authentication.- Parameters:
authenticationContextReference- authentication context class reference value of the authentication.- Returns:
- the builder
-
setNonce
public TokenClaimsSet.Builder<T> setNonce(@Nullable com.nimbusds.openid.connect.sdk.Nonce requestNonce)
Set nonce of the authentication request.- Parameters:
requestNonce- nonce of the authentication request.- Returns:
- the builder
-
setClaims
public TokenClaimsSet.Builder<T> setClaims(@Nullable com.nimbusds.openid.connect.sdk.ClaimsRequest requestedClaims)
Set claims request of the authentication request.- Parameters:
requestedClaims- claims request of the authentication request.- Returns:
- the builder
-
setDlClaims
public TokenClaimsSet.Builder<T> setDlClaims(@Nullable com.nimbusds.openid.connect.sdk.claims.ClaimsSet deliveryClaims)
Set token delivery claims delivered both for id token and userinfo response.- Parameters:
deliveryClaims- token delivery claims delivered both for id token and userinfo response.- Returns:
- the builder
-
setDlClaimsID
public TokenClaimsSet.Builder<T> setDlClaimsID(@Nullable com.nimbusds.openid.connect.sdk.claims.ClaimsSet deliveryClaimsIDToken)
Set token delivery claims delivered for id token.- Parameters:
deliveryClaimsIDToken- token delivery claims delivered for id token- Returns:
- the builder
-
setDlClaimsUI
public TokenClaimsSet.Builder<T> setDlClaimsUI(@Nullable com.nimbusds.openid.connect.sdk.claims.ClaimsSet deliveryClaimsUserInfo)
Set token delivery claims delivered for userinfo response.- Parameters:
deliveryClaimsUserInfo- token delivery claims delivered for userinfo response- Returns:
- the builder
-
setConsentableClaims
public TokenClaimsSet.Builder<T> setConsentableClaims(@Nullable net.minidev.json.JSONArray consentableClaims)
Set consentable claims.- Parameters:
consentableClaims- consentable claims- Returns:
- the builder
-
setConsentedClaims
public TokenClaimsSet.Builder<T> setConsentedClaims(@Nullable net.minidev.json.JSONArray consentedClaims)
Set consented claims.- Parameters:
consentedClaims- consented claims- Returns:
- the builder
-
setCodeChallenge
public TokenClaimsSet.Builder<T> setCodeChallenge(@Nullable String challenge)
Set code challenge.- Parameters:
challenge- code challenge- Returns:
- the builder
-
build
public abstract T build()
Builds claims set.- Returns:
- claims set instance.
-
-