Class SelfIssuedAssertionAuthorization
java.lang.Object
com.nimbusds.openid.connect.provider.spi.grants.GrantAuthorization
com.nimbusds.openid.connect.provider.spi.grants.SubjectAuthorization
com.nimbusds.openid.connect.provider.spi.grants.SelfIssuedAssertionAuthorization
Authorisation produced by a
grant handler
of
self-issued assertions (SAML 2.0 or JWT bearer).
Required authorisation details:
- The subject (end-user).
- The authorised scope.
All other parameters are optional or have suitable defaults.
-
Constructor Summary
ConstructorDescriptionSelfIssuedAssertionAuthorization
(com.nimbusds.oauth2.sdk.id.ClientID subject, com.nimbusds.oauth2.sdk.Scope scope) Creates a new authorisation for a self-issued assertion grant where the client acts on its own behalf.SelfIssuedAssertionAuthorization
(com.nimbusds.oauth2.sdk.id.ClientID subject, com.nimbusds.oauth2.sdk.Scope scope, AccessTokenSpec accessTokenSpec, @Nullable net.minidev.json.JSONObject data) Creates a new authorisation for a self-issued assertion grant where the client acts on its own behalf.SelfIssuedAssertionAuthorization
(com.nimbusds.oauth2.sdk.id.Subject subject, com.nimbusds.oauth2.sdk.Scope scope) Creates a new authorisation for a self-issued assertion grant where the client acts on behalf of a user.SelfIssuedAssertionAuthorization
(com.nimbusds.oauth2.sdk.id.Subject subject, com.nimbusds.oauth2.sdk.Scope scope, AccessTokenSpec accessTokenSpec, IDTokenSpec idTokenSpec, ClaimsSpec claimsSpec, @Nullable net.minidev.json.JSONObject data) Creates a new authorisation for a self-issued assertion grant where the client acts on behalf of a user. -
Method Summary
Modifier and TypeMethodDescriptionParses a self-issued assertion grant authorisation from the specified JSON object string.parse
(net.minidev.json.JSONObject jsonObject) Parses a self-issued assertion grant authorisation from the specified JSON object.Methods inherited from class com.nimbusds.openid.connect.provider.spi.grants.SubjectAuthorization
getACR, getAMRList, getAuthTime, getIDTokenSpec, getSubject, toJSONObject
Methods inherited from class com.nimbusds.openid.connect.provider.spi.grants.GrantAuthorization
getAccessTokenSpec, getAudience, getClaimsSpec, getData, getScope
-
Constructor Details
-
SelfIssuedAssertionAuthorization
public SelfIssuedAssertionAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, com.nimbusds.oauth2.sdk.Scope scope) Creates a new authorisation for a self-issued assertion grant where the client acts on behalf of a user.See RFC 7521, section 6.3.
- Parameters:
subject
- The subject (end-user). Must not benull
.scope
- The authorised scope values. Must not benull
.
-
SelfIssuedAssertionAuthorization
public SelfIssuedAssertionAuthorization(com.nimbusds.oauth2.sdk.id.Subject subject, com.nimbusds.oauth2.sdk.Scope scope, AccessTokenSpec accessTokenSpec, IDTokenSpec idTokenSpec, ClaimsSpec claimsSpec, @Nullable net.minidev.json.JSONObject data) Creates a new authorisation for a self-issued assertion grant where the client acts on behalf of a user.See RFC 7521, section 6.3.
- Parameters:
subject
- The subject (end-user). Must not benull
.scope
- The authorised scope values. Must not benull
.accessTokenSpec
- The access token specification. Must not benull
.idTokenSpec
- The ID token specification. Must not benull
.claimsSpec
- The OpenID claims specification. Must not benull
.data
- Additional data as a JSON object,null
if not specified.
-
SelfIssuedAssertionAuthorization
public SelfIssuedAssertionAuthorization(com.nimbusds.oauth2.sdk.id.ClientID subject, com.nimbusds.oauth2.sdk.Scope scope) Creates a new authorisation for a self-issued assertion grant where the client acts on its own behalf.See RFC 7521, section 6.2.
- Parameters:
subject
- The client identifier. Must not benull
.scope
- The authorised scope values. Must not benull
.
-
SelfIssuedAssertionAuthorization
public SelfIssuedAssertionAuthorization(com.nimbusds.oauth2.sdk.id.ClientID subject, com.nimbusds.oauth2.sdk.Scope scope, AccessTokenSpec accessTokenSpec, @Nullable net.minidev.json.JSONObject data) Creates a new authorisation for a self-issued assertion grant where the client acts on its own behalf.See RFC 7521, section 6.2.
- Parameters:
subject
- The client identifier. Must not benull
.scope
- The authorised scope values. Must not benull
.accessTokenSpec
- The access token specification. Must not benull
.data
- Additional data as a JSON object,null
if not specified.
-
-
Method Details
-
parse
public static SelfIssuedAssertionAuthorization parse(net.minidev.json.JSONObject jsonObject) throws com.nimbusds.oauth2.sdk.ParseException Parses a self-issued assertion grant authorisation from the specified JSON object.- Parameters:
jsonObject
- The JSON object to parse. Must not benull
.- Returns:
- The authorisation.
- Throws:
com.nimbusds.oauth2.sdk.ParseException
- If parsing failed.
-
parse
public static SelfIssuedAssertionAuthorization parse(String json) throws com.nimbusds.oauth2.sdk.ParseException Parses a self-issued assertion grant authorisation from the specified JSON object string.- Parameters:
json
- The JSON object string to parse. Must not benull
.- Returns:
- The authorisation.
- Throws:
com.nimbusds.oauth2.sdk.ParseException
- If parsing failed.
-