Package com.nimbusds.openid.connect.sdk

Class OIDCScopeValue

java.lang.Object
com.nimbusds.oauth2.sdk.id.Identifier
com.nimbusds.oauth2.sdk.Scope.Value
com.nimbusds.openid.connect.sdk.OIDCScopeValue
All Implemented Interfaces:
Serializable, Comparable<Identifier>, net.minidev.json.JSONAware
public class OIDCScopeValue extends Scope.Value
Standard OpenID Connect scope value.

Related specifications:

  • OpenID Connect Core 1.0
See Also:

  • Field Details

    • OPENID

      public static final OIDCScopeValue OPENID
      Informs the authorisation server that the client is making an OpenID Connect request (REQUIRED). This scope value requests access to the sub claim.

    • PROFILE

      public static final OIDCScopeValue PROFILE
      Requests that access to the end-user's default profile claims at the UserInfo endpoint be granted by the issued access token. These claims are: name, family_name, given_name, middle_name, nickname, preferred_username, profile, picture, website, gender, birthdate, zoneinfo, locale, and updated_at.

    • EMAIL

      public static final OIDCScopeValue EMAIL
      Requests that access to the email and email_verified claims at the UserInfo endpoint be granted by the issued access token.

    • ADDRESS

      public static final OIDCScopeValue ADDRESS
      Requests that access to address claim at the UserInfo endpoint be granted by the issued access token.

    • PHONE

      public static final OIDCScopeValue PHONE
      Requests that access to the phone_number and phone_number_verified claims at the UserInfo endpoint be granted by the issued access token.

    • OFFLINE_ACCESS

      public static final OIDCScopeValue OFFLINE_ACCESS
      Requests that an OAuth 2.0 refresh token be issued that can be used to obtain an access token that grants access the end-user's UserInfo endpoint even when the user is not present (not logged in).

  • Method Details

    • values

      public static OIDCScopeValue[] values()
      Returns the standard OpenID Connect scope values declared in this class.
      Returns:
      The standard OpenID Connect scope values.

    • resolveClaimNames

      public static Set<String> resolveClaimNames(Scope scope)
      Resolves the claim names for all scope values that expand to claims. Recognises all standard OpenID Connect scope values as well as any that are additionally specified in the optional map.
      Parameters:
      scope - The scope, null if not specified.
      Returns:
      The resolved claim names, as an unmodifiable set, empty set if none.

    • resolveClaimNames

      public static Set<String> resolveClaimNames(Scope scope, Map<Scope.Value,Set<String>> customClaims)
      Resolves the claim names for all scope values that expand to claims. Recognises all standard OpenID Connect scope values as well as any that are additionally specified in the optional map.
      Parameters:
      scope - The scope, null if not specified.
      customClaims - Custom scope value to set of claim names map, null if not specified.
      Returns:
      The resolved claim names, as an unmodifiable set, empty set if none.

    • getClaimNames

      public Set<String> getClaimNames()
      Returns the names of the associated claims.
      Returns:
      The names of the associated claims, null if not applicable.

    • toClaimsRequestJSONObject

      public net.minidev.json.JSONObject toClaimsRequestJSONObject()
      Gets the claims request JSON object for this OpenID Connect scope value.

      See OpenID Connect Core 1.0

      Example JSON object for "openid" scope value: 

       {
   "sub" : { "essential" : true }
 }

      Example JSON object for "email" scope value: 

       {
   "email"          : null,
   "email_verified" : null
 }
      Returns:
      The claims request JSON object, null if not applicable.

    • toClaimsRequestEntries

      @Deprecated public Set<ClaimsRequest.Entry> toClaimsRequestEntries()
      Deprecated.
      Gets the claims request entries for this OpenID Connect scope value.

      See OpenID Connect Core 1.0

      Returns:
      The claims request entries, null if not applicable (for scope values OPENID and OFFLINE_ACCESS).
      See Also:

    • toClaimsSetRequestEntries

      public List<ClaimsSetRequest.Entry> toClaimsSetRequestEntries()
      Gets the OpenID claims request entries for this OpenID Connect scope value.

      See OpenID Connect Core 1.0

      Returns:
      The OpenID claims request entries, null if not applicable (for scope values OPENID and OFFLINE_ACCESS).