001package com.nimbusds.openid.connect.provider.spi.claims;
002
003
004import java.util.List;
005import java.util.Set;
006
007import net.jcip.annotations.ThreadSafe;
008
009import com.nimbusds.langtag.LangTag;
010
011import com.nimbusds.oauth2.sdk.id.Subject;
012import com.nimbusds.openid.connect.sdk.claims.UserInfo;
013
014
015/**
016 * Service Provider Interface (SPI) for sourcing OpenID Connect UserInfo and
017 * other claims about a subject (end-user). Implementations must be thread-
018 * safe.
019 *
020 * <p>Claims sources can be:
021 *
022 * <ul>
023 *     <li>LDAP directories
024 *     <li>SQL or NoSQL databases
025 *     <li>Web services
026 *     <li>Files
027 * </ul>
028 */
029@ThreadSafe
030public interface ClaimsSource extends CommonClaimsSource {
031
032
033        /**
034         * Requests claims for the specified subject.
035         *
036         * @param subject       The subject. Must not be {@code null}.
037         * @param claims        The names of the requested claims, with
038         *                      optional language tags. Must not be
039         *                      {@code null}.
040         * @param claimsLocales The preferred languages and scripts for the
041         *                      claims to return, {@code null} if not
042         *                      specified.
043         *
044         * @return The claims, {@code null} if the subject wasn't found or the
045         *         claims source is {@link #isEnabled disabled}.
046         *
047         * @throws Exception If retrieval of the claims failed.
048         */
049        UserInfo getClaims(final Subject subject,
050                           final Set<String> claims,
051                           final List<LangTag> claimsLocales)
052                throws Exception;
053}
054