public final class PasswordGrantAuthorization extends GrantAuthorization
PasswordGrantHandler
.
The minimum details it contains is the identifier of the authenticated subject (end-user) and the authorised scope values. The other parameters are optional or may have suitable defaults.
Constructor and Description |
---|
PasswordGrantAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject,
Date authTime,
com.nimbusds.openid.connect.sdk.claims.ACR acr,
List<com.nimbusds.openid.connect.sdk.claims.AMR> amrList,
com.nimbusds.oauth2.sdk.Scope scope,
List<com.nimbusds.oauth2.sdk.id.Audience> audList,
boolean longLived,
long accessTokenLifetime,
com.nimbusds.oauth2.sdk.token.TokenEncoding accessTokenEncoding,
boolean issueRefreshToken,
boolean issueIDToken,
Set<String> claims,
List<com.nimbusds.langtag.LangTag> claimsLocales,
net.minidev.json.JSONObject presetIDTokenClaims,
net.minidev.json.JSONObject presetUserInfoClaims,
com.nimbusds.openid.connect.sdk.claims.ClaimsTransport claimsTransport)
Creates a new OpenID Connect / OAuth 2.0 authorisation response from
a
PasswordGrantHandler . |
PasswordGrantAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject,
com.nimbusds.oauth2.sdk.Scope scope,
List<com.nimbusds.oauth2.sdk.id.Audience> audList,
boolean longLived,
long accessTokenLifetime,
com.nimbusds.oauth2.sdk.token.TokenEncoding accessTokenEncoding,
boolean issueRefreshToken)
Creates a new OAuth 2.0 - only authorisation response from a
PasswordGrantHandler . |
Modifier and Type | Method and Description |
---|---|
boolean |
allowsRefreshTokenIssue()
Returns the refresh token issue policy.
|
com.nimbusds.openid.connect.sdk.claims.ACR |
getACR()
Returns the Authentication Context Class Reference (ACR).
|
List<com.nimbusds.openid.connect.sdk.claims.AMR> |
getAMRList()
Returns The Authentication Methods Reference (AMR) list.
|
Date |
getAuthTime()
Returns the time of the subject authentication.
|
Set<String> |
getClaims()
Returns the authorised OpenID Connect UserInfo claims.
|
List<com.nimbusds.langtag.LangTag> |
getClaimsLocales()
Returns the preferred OpenID Connect claims locales.
|
com.nimbusds.openid.connect.sdk.claims.ClaimsTransport |
getClaimsTransport()
Returns the preferred claims transport.
|
net.minidev.json.JSONObject |
getPresetIDTokenClaims()
Returns the additional or preset claims to be included in the ID
token.
|
net.minidev.json.JSONObject |
getPresetUserInfoClaims()
Returns the additional or preset claims to be included in the
UserInfo response.
|
com.nimbusds.oauth2.sdk.id.Subject |
getSubject()
Returns the authorised subject.
|
boolean |
isLongLived()
Returns the authorisation lifetime.
|
boolean |
issueIDToken()
Returns the ID token issue policy.
|
static PasswordGrantAuthorization |
parse(net.minidev.json.JSONObject jsonObject)
Parses an authorisation response from the specified JSON object
representation.
|
net.minidev.json.JSONObject |
toJSONObject()
Returns a JSON object representation of this authorisation response.
|
getAccessTokenEncoding, getAccessTokenLifetime, getAudience, getScope
public PasswordGrantAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, com.nimbusds.oauth2.sdk.Scope scope, List<com.nimbusds.oauth2.sdk.id.Audience> audList, boolean longLived, long accessTokenLifetime, com.nimbusds.oauth2.sdk.token.TokenEncoding accessTokenEncoding, boolean issueRefreshToken)
PasswordGrantHandler
.subject
- The identifier of the authorised
subject. Must not be null
.scope
- The authorised scope values. Must not be
null
.audList
- Explicit list of audiences for the access
token, null
if not specified.longLived
- Controls the authorisation lifetime.
