@Immutable public class ThirdPartyAssertionAuthorization extends SubjectAuthorization
grant handler
of assertions
(SAML 2.0 or JWT bearer) issued by a third-party security token service.
Required authorisation details:
All other parameters are optional or have suitable defaults.
Constructor and Description |
---|
ThirdPartyAssertionAuthorization(com.nimbusds.oauth2.sdk.id.ClientID subject,
com.nimbusds.oauth2.sdk.Scope scope)
Creates a new authorisation for a third-party issued assertion grant
where the client acts on its own behalf.
|
ThirdPartyAssertionAuthorization(com.nimbusds.oauth2.sdk.id.ClientID subject,
com.nimbusds.oauth2.sdk.Scope scope,
AccessTokenSpec accessTokenSpec,
net.minidev.json.JSONObject data)
Creates a new authorisation for a third-party issued assertion grant
where the client acts on its own behalf.
|
ThirdPartyAssertionAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject,
com.nimbusds.oauth2.sdk.id.ClientID clientID,
com.nimbusds.oauth2.sdk.Scope scope)
Creates a new authorisation for a third-party issued assertion grant
where the client acts on behalf of a user.
|
ThirdPartyAssertionAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject,
com.nimbusds.oauth2.sdk.id.ClientID clientID,
com.nimbusds.oauth2.sdk.Scope scope,
AccessTokenSpec accessTokenSpec,
IDTokenSpec idTokenSpec,
ClaimsSpec claimsSpec,
net.minidev.json.JSONObject data)
Creates a new authorisation for a third-party issued assertion grant
where the client acts on behalf of a user.
|
Modifier and Type | Method and Description |
---|---|
com.nimbusds.oauth2.sdk.id.ClientID |
getClientID()
Returns the authorised client.
|
static ThirdPartyAssertionAuthorization |
parse(net.minidev.json.JSONObject jsonObject)
Parses a third-party assertion grant authorisation from the
specified JSON object.
|
static ThirdPartyAssertionAuthorization |
parse(String json)
Parses a third-party assertion grant authorisation from the
specified JSON object string.
|
net.minidev.json.JSONObject |
toJSONObject()
Returns a JSON object representation of this authorisation.
|
getACR, getAMRList, getAuthTime, getClaimsSpec, getIDTokenSpec, getSubject
getAccessTokenSpec, getAudience, getData, getScope
public ThirdPartyAssertionAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, com.nimbusds.oauth2.sdk.id.ClientID clientID, com.nimbusds.oauth2.sdk.Scope scope)
See RFC 7521, section 6.3.
subject
- The subject (end-user). Must not be null
.clientID
- The client identifier. Must be registered with the
Connect2id server. Must not be null
.scope
- The authorised scope values. Must not be
null
.public ThirdPartyAssertionAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, com.nimbusds.oauth2.sdk.id.ClientID clientID, com.nimbusds.oauth2.sdk.Scope scope, AccessTokenSpec accessTokenSpec, IDTokenSpec idTokenSpec, ClaimsSpec claimsSpec, net.minidev.json.JSONObject data)
See RFC 7521, section 6.3.
subject
- The subject (end-user). Must not be
null
.clientID
- The client identifier. Must be registered
with the Connect2id server. Must not be
null
.scope
- The authorised scope values. Must not be
null
.accessTokenSpec
- The access token specification. Must not be
null
.idTokenSpec
- The ID token specification. Must not be
null
.claimsSpec
- The claims specification. Must not be
null
.data
- Additional data as a JSON object,
null
if not specified.public ThirdPartyAssertionAuthorization(com.nimbusds.oauth2.sdk.id.ClientID subject, com.nimbusds.oauth2.sdk.Scope scope)
See RFC 7521, section 6.2.
subject
- The client identifier. Must be registered with the
Connect2id server. Must not be null
.scope
- The authorised scope values. Must not be
null
.public ThirdPartyAssertionAuthorization(com.nimbusds.oauth2.sdk.id.ClientID subject, com.nimbusds.oauth2.sdk.Scope scope, AccessTokenSpec accessTokenSpec, net.minidev.json.JSONObject data)
See RFC 7521, section 6.2.
subject
- The client identifier. Must be registered
with the Connect2id server. Must not be
null
.scope
- The authorised scope values. Must not be
null
.accessTokenSpec
- The access token specification. Must not be
null
.data
- Additional data as a JSON object,
null
if not specified.public com.nimbusds.oauth2.sdk.id.ClientID getClientID()
null
if not
specified.public net.minidev.json.JSONObject toJSONObject()
GrantAuthorization
toJSONObject
in class SubjectAuthorization
public static ThirdPartyAssertionAuthorization parse(net.minidev.json.JSONObject jsonObject) throws com.nimbusds.oauth2.sdk.ParseException
jsonObject
- The JSON object to parse. Must not be
null
.com.nimbusds.oauth2.sdk.ParseException
- If parsing failed.public static ThirdPartyAssertionAuthorization parse(String json) throws com.nimbusds.oauth2.sdk.ParseException
json
- The JSON object string to parse. Must not be
null
.com.nimbusds.oauth2.sdk.ParseException
- If parsing failed.Copyright © 2021 Connect2id Ltd.. All rights reserved.