Class PasswordGrantAuthorization
- java.lang.Object
-
- com.nimbusds.openid.connect.provider.spi.grants.GrantAuthorization
-
- com.nimbusds.openid.connect.provider.spi.grants.SubjectAuthorization
-
- com.nimbusds.openid.connect.provider.spi.grants.PasswordGrantAuthorization
-
@Immutable public class PasswordGrantAuthorization extends SubjectAuthorization
Authorisation produced by aPasswordGrantHandler
. Specifies a subject (end-user) and permits ID and refresh token issue.Required authorisation details:
- The authenticated subject (end-user).
- The authorised scope.
All other parameters are optional or have suitable defaults.
-
-
Constructor Summary
Constructors Constructor Description PasswordGrantAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, @Nullable Date authTime, @Nullable com.nimbusds.openid.connect.sdk.claims.ACR acr, @Nullable List<com.nimbusds.openid.connect.sdk.claims.AMR> amrList, com.nimbusds.oauth2.sdk.Scope scope, @Nullable List<com.nimbusds.oauth2.sdk.id.Audience> audList, boolean longLived, AccessTokenSpec accessTokenSpec, RefreshTokenSpec refreshTokenSpec, IDTokenSpec idTokenSpec, ClaimsSpec claimsSpec, @Nullable net.minidev.json.JSONObject data)
Deprecated.PasswordGrantAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, com.nimbusds.oauth2.sdk.Scope scope)
Creates a new OAuth 2.0 - only authorisation for a password grant.PasswordGrantAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, com.nimbusds.oauth2.sdk.Scope scope, boolean longLived, AccessTokenSpec accessTokenSpec, RefreshTokenSpec refreshTokenSpec, IDTokenSpec idTokenSpec, ClaimsSpec claimsSpec, @Nullable net.minidev.json.JSONObject data)
Creates a new OpenID Connect / OAuth 2.0 authorisation for a password grant.PasswordGrantAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, com.nimbusds.oauth2.sdk.Scope scope, @Nullable List<com.nimbusds.oauth2.sdk.id.Audience> audList, boolean longLived, AccessTokenSpec accessTokenSpec, RefreshTokenSpec refreshTokenSpec, @Nullable net.minidev.json.JSONObject data)
Creates a new OAuth 2.0 - only authorisation for a password grant.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description RefreshTokenSpec
getRefreshTokenSpec()
Returns the refresh token specification.boolean
isLongLived()
Returns the authorisation lifetime.static PasswordGrantAuthorization
parse(String json)
Parses a password grant authorisation from the specified JSON object string.static PasswordGrantAuthorization
parse(net.minidev.json.JSONObject jsonObject)
Parses a password grant authorisation from the specified JSON object.net.minidev.json.JSONObject
toJSONObject()
Returns a JSON object representation of this authorisation.-
Methods inherited from class com.nimbusds.openid.connect.provider.spi.grants.SubjectAuthorization
getACR, getAMRList, getAuthTime, getIDTokenSpec, getSubject
-
Methods inherited from class com.nimbusds.openid.connect.provider.spi.grants.GrantAuthorization
getAccessTokenSpec, getAudience, getClaimsSpec, getData, getScope
-
-
-
-
Constructor Detail
-
PasswordGrantAuthorization
public PasswordGrantAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, com.nimbusds.oauth2.sdk.Scope scope)
Creates a new OAuth 2.0 - only authorisation for a password grant.- Parameters:
subject
- The subject (end-user) identifier. Must not benull
.scope
- The authorised scope values. Must not benull
.
-
PasswordGrantAuthorization
public PasswordGrantAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, com.nimbusds.oauth2.sdk.Scope scope, @Nullable List<com.nimbusds.oauth2.sdk.id.Audience> audList, boolean longLived, AccessTokenSpec accessTokenSpec, RefreshTokenSpec refreshTokenSpec, @Nullable net.minidev.json.JSONObject data)
Creates a new OAuth 2.0 - only authorisation for a password grant.- Parameters:
subject
- The subject (end-user) identifier. Must not benull
.scope
- The authorised scope values. Must not benull
.audList
- Explicit list of audiences for the access token,null
if not specified.longLived
- Controls the authorisation lifetime,true
for a long-lived (implies persistence),false
for a short-lived (transient).accessTokenSpec
- The access token specification. Must not benull
.refreshTokenSpec
- The refresh token specification. Must not benull
.data
- Additional data as a JSON object,null
if not specified.
