Class AuthorizeCodeClaimsSet
- java.lang.Object
-
- net.shibboleth.idp.plugin.oidc.op.token.support.TokenClaimsSet
-
- net.shibboleth.idp.plugin.oidc.op.token.support.AuthorizeCodeClaimsSet
-
public final class AuthorizeCodeClaimsSet extends TokenClaimsSet
Class wrapping claims set for authorize code.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classAuthorizeCodeClaimsSet.BuilderBuilder to create instance of AuthorizeCodeClaimsSet.
-
Field Summary
Fields Modifier and Type Field Description static StringVALUE_TYPE_ACValue of authorize code claims set type.-
Fields inherited from class net.shibboleth.idp.plugin.oidc.op.token.support.TokenClaimsSet
KEY_AC_ID, KEY_ACR, KEY_AUTH_TIME, KEY_CLAIMS, KEY_CLIENTID, KEY_CODE_CHALLENGE, KEY_CONSENT_ENABLED, KEY_CONSENTED_CLAIMS, KEY_DELIVERY_CLAIMS, KEY_DELIVERY_CLAIMS_IDTOKEN, KEY_DELIVERY_CLAIMS_USERINFO, KEY_EXPIRATION_TIME, KEY_ISSUED_AT, KEY_ISSUER, KEY_NONCE, KEY_REDIRECT_URI, KEY_SCOPE, KEY_SUBJECT, KEY_TYPE, KEY_USER_PRINCIPAL
-
-
Constructor Summary
Constructors Modifier Constructor Description privateAuthorizeCodeClaimsSet(com.nimbusds.jwt.JWTClaimsSet authzCodeClaimsSet)Private constructor for the parser.privateAuthorizeCodeClaimsSet(IdentifierGenerationStrategy idGenerator, com.nimbusds.oauth2.sdk.id.ClientID clientID, String issuer, String userPrincipal, String subject, com.nimbusds.openid.connect.sdk.claims.ACR acr, Instant iat, Instant exp, com.nimbusds.openid.connect.sdk.Nonce nonce, Instant authTime, URI redirectURI, com.nimbusds.oauth2.sdk.Scope scope, com.nimbusds.openid.connect.sdk.OIDCClaimsRequest claims, com.nimbusds.openid.connect.sdk.claims.ClaimsSet dlClaims, com.nimbusds.openid.connect.sdk.claims.ClaimsSet dlClaimsID, com.nimbusds.openid.connect.sdk.claims.ClaimsSet dlClaimsUI, List<Object> consentedClaims, String codeChallenge, boolean consentEnabled)Constructor for authorize code claims set.
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static AuthorizeCodeClaimsSetparse(String authorizeCodeClaimsSet)Parses authz code from string (JSON).static AuthorizeCodeClaimsSetparse(String wrappedAuthCode, DataSealer dataSealer)Parses authz code from sealed authorization code.-
Methods inherited from class net.shibboleth.idp.plugin.oidc.op.token.support.TokenClaimsSet
getACR, getAuthenticationTime, getClaimsRequest, getClaimsSet, getClientID, getCodeChallenge, getConsentedClaims, getDeliveryClaims, getExp, getID, getIDTokenDeliveryClaims, getNonce, getPrincipal, getRedirectURI, getScope, getType, getUserinfoDeliveryClaims, isConsentEnabled, isExpired, serialize, serialize, setClaimsSet, verifyParsedClaims
-
-
-
-
Field Detail
-
VALUE_TYPE_AC
public static final String VALUE_TYPE_AC
Value of authorize code claims set type.- See Also:
- Constant Field Values
-
-
Constructor Detail
-
AuthorizeCodeClaimsSet
private AuthorizeCodeClaimsSet(@Nonnull IdentifierGenerationStrategy idGenerator, @Nonnull com.nimbusds.oauth2.sdk.id.ClientID clientID, @Nonnull String issuer, @Nonnull String userPrincipal, @Nonnull String subject, @Nonnull com.nimbusds.openid.connect.sdk.claims.ACR acr, @Nonnull Instant iat, @Nonnull Instant exp, @Nullable com.nimbusds.openid.connect.sdk.Nonce nonce, @Nonnull Instant authTime, @Nonnull URI redirectURI, @Nonnull com.nimbusds.oauth2.sdk.Scope scope, @Nullable com.nimbusds.openid.connect.sdk.OIDCClaimsRequest claims, @Nullable com.nimbusds.openid.connect.sdk.claims.ClaimsSet dlClaims, @Nullable com.nimbusds.openid.connect.sdk.claims.ClaimsSet dlClaimsID, @Nullable com.nimbusds.openid.connect.sdk.claims.ClaimsSet dlClaimsUI, @Nullable List<Object> consentedClaims, @Nullable String codeChallenge, boolean consentEnabled)Constructor for authorize code claims set.- Parameters:
idGenerator- Generator for pseudo unique identifier for the code. Must not be NULL.clientID- Client Id of the rp. Must not be NULL.issuer- OP issuer value. Must not be NULL.userPrincipal- User Principal of the authenticated user. Must not be NULL.subject- Subject of the authenticated user. Must not be NULLacr- Authentication context class reference value of the authentication. May be NULL.iat- Issue time of the authorize code. Must not be NULL.exp- Expiration time of the authorize code. Must not be NULL.nonce- Nonce of the authentication request. May be NULL.authTime- Authentication time of the user. Must not be NULL.redirectURI- Validated redirect URI of the authentication request. Must not be NULL.scope- Scope of the authentication request. Must not be NULL.claims- Claims request of the authentication request. May be NULL.dlClaims- Token delivery claims delivered both for id token and userinfo response. May be NULL.dlClaimsID- Token delivery claims delivered for id token. May be NULL.dlClaimsUI- Token delivery claims delivered for userinfo response. May be NULL.consentedClaims- consented claims. May be NULL.codeChallenge- Code Challenge. May be NULL.consentEnabled- Whether consent has been enabled.- Throws:
RuntimeException- if called with nonallowed null parameters
-
AuthorizeCodeClaimsSet
private AuthorizeCodeClaimsSet(com.nimbusds.jwt.JWTClaimsSet authzCodeClaimsSet)
Private constructor for the parser.- Parameters:
authzCodeClaimsSet- authorize code claims set
-
-
Method Detail
-
parse
public static AuthorizeCodeClaimsSet parse(String authorizeCodeClaimsSet) throws ParseException
Parses authz code from string (JSON).- Parameters:
authorizeCodeClaimsSet- JSON String representation of the code- Returns:
- AuthorizeCodeClaimsSet instance if parsing is successful.
- Throws:
ParseException- if parsing fails for example due to incompatible types.
-
parse
public static AuthorizeCodeClaimsSet parse(@Nonnull String wrappedAuthCode, @Nonnull DataSealer dataSealer) throws ParseException, DataSealerException
Parses authz code from sealed authorization code.- Parameters:
wrappedAuthCode- wrapped codedataSealer- sealer to unwrap the code- Returns:
- authorize code
- Throws:
ParseException- is thrown if unwrapped code is not understoodDataSealerException- is thrown if unwrapping fails
-
-