Source code

001package com.nimbusds.openid.connect.provider.spi.claims;
002
003
004import com.nimbusds.oauth2.sdk.id.ClientID;
005import com.nimbusds.oauth2.sdk.token.AccessToken;
006import com.nimbusds.openid.connect.provider.spi.InvocationContext;
007import com.nimbusds.openid.connect.provider.spi.tokens.TokenEncoderContext;
008import com.nimbusds.openid.connect.sdk.claims.ClaimsTransport;
009
010
011/**
012 * OpenID Connect claims request context. The supplied context parameters can
013 * be used in the processing and accounting of a claims request.
014 */
015public interface ClaimsSourceRequestContext extends InvocationContext {
016        
017        
018        /**
019         * Returns the claims transport, if applicable.
020         *
021         * @return {@link ClaimsTransport#USERINFO UserInfo} or
022         *         {@link ClaimsTransport#ID_TOKEN ID token}, {@code null} if
023         *         the claims source SPI is invoked for another purpose (e.g.
024         *         in a {@link TokenEncoderContext}).
025         */
026        ClaimsTransport getClaimsTransport();
027
028
029        /**
030         * Returns the identifier of the OAuth 2.0 client (client_id).
031         *
032         * @return The client ID. Not {@code null}.
033         */
034        ClientID getClientID();
035        
036        
037        /**
038         * Returns the client IP address.
039         *
040         * @return The client IP address, {@code null} if not available.
041         */
042        String getClientIPAddress();
043        
044        
045        /**
046         * Returns the received and successfully validated UserInfo access
047         * token for the claims request. If a claims request is triggered in a
048         * OpenID Connect implicit and hybrid flows, where the claims are
049         * returned as part of the ID token, an access token is not involved
050         * and hence not returned by this method.
051         *
052         * <p>The claims source may use the UserInfo access token for the
053         * retrieval of aggregated and distributed claims, where the same token
054         * is recognised by the upstream claims providers. See OpenID Connect
055         * Core 1.0, section 5.6.
056         *
057         * @return The UserInfo access token, {@code null} if the claims
058         *         request wasn't triggered by a UserInfo request.
059         */
060        AccessToken getUserInfoAccessToken();
061}