001package com.nimbusds.openid.connect.provider.spi.claims; 002 003 004import com.nimbusds.oauth2.sdk.id.ClientID; 005import com.nimbusds.oauth2.sdk.token.AccessToken; 006import com.nimbusds.openid.connect.provider.spi.InvocationContext; 007 008 009/** 010 * OpenID Connect claims request context. The supplied context parameters can 011 * be used in the processing and accounting of a claims request. 012 */ 013public interface ClaimsSourceRequestContext extends InvocationContext { 014 015 016 /** 017 * Returns the identifier of the OAuth 2.0 client (client_id). 018 * 019 * @return The client ID. Not {@code null}. 020 */ 021 ClientID getClientID(); 022 023 024 /** 025 * Returns the client IP address. 026 * 027 * @return The client IP address, {@code null} if not available. 028 */ 029 String getClientIPAddress(); 030 031 032 /** 033 * Returns the received and successfully validated UserInfo access 034 * token for the claims request. If a claims request is triggered in a 035 * OpenID Connect implicit and hybrid flows, where the claims are 036 * returned as part of the ID token, an access token is not involved 037 * and hence not returned by this method. 038 * 039 * <p>The claims source may use the UserInfo access token for the 040 * retrieval of aggregated and distributed claims, where the same token 041 * is recognised by the upstream claims providers. See OpenID Connect 042 * Core 1.0, section 5.6. 043 * 044 * @return The UserInfo access token, {@code null} if the claims 045 * request wasn't triggered by a UserInfo request. 046 */ 047 AccessToken getUserInfoAccessToken(); 048}