true
for a long-lived
authorisation (implies persistence),
false
for a short-lived one.accessTokenLifetime
- The access token lifetime, in seconds,
zero if not specified.accessTokenEncoding
- The access token encoding, null
if not specified.issueRefreshToken
- Controls the refresh token issue. If
true
a refresh token must be
issued (requires a long-lived
authorisation), false
if only an
access token is issued.public PasswordGrantAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, Date authTime, com.nimbusds.openid.connect.sdk.claims.ACR acr, List<com.nimbusds.openid.connect.sdk.claims.AMR> amrList, com.nimbusds.oauth2.sdk.Scope scope, List<com.nimbusds.oauth2.sdk.id.Audience> audList, boolean longLived, long accessTokenLifetime, com.nimbusds.oauth2.sdk.token.TokenEncoding accessTokenEncoding, boolean issueRefreshToken, boolean issueIDToken, Set<String> claims, List<com.nimbusds.langtag.LangTag> claimsLocales, net.minidev.json.JSONObject presetIDTokenClaims, net.minidev.json.JSONObject presetUserInfoClaims, com.nimbusds.openid.connect.sdk.claims.ClaimsTransport claimsTransport)
PasswordGrantHandler
.subject
- The identifier of the authorised
subject. Must not be null
.authTime
- The time of the subject authentication.
If null
it will be set to now.
Applies only if an ID token is issued.acr
- The Authentication Context Class
Reference (ACR), null
if not
specified. Applies only if an ID token
is issued.amrList
- The Authentication Methods Reference
(AMR) list, null
if not
specified. Applies only if an ID token
is issued.scope
- The authorised scope values. Must not be
null
.audList
- Explicit list of audiences for the
access token, null
if not
specified.longLived
- Controls the authorisation lifetime.
true
for a long-lived
authorisation (implies persistence),
false
for a short-lived one.accessTokenLifetime
- The access token lifetime, in seconds,
zero if not specified.accessTokenEncoding
- The access token encoding, null
if not specified.issueRefreshToken
- Controls the refresh token issue. If
true
a refresh token must be
issued (requires a long-lived
authorisation), false
if only an
access token is issued.issueIDToken
- Controls the ID token issue. If
true
an ID token must be issued.claims
- Authorised OpenID Connect UserInfo
claims, null
if none.claimsLocales
- The preferred claims locales,
null
if not specified.presetIDTokenClaims
- Additional or preset claims to be
included in the ID token, null
if none.presetUserInfoClaims
- Additional or preset claims to be
included in the UserInfo response,
null
if none.claimsTransport
- The preferred claims transport,
null
if not specified (implies
UserInfo endpoint).public com.nimbusds.oauth2.sdk.id.Subject getSubject()
public Date getAuthTime()
null
it
will be set to now. Applies only if an ID token is issued.public com.nimbusds.openid.connect.sdk.claims.ACR getACR()
null
if not specified. Applies only if an ID token
is issued.public List<com.nimbusds.openid.connect.sdk.claims.AMR> getAMRList()
null
if not specified. Applies only if an ID token
is issued.public boolean isLongLived()
true
for a long-lived authorisation (implies
persistence), false
for a short-lived one.public boolean allowsRefreshTokenIssue()
true
if refresh token issue is allowed (requires a
long-lived authorisation), else not.public boolean issueIDToken()
true
to issue an ID token, else not.public Set<String> getClaims()
null
if none.public List<com.nimbusds.langtag.LangTag> getClaimsLocales()
null
if
not specified.public net.minidev.json.JSONObject getPresetIDTokenClaims()
null
if none.public net.minidev.json.JSONObject getPresetUserInfoClaims()
null
if none.public com.nimbusds.openid.connect.sdk.claims.ClaimsTransport getClaimsTransport()
null
if not
specified (implies UserInfo endpoint).public net.minidev.json.JSONObject toJSONObject()
toJSONObject
in class GrantAuthorization
public static PasswordGrantAuthorization parse(net.minidev.json.JSONObject jsonObject) throws com.nimbusds.oauth2.sdk.ParseException
jsonObject
- The JSON object to parse. Must not be
null
.com.nimbusds.oauth2.sdk.ParseException
Copyright © 2014 Connect2id Ltd.. All Rights Reserved.