-
PasswordGrantAuthorization
@Deprecated public PasswordGrantAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, @Nullable Date authTime, @Nullable com.nimbusds.openid.connect.sdk.claims.ACR acr, @Nullable List<com.nimbusds.openid.connect.sdk.claims.AMR> amrList, com.nimbusds.oauth2.sdk.Scope scope, @Nullable List<com.nimbusds.oauth2.sdk.id.Audience> audList, boolean longLived, AccessTokenSpec accessTokenSpec, RefreshTokenSpec refreshTokenSpec, IDTokenSpec idTokenSpec, ClaimsSpec claimsSpec, @Nullable net.minidev.json.JSONObject data)
Deprecated.Creates a new OpenID Connect / OAuth 2.0 authorisation for a password grant.- Parameters:
subject
- The subject (end-user) identifier. Must not benull
.authTime
- The time of the subject authentication. Ifnull
it will be set to now. Applies only if an ID token is issued.acr
- The Authentication Context Class Reference (ACR),null
if not specified. Applies only if an ID token is issued.amrList
- The Authentication Methods Reference (AMR) list,null
if not specified. Applies only if an ID token is issued.scope
- The authorised scope values. Must not benull
.audList
- Explicit list of audiences for the access token,null
if not specified.longLived
- Controls the authorisation lifetime.true
for a long-lived (implies persistence),false
for a short-lived (transient).accessTokenSpec
- The access token specification. Must not benull
.refreshTokenSpec
- The refresh token specification. Must not benull
.idTokenSpec
- The ID token specification. Must not benull
.claimsSpec
- The OpenID claims specification.data
- Additional data as a JSON object,null
if not specified.
-
PasswordGrantAuthorization
public PasswordGrantAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, com.nimbusds.oauth2.sdk.Scope scope, boolean longLived, AccessTokenSpec accessTokenSpec, RefreshTokenSpec refreshTokenSpec, IDTokenSpec idTokenSpec, ClaimsSpec claimsSpec, @Nullable net.minidev.json.JSONObject data)
Creates a new OpenID Connect / OAuth 2.0 authorisation for a password grant.- Parameters:
subject
- The subject (end-user) identifier. Must not benull
.scope
- The authorised scope values. Must not benull
.longLived
- Controls the authorisation lifetime.true
for a long-lived (implies persistence),false
for a short-lived (transient).accessTokenSpec
- The access token specification. Must not benull
.refreshTokenSpec
- The refresh token specification. Must not benull
.idTokenSpec
- The ID token specification. Must not benull
.claimsSpec
- The OpenID claims specification.data
- Additional data as a JSON object,null
if not specified.
-
-
Method Detail
-
isLongLived
public boolean isLongLived()
Returns the authorisation lifetime.- Returns:
true
for a long-lived authorisation (implies persistence),false
for a short-lived (transient).
-
getRefreshTokenSpec
public RefreshTokenSpec getRefreshTokenSpec()
Returns the refresh token specification.- Returns:
- The refresh token specification.
-
toJSONObject
public net.minidev.json.JSONObject toJSONObject()
Description copied from class:GrantAuthorization
Returns a JSON object representation of this authorisation.- Overrides:
toJSONObject
in classSubjectAuthorization
- Returns:
- The JSON object representation.
-
parse
public static PasswordGrantAuthorization parse(net.minidev.json.JSONObject jsonObject) throws com.nimbusds.oauth2.sdk.ParseException
Parses a password grant authorisation from the specified JSON object.- Parameters:
jsonObject
- The JSON object to parse. Must not benull
.- Returns:
- The password grant authorisation.
- Throws:
com.nimbusds.oauth2.sdk.ParseException
- If parsing failed.
-
parse
public static PasswordGrantAuthorization parse(String json) throws com.nimbusds.oauth2.sdk.ParseException
Parses a password grant authorisation from the specified JSON object string.- Parameters:
json
- The JSON object string to parse. Must not benull
.- Returns:
- The password grant authorisation.
- Throws:
com.nimbusds.oauth2.sdk.ParseException
- If parsing failed.
-
-