com.nimbusds.openid.connect.provider.spi.grants

Class PasswordGrantAuthorization

java.lang.Object

com.nimbusds.openid.connect.provider.spi.grants.GrantAuthorization

com.nimbusds.openid.connect.provider.spi.grants.PasswordGrantAuthorization

public class PasswordGrantAuthorization
extends GrantAuthorization

Authorisation response from a PasswordGrantHandler.

The minimum details it contains is the identifier of the authenticated subject (end-user) and the authorised scope values. The other parameters are optional or have suitable defaults.

Constructor Summary

Constructors

Constructor and Description
PasswordGrantAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, Date authTime, com.nimbusds.openid.connect.sdk.claims.ACR acr, List<com.nimbusds.openid.connect.sdk.claims.AMR> amrList, com.nimbusds.oauth2.sdk.Scope scope, List<com.nimbusds.oauth2.sdk.id.Audience> audList, boolean longLived, AccessTokenSpec accessTokenSpec, RefreshTokenSpec refreshTokenSpec, IDTokenSpec idTokenSpec, ClaimsSpec claimsSpec, net.minidev.json.JSONObject data) Creates a new OpenID Connect / OAuth 2.0 authorisation response from a PasswordGrantHandler.
PasswordGrantAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, com.nimbusds.oauth2.sdk.Scope scope, List<com.nimbusds.oauth2.sdk.id.Audience> audList, boolean longLived, AccessTokenSpec accessTokenSpec, RefreshTokenSpec refreshTokenSpec, net.minidev.json.JSONObject data) Creates a new OAuth 2.0 - only authorisation response from a PasswordGrantHandler.

Method Summary

Methods

Modifier and Type	Method and Description
com.nimbusds.openid.connect.sdk.claims.ACR	getACR() Returns the Authentication Context Class Reference (ACR).
List<com.nimbusds.openid.connect.sdk.claims.AMR>	getAMRList() Returns The Authentication Methods Reference (AMR) list.
Date	getAuthTime() Returns the time of the subject authentication.
ClaimsSpec	getClaimsSpec() Returns the claims specification.
IDTokenSpec	getIDTokenSpec() Returns the ID token specification.
RefreshTokenSpec	getRefreshTokenSpec() Returns the refresh token specification.
com.nimbusds.oauth2.sdk.id.Subject	getSubject() Returns the authorised subject.
boolean	isLongLived() Returns the authorisation lifetime.
static PasswordGrantAuthorization	parse(net.minidev.json.JSONObject o) Parses an authorisation response from the specified JSON object representation.
net.minidev.json.JSONObject	toJSONObject() Returns a JSON object representation of this authorisation response.

Methods inherited from class com.nimbusds.openid.connect.provider.spi.grants.GrantAuthorization

getAccessTokenSpec, getAudience, getData, getScope

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

PasswordGrantAuthorization

public PasswordGrantAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject,
                          com.nimbusds.oauth2.sdk.Scope scope,
                          List<com.nimbusds.oauth2.sdk.id.Audience> audList,
                          boolean longLived,
                          AccessTokenSpec accessTokenSpec,
                          RefreshTokenSpec refreshTokenSpec,
                          net.minidev.json.JSONObject data)

Creates a new OAuth 2.0 - only authorisation response from a PasswordGrantHandler.

Parameters:

subject - The identifier of the authorised subject. Must not be null.

scope - The authorised scope values. Must not be null.

audList - Explicit list of audiences for the access token, null if not specified.

longLived - Controls the authorisation lifetime. true for a long-lived authorisation (implies persistence), false for a short-lived (transient) one.

accessTokenSpec - The access token specification. Must not be null.

refreshTokenSpec - The refresh token specification. Must not be null.

data - Optional authorisation data as a JSON object, null if not specified.

PasswordGrantAuthorization

public PasswordGrantAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject,
                          Date authTime,
                          com.nimbusds.openid.connect.sdk.claims.ACR acr,
                          List<com.nimbusds.openid.connect.sdk.claims.AMR> amrList,
                          com.nimbusds.oauth2.sdk.Scope scope,
                          List<com.nimbusds.oauth2.sdk.id.Audience> audList,
                          boolean longLived,
                          AccessTokenSpec accessTokenSpec,
                          RefreshTokenSpec refreshTokenSpec,
                          IDTokenSpec idTokenSpec,
                          ClaimsSpec claimsSpec,
                          net.minidev.json.JSONObject data)

Creates a new OpenID Connect / OAuth 2.0 authorisation response from a PasswordGrantHandler.

Parameters:

subject - The identifier of the authorised subject. Must not be null.

authTime - The time of the subject authentication. If null it will be set to now. Applies only if an ID token is issued.

acr - The Authentication Context Class Reference (ACR), null if not specified. Applies only if an ID token is issued.

amrList - The Authentication Methods Reference (AMR) list, null if not specified. Applies only if an ID token is issued.

scope - The authorised scope values. Must not be null.

audList - Explicit list of audiences for the access token, null if not specified.

longLived - Controls the authorisation lifetime. true for a long-lived authorisation (implies persistence), false for a short-lived one.

accessTokenSpec - The access token specification. Must not be null.

refreshTokenSpec - The refresh token specification. Must not be null.

idTokenSpec - The ID token specification. Must not be null.

claimsSpec - The claims specification.

data - Optional authorisation data as a JSON object, null if not specified.

Method Detail

getSubject

public com.nimbusds.oauth2.sdk.id.Subject getSubject()

Returns the authorised subject.

Returns:

The identifier of the authorised subject.

getAuthTime

public Date getAuthTime()

Returns the time of the subject authentication.

Returns:

The time of the subject authentication. If null it will be set to now. Applies only if an ID token is issued.

getACR

public com.nimbusds.openid.connect.sdk.claims.ACR getACR()

Returns the Authentication Context Class Reference (ACR).

Returns:

The Authentication Context Class Reference (ACR), null if not specified. Applies only if an ID token is issued.

getAMRList

public List<com.nimbusds.openid.connect.sdk.claims.AMR> getAMRList()

Returns The Authentication Methods Reference (AMR) list.

Returns:

The Authentication Methods Reference (AMR) list, null if not specified. Applies only if an ID token is issued.

isLongLived

public boolean isLongLived()

Returns the authorisation lifetime.

Returns:

true for a long-lived authorisation (implies persistence), false for a short-lived one.

getRefreshTokenSpec

public RefreshTokenSpec getRefreshTokenSpec()

Returns the refresh token specification.

Returns:

The refresh token specification.

getIDTokenSpec

public IDTokenSpec getIDTokenSpec()

Returns the ID token specification.

Returns:

The ID token specification.

getClaimsSpec

public ClaimsSpec getClaimsSpec()

Returns the claims specification.

Returns:

The claims specification.

toJSONObject

public net.minidev.json.JSONObject toJSONObject()

Returns a JSON object representation of this authorisation response.

Overrides:

toJSONObject in class GrantAuthorization

Returns:

The JSON object representation.

parse

public static PasswordGrantAuthorization parse(net.minidev.json.JSONObject o)
                                        throws com.nimbusds.oauth2.sdk.ParseException

Parses an authorisation response from the specified JSON object representation.

Parameters:

o - The JSON object to parse. Must not be null.

Returns:

The authorisation response.

Throws:

com.nimbusds.oauth2.sdk.ParseException - If parsing failed.