Package com.nimbusds.openid.connect.provider.spi.grants

Class IDTokenSpec

java.lang.Object
com.nimbusds.openid.connect.provider.spi.grants.TokenSpec
com.nimbusds.openid.connect.provider.spi.grants.OptionalTokenSpec
com.nimbusds.openid.connect.provider.spi.grants.IDTokenSpec
@Immutable public class IDTokenSpec extends OptionalTokenSpec
Identity (ID) token specification.

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final IDTokenSpec
    NONE
    None (no issue) ID token specification.

  • Constructor Summary

    Constructors
    Constructor
    Description
    IDTokenSpec()
    Creates a new default ID token specification (no issue).
    IDTokenSpec(boolean issue, long lifetime, @Nullable com.nimbusds.oauth2.sdk.id.Subject impersonatedSubject)
    Creates a new ID token specification.
    IDTokenSpec(boolean issue, long lifetime, @Nullable Date authTime, @Nullable com.nimbusds.openid.connect.sdk.claims.ACR acr, @Nullable List<com.nimbusds.openid.connect.sdk.claims.AMR> amrList, boolean allowRefresh, @Nullable com.nimbusds.oauth2.sdk.id.Subject impersonatedSubject)
    Creates a new ID token specification.
    IDTokenSpec(boolean issue, long lifetime, @Nullable Date authTime, @Nullable com.nimbusds.openid.connect.sdk.claims.ACR acr, @Nullable List<com.nimbusds.openid.connect.sdk.claims.AMR> amrList, @Nullable com.nimbusds.oauth2.sdk.id.Subject impersonatedSubject)
    Creates a new ID token specification.

  • Method Summary

    Modifier and Type
    Method
    Description
    @Nullable com.nimbusds.openid.connect.sdk.claims.ACR
    getACR()
    Returns the Authentication Context Class Reference (ACR).
    @Nullable List<com.nimbusds.openid.connect.sdk.claims.AMR>
    getAMRList()
    Returns The Authentication Methods Reference (AMR) list.
    @Nullable Date
    getAuthTime()
    Returns the time of the subject authentication.
    boolean
    isAllowRefresh()
    Returns the ID token refresh setting.
    static IDTokenSpec
    parse(net.minidev.json.JSONObject jsonObject)
    Parses an ID token specification from the specified JSON object.
    net.minidev.json.JSONObject
    toJSONObject()
    Returns a JSON object representation of this token specification.

    Methods inherited from class com.nimbusds.openid.connect.provider.spi.grants.OptionalTokenSpec

    issue

    Methods inherited from class com.nimbusds.openid.connect.provider.spi.grants.TokenSpec

    getAudience, getImpersonatedSubject, getLifetime, toString

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

  • Field Details

    • NONE

      public static final IDTokenSpec NONE
      None (no issue) ID token specification.

  • Constructor Details

    • IDTokenSpec

      public IDTokenSpec()
      Creates a new default ID token specification (no issue).

    • IDTokenSpec

      public IDTokenSpec(boolean issue, long lifetime, @Nullable com.nimbusds.oauth2.sdk.id.Subject impersonatedSubject)
      Creates a new ID token specification.
      Parameters:
      issue - Controls the ID token issue. If true an ID token must be issued, false to prohibit issue.
      lifetime - The ID token lifetime, in seconds, zero if not specified (to let the Connect2id server apply the default configured lifetime for ID tokens).
      impersonatedSubject - The subject in impersonation and delegation cases, null if not applicable.

    • IDTokenSpec

      public IDTokenSpec(boolean issue, long lifetime, @Nullable Date authTime, @Nullable com.nimbusds.openid.connect.sdk.claims.ACR acr, @Nullable List<com.nimbusds.openid.connect.sdk.claims.AMR> amrList, @Nullable com.nimbusds.oauth2.sdk.id.Subject impersonatedSubject)
      Creates a new ID token specification.
      Parameters:
      issue - Controls the ID token issue. If true an ID token must be issued, false to prohibit issue.
      lifetime - The ID token lifetime, in seconds, zero if not specified (to let the Connect2id server apply the default configured lifetime for ID tokens).
      authTime - The time of the subject authentication. If null it will be set to now. Applies only if an ID token is issued.
      acr - The Authentication Context Class Reference (ACR), null if not specified. Applies only if an ID token is issued.
      amrList - The Authentication Methods Reference (AMR) list, null if not specified. Applies only if an ID token is issued.
      impersonatedSubject - The subject in impersonation and delegation cases, null if not applicable.

    • IDTokenSpec

      public IDTokenSpec(boolean issue, long lifetime, @Nullable Date authTime, @Nullable com.nimbusds.openid.connect.sdk.claims.ACR acr, @Nullable List<com.nimbusds.openid.connect.sdk.claims.AMR> amrList, boolean allowRefresh, @Nullable com.nimbusds.oauth2.sdk.id.Subject impersonatedSubject)
      Creates a new ID token specification.
      Parameters:
      issue - Controls the ID token issue. If true an ID token must be issued, false to prohibit issue.
      lifetime - The ID token lifetime, in seconds, zero if not specified (to let the Connect2id server apply the default configured lifetime for ID tokens).
      authTime - The time of the subject authentication. If null it will be set to now. Applies only if an ID token is issued.
      acr - The Authentication Context Class Reference (ACR), null if not specified. Applies only if an ID token is issued.
      amrList - The Authentication Methods Reference (AMR) list, null if not specified. Applies only if an ID token is issued.
      allowRefresh - true to allow ID token refresh until the subject session is closed or expires.
      impersonatedSubject - The subject in impersonation and delegation cases, null if not applicable.

  • Method Details

    • getAuthTime

      public @Nullable Date getAuthTime()
      Returns the time of the subject authentication.
      Returns:
      The time of the subject authentication. If null it will be set to now. Applies only if an ID token is issued.

    • getACR

      public @Nullable com.nimbusds.openid.connect.sdk.claims.ACR getACR()
      Returns the Authentication Context Class Reference (ACR).
      Returns:
      The Authentication Context Class Reference (ACR), null if not specified. Applies only if an ID token is issued.

    • getAMRList

      public @Nullable List<com.nimbusds.openid.connect.sdk.claims.AMR> getAMRList()
      Returns The Authentication Methods Reference (AMR) list.
      Returns:
      The Authentication Methods Reference (AMR) list, null if not specified. Applies only if an ID token is issued.

    • isAllowRefresh

      public boolean isAllowRefresh()
      Returns the ID token refresh setting.
      Returns:
      true to allow ID token refresh until the subject session is closed or expires.

    • toJSONObject

      public net.minidev.json.JSONObject toJSONObject()
      Description copied from class: TokenSpec
      Returns a JSON object representation of this token specification.
      Overrides:
      toJSONObject in class OptionalTokenSpec
      Returns:
      The JSON object.

    • parse

      public static IDTokenSpec parse(net.minidev.json.JSONObject jsonObject) throws com.nimbusds.oauth2.sdk.ParseException
      Parses an ID token specification from the specified JSON object.
      Parameters:
      jsonObject - The JSON object. Must not be null.
      Returns:
      The ID token specification.
      Throws:
      com.nimbusds.oauth2.sdk.ParseException - If parsing failed.