Package com.nimbusds.openid.connect.provider.spi.claims

Interface AdvancedClaimsSource

All Superinterfaces:
ClaimsSupport, CommonClaimsSource, Lifecycle
@ThreadSafe public interface AdvancedClaimsSource extends CommonClaimsSource
Advanced Service Provider Interface (SPI) for sourcing OpenID Connect UserInfo and other claims about a subject (end-user). This interface is intended for claims sources that require access to additional parameters, such as the client identifier (client_id); if that's not needed stick to the basic interface. Implementations must be thread-safe.

Claims sources can be:

  • LDAP directories
  • SQL or NoSQL databases
  • Web services
  • Files

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final String
    VERIFIED_CLAIM_NAME_PREFIX
    The verified: prefix for names of verified claims.

  • Method Summary

    Modifier and Type
    Method
    Description
    com.nimbusds.openid.connect.sdk.claims.UserInfo
    getClaims(com.nimbusds.oauth2.sdk.id.Subject subject, Set<String> claims, @Nullable List<com.nimbusds.langtag.LangTag> claimsLocales, ClaimsSourceRequestContext requestContext)
    Requests claims for the specified subject.

    Methods inherited from interface com.nimbusds.openid.connect.provider.spi.claims.ClaimsSupport

    supportedClaims

    Methods inherited from interface com.nimbusds.openid.connect.provider.spi.Lifecycle

    init, isEnabled, shutdown

  • Field Details

  • Method Details

    • getClaims

      com.nimbusds.openid.connect.sdk.claims.UserInfo getClaims(com.nimbusds.oauth2.sdk.id.Subject subject, Set<String> claims, @Nullable List<com.nimbusds.langtag.LangTag> claimsLocales, ClaimsSourceRequestContext requestContext) throws Exception
      Requests claims for the specified subject.
      Parameters:
      subject - The subject. Must not be null.
      claims - The names of the requested claims, with optional language tags. The names of verified claims (OpenID Connect for Identity Assurance 1.0) are prefixed with "verified:". Not null.
      claimsLocales - The preferred languages and scripts for the claims to return, null if not specified.
      requestContext - Provides access to additional parameters about the request. Not null.
      Returns:
      The claims, null if the subject wasn't found or the claims source is disabled.
      Throws:
      Exception - If retrieval of the claims failed.