001package com.nimbusds.openid.connect.provider.spi.claims; 002 003 004import com.nimbusds.oauth2.sdk.id.ClientID; 005import com.nimbusds.oauth2.sdk.id.Issuer; 006import com.nimbusds.oauth2.sdk.token.AccessToken; 007 008 009/** 010 * OpenID Connect claims request context. The supplied context parameters can 011 * be used in the processing and accounting of a claims request. 012 */ 013public interface ClaimsSourceRequestContext { 014 015 016 /** 017 * Returns the OpenID Connect provider issuer URI. 018 * 019 * @return The OP issuer. Not {@code null}. 020 */ 021 Issuer getIssuer(); 022 023 024 /** 025 * Returns the identifier of the OAuth 2.0 client (client_id). 026 * 027 * @return The client ID. Not {@code null}. 028 */ 029 ClientID getClientID(); 030 031 032 /** 033 * Returns the client IP address. 034 * 035 * @return The client IP address, {@code null} if not available. 036 */ 037 String getClientIPAddress(); 038 039 040 /** 041 * Returns the received and successfully validated UserInfo access 042 * token for the claims request. If a claims request is triggered in a 043 * OpenID Connect implicit and hybrid flows, where the claims are 044 * returned as part of the ID token, an access token is not involved 045 * and hence not returned by this method. 046 * 047 * <p>The claims source may use the UserInfo access token for the 048 * retrieval of aggregated and distributed claims, where the same token 049 * is recognised by the upstream claims providers. See OpenID Connect 050 * Core 1.0, section 5.6. 051 * 052 * @return The UserInfo access token, {@code null} if the claims 053 * request wasn't triggered by a UserInfo request. 054 */ 055 AccessToken getUserInfoAccessToken(); 056}