Package net.shibboleth.oidc.profile.core

Class OIDCAuthenticationRequest

  • public class OIDCAuthenticationRequest
extends OAuthAuthorizationRequest
    OpenID Connect Authentication Request. Extends the OAuth 2.0 authorization request.

    This class is mutable (unlike the Nimbus variant) and not thread-safe.

    • Field Detail

      • requestObject

        @Nullable
private com.nimbusds.jwt.JWT requestObject
        The request object. Optional.

      • requestObjectClaimsSet

        @Nullable
private com.nimbusds.openid.connect.sdk.claims.ClaimsSet requestObjectClaimsSet
        The claims used to build a request object JWT. Is temporary in nature, once the requestObject is built these should be blanked or not used.

      • requestURI

        @Nullable
private URI requestURI
        The request URI. Optional.

      • requestedClaims

        @Nullable
private com.nimbusds.openid.connect.sdk.OIDCClaimsRequest requestedClaims
        Individual requested claims.

      • providerSupportsClaimsParameter

        private boolean providerSupportsClaimsParameter
        Does the OpenID Provider support the claims parameter? Typically taken from its metadata.

      • loginHint

        @Nullable
private String loginHint
        Hint to the Authorization Server about the login identifier the End-User might use to log in.

      • display

        @Nullable
private com.nimbusds.openid.connect.sdk.Display display
        ASCII string value that specifies how the Authorization Server displays the authentication and consent user interface pages to the End-User.

      • prompt

        @Nullable
private com.nimbusds.openid.connect.sdk.Prompt prompt
        Space delimited, case sensitive list of ASCII string values that specifies whether the Authorization Server prompts the End-User for reauthentication and consent.

      • maxAge

        @Nullable
private Duration maxAge
        Specifies the allowable elapsed time in seconds since the last time the End-User was actively authenticated by the OP.

      • acrs

        @Nonnull
@NotLive
private List<com.nimbusds.openid.connect.sdk.claims.ACR> acrs
        List of requested authentication context class reference values. Values appear in order of preference. Optional.

      • nonce

        @Nullable
private com.nimbusds.openid.connect.sdk.Nonce nonce
        The nonce.

      • authnRequestTime

        @Nullable
private Instant authnRequestTime
        The time at which the RP made the authentication request to the OP.

    • Constructor Detail

      • OIDCAuthenticationRequest

        public OIDCAuthenticationRequest​(@Nonnull
                                 com.nimbusds.oauth2.sdk.id.ClientID id)
        Constructor.
        Parameters:
        id - the clientID.

    • Method Detail

      • setRequestObjectClaimsSet

        public void setRequestObjectClaimsSet​(@Nullable
                                      com.nimbusds.openid.connect.sdk.claims.ClaimsSet claims)
        Set the request object claims set.
        Parameters:
        claims - the claims
        Since:
        2.2.0

      • getRequestObjectClaimsSet

        @Nullable
public com.nimbusds.openid.connect.sdk.claims.ClaimsSet getRequestObjectClaimsSet()
        Get the request object claims set. If the requestObject JWT has already been built, null is returned to indicate these claims are no longer 'live' and will not be reused.
        Returns:
        the request object claims
        Since:
        2.2.0

      • getRequestObject

        @Nullable
public com.nimbusds.jwt.JWT getRequestObject()
        Get the request object.
        Returns:
        Returns the request object.

      • setRequestObject

        public void setRequestObject​(@Nullable
                             com.nimbusds.jwt.JWT object)
        Set the request object.
        Parameters:
        object - The request object to set.

      • getRequestURI

        @Nullable
public URI getRequestURI()
        Get the URI to fetch the request object from.
        Returns:
        Returns the requestURI.

      • setRequestURI

        public void setRequestURI​(@Nullable
                          URI uri)
        Set the URI to fetch the request object from.
        Parameters:
        uri - The requestURI to set.

      • setRequestedClaims

        public void setRequestedClaims​(@Nullable
                               com.nimbusds.openid.connect.sdk.OIDCClaimsRequest claims)
        Set any individual requested claims.
        Parameters:
        claims - the requested claims.
        Since:
        2.2.0

      • getRequestedClaims

        @Nullable
public com.nimbusds.openid.connect.sdk.OIDCClaimsRequest getRequestedClaims()
        Get the requested claims.
        Returns:
        the requested claims.
        Since:
        2.2.0

      • providerSupportsClaimsParameter

        public boolean providerSupportsClaimsParameter()
        Does the OpenID Provider support the claims parameter?
        Returns:
        true if it does, false otherwise.
        Since:
        2.2.0

      • setProviderSupportsClaimsParameter

        public void setProviderSupportsClaimsParameter​(boolean flag)
        Sets the support for the claims authorisation request parameter.
        Parameters:
        flag - true if supported, false otherwise.
        Since:
        2.2.0

      • setLoginHint

        public void setLoginHint​(@Nullable
                         String hint)
        Sets the login_hint authorisation request parameter.
        Parameters:
        hint - the login hint
        Since:
        2.2.0

      • getLoginHint

        @Nullable
public String getLoginHint()
        Get the login_hint parameter.
        Returns:
        the login_hint parameter
        Since:
        2.2.0

      • getDisplay

        @Nullable
public com.nimbusds.openid.connect.sdk.Display getDisplay()
        Get the display.
        Returns:
        the display.

      • setDisplay

        public void setDisplay​(@Nullable
                       com.nimbusds.openid.connect.sdk.Display theDisplay)
        Set the display.
        Parameters:
        theDisplay - The display to set.

      • getPrompt

        @Nullable
public com.nimbusds.openid.connect.sdk.Prompt getPrompt()
        Get the prompt.
        Returns:
        the prompt.

      • setPrompt

        public void setPrompt​(@Nullable
                      com.nimbusds.openid.connect.sdk.Prompt thePrompt)
        Set the prompt.
        Parameters:
        thePrompt - The prompt to set.

      • getMaxAge

        @Nullable
public Duration getMaxAge()
        Get the max age.
        Returns:
        the maxAge.

      • setMaxAge

        public void setMaxAge​(@Nullable
                      Duration max)
        Set the max age.
        Parameters:
        max - The maxAge to set.

      • getAcrs

        @Nonnull
@NotLive
@Unmodifiable
public List<com.nimbusds.openid.connect.sdk.claims.ACR> getAcrs()
        Get the ACRs.
        Returns:
        the acrs.

      • setAcrs

        public void setAcrs​(@Nullable
                    List<com.nimbusds.openid.connect.sdk.claims.ACR> theAcrs)
        Set the ACRs.
        Parameters:
        theAcrs - The acrs to set.

      • getNonce

        @Nullable
public com.nimbusds.openid.connect.sdk.Nonce getNonce()
        Get the nonce.
        Returns:
        the nonce.

      • setNonce

        public void setNonce​(@Nullable
                     com.nimbusds.openid.connect.sdk.Nonce theNonce)
        Set the nonce.
        Parameters:
        theNonce - The nonce to set.

      • setAuthnRequestTime

        public void setAuthnRequestTime​(@Nullable
                                Instant time)
        Set the time at which this RP sent this authentication request to the OP.
        Parameters:
        time - the time the request was made
        Since:
        2.2.0

      • getAuthnRequestTime

        @Nullable
public Instant getAuthnRequestTime()
        Get the time at which this RP sent this authentication request to the OP.
        Returns:
        the time the request was made
        Since:
        2.2.0