Package com.nimbusds.openid.connect.sdk.op

Class ACRRequest

java.lang.Object
com.nimbusds.openid.connect.sdk.op.ACRRequest
@Immutable public final class ACRRequest extends Object
Resolved authentication Context Class Reference (ACR) request.

  • Constructor Details

    • ACRRequest

      public ACRRequest(List<ACR> essentialACRs, List<ACR> voluntaryACRs)
      Creates a new Authentication Context Class Reference (ACR) request.
      Parameters:
      essentialACRs - The requested essential ACR values, by order of preference, null if not specified.
      voluntaryACRs - The requested voluntary ACR values, by order of preference, null if not specified.

  • Method Details

    • getEssentialACRs

      public List<ACR> getEssentialACRs()
      Gets the requested essential ACR values.
      Returns:
      The essential ACR values, by order of preference, null if not specified.

    • getVoluntaryACRs

      public List<ACR> getVoluntaryACRs()
      Gets the requested voluntary ACR values.
      Returns:
      The voluntary ACR values, by order of preference, null if not specified.

    • isEmpty

      public boolean isEmpty()
      Checks if this ACR request has no essential or voluntary values specified.
      Returns:
      true if this ACR request doesn't specify any essential or voluntary values, else false.

    • applyDefaultACRs

      public ACRRequest applyDefaultACRs(OIDCClientInformation clientInfo)
      Applies the registered default ACR values for the requesting client (as a voluntary ACR value, provided no ACR values were explicitly requested).
      Parameters:
      clientInfo - The registered client information. Must not be null.
      Returns:
      The ACR request, updated if registered default ACR values were applied.

    • ensureACRSupport

      public void ensureACRSupport(AuthorizationRequest authzRequest, List<ACR> supportedACRs) throws GeneralException
      Ensures all requested essential ACR values are supported by those supported by the OpenID provider.
      Parameters:
      authzRequest - The OAuth 2.0 authorisation request / OpenID authentication request. Must not be null.
      supportedACRs - The ACR values supported by the OpenID provider, null if not specified.
      Throws:
      GeneralException - If a requested essential ACR value is not supported by the OpenID provider.

    • ensureACRSupport

      @Deprecated public void ensureACRSupport(AuthenticationRequest authRequest, OIDCProviderMetadata opMetadata) throws GeneralException
      Deprecated.
      Ensures all requested essential ACR values are supported by the OpenID provider.
      Parameters:
      authRequest - The OpenID authentication request. Must not be null.
      opMetadata - The OpenID provider metadata. Must not be null.
      Throws:
      GeneralException - If a requested essential ACR value is not supported by the OpenID provider.

    • resolve

      public static ACRRequest resolve(AuthorizationRequest authzRequest)
      Resolves the requested essential and voluntary ACR values from the specified OAuth 2.0 authorisation request / OpenID authentication request.
      Parameters:
      authzRequest - The OAuth 2.0 authorisation request / OpenID authentication request. Should be resolved. Must not be null.
      Returns:
      The resolved ACR request.

    • resolve

      public static ACRRequest resolve(CIBARequest cibaRequest)
      Resolves the requested essential and voluntary ACR values from the specified CIBA request.
      Parameters:
      cibaRequest - The CIBA request. Must be resolved and not null.
      Returns:
      The resolved ACR request.

    • resolve

      public static ACRRequest resