Class SelfIssuedAssertionAuthorization
- java.lang.Object
-
- com.nimbusds.openid.connect.provider.spi.grants.GrantAuthorization
-
- com.nimbusds.openid.connect.provider.spi.grants.SubjectAuthorization
-
- com.nimbusds.openid.connect.provider.spi.grants.SelfIssuedAssertionAuthorization
-
@Immutable public class SelfIssuedAssertionAuthorization extends SubjectAuthorization
Authorisation produced by agrant handler
of self-issued assertions (SAML 2.0 or JWT bearer).Required authorisation details:
- The subject (end-user).
- The authorised scope.
All other parameters are optional or have suitable defaults.
-
-
Constructor Summary
Constructors Constructor Description SelfIssuedAssertionAuthorization(com.nimbusds.oauth2.sdk.id.ClientID subject, com.nimbusds.oauth2.sdk.Scope scope)
Creates a new authorisation for a self-issued assertion grant where the client acts on its own behalf.SelfIssuedAssertionAuthorization(com.nimbusds.oauth2.sdk.id.ClientID subject, com.nimbusds.oauth2.sdk.Scope scope, AccessTokenSpec accessTokenSpec, @Nullable net.minidev.json.JSONObject data)
Creates a new authorisation for a self-issued assertion grant where the client acts on its own behalf.SelfIssuedAssertionAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, com.nimbusds.oauth2.sdk.Scope scope)
Creates a new authorisation for a self-issued assertion grant where the client acts on behalf of a user.SelfIssuedAssertionAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, com.nimbusds.oauth2.sdk.Scope scope, AccessTokenSpec accessTokenSpec, IDTokenSpec idTokenSpec, ClaimsSpec claimsSpec, @Nullable net.minidev.json.JSONObject data)
Creates a new authorisation for a self-issued assertion grant where the client acts on behalf of a user.
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static SelfIssuedAssertionAuthorization
parse(String json)
Parses a self-issued assertion grant authorisation from the specified JSON object string.static SelfIssuedAssertionAuthorization
parse(net.minidev.json.JSONObject jsonObject)
Parses a self-issued assertion grant authorisation from the specified JSON object.-
Methods inherited from class com.nimbusds.openid.connect.provider.spi.grants.SubjectAuthorization
getACR, getAMRList, getAuthTime, getIDTokenSpec, getSubject, toJSONObject
-
Methods inherited from class com.nimbusds.openid.connect.provider.spi.grants.GrantAuthorization
getAccessTokenSpec, getAudience, getClaimsSpec, getData, getScope
-
-
-
-
Constructor Detail
-
SelfIssuedAssertionAuthorization
public SelfIssuedAssertionAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, com.nimbusds.oauth2.sdk.Scope scope)
Creates a new authorisation for a self-issued assertion grant where the client acts on behalf of a user.See RFC 7521, section 6.3.
- Parameters:
subject
- The subject (end-user). Must not benull
.scope
- The authorised scope values. Must not benull
.
-
SelfIssuedAssertionAuthorization
public SelfIssuedAssertionAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, com.nimbusds.oauth2.sdk.Scope scope, AccessTokenSpec accessTokenSpec, IDTokenSpec idTokenSpec, ClaimsSpec claimsSpec, @Nullable net.minidev.json.JSONObject data)
Creates a new authorisation for a self-issued assertion grant where the client acts on behalf of a user.See RFC 7521, section 6.3.
- Parameters:
subject
- The subject (end-user). Must not benull
.scope
- The authorised scope values. Must not benull
.accessTokenSpec
- The access token specification. Must not benull
.idTokenSpec
- The ID token specification. Must not benull
.claimsSpec
- The OpenID claims specification. Must not benull
.data
- Additional data as a JSON object,null
if not specified.
-
SelfIssuedAssertionAuthorization
public SelfIssuedAssertionAuthorization(com.nimbusds.oauth2.sdk.id.ClientID subject, com.nimbusds.oauth2.sdk.Scope scope)
Creates a new authorisation for a self-issued assertion grant where the client acts on its own behalf.See RFC 7521, section 6.2.
- Parameters:
subject
- The client identifier. Must not benull
.scope
- The authorised scope values. Must not benull
.
-
SelfIssuedAssertionAuthorization
public SelfIssuedAssertionAuthorization(com.nimbusds.oauth2.sdk.id.ClientID subject, com.nimbusds.oauth2.sdk.Scope scope, AccessTokenSpec accessTokenSpec, @Nullable net.minidev.json.JSONObject data)
Creates a new authorisation for a self-issued assertion grant where the client acts on its own behalf.See RFC 7521, section 6.2.
- Parameters:
subject
- The client identifier. Must not benull
.scope
- The authorised scope values. Must not benull
.accessTokenSpec
- The access token specification. Must not benull
.data
- Additional data as a JSON object,null
if not specified.
-
-
Method Detail
-
parse
public static SelfIssuedAssertionAuthorization parse(net.minidev.json.JSONObject jsonObject) throws com.nimbusds.oauth2.sdk.ParseException
Parses a self-issued assertion grant authorisation from the specified JSON object.- Parameters:
jsonObject
- The JSON object to parse. Must not benull
.- Returns:
- The authorisation.
- Throws:
com.nimbusds.oauth2.sdk.ParseException
- If parsing failed.
-
parse
public static SelfIssuedAssertionAuthorization parse(String json) throws com.nimbusds.oauth2.sdk.ParseException
Parses a self-issued assertion grant authorisation from the specified JSON object string.- Parameters:
json
- The JSON object string to parse. Must not benull
.- Returns:
- The authorisation.
- Throws:
com.nimbusds.oauth2.sdk.ParseException
- If parsing failed.
-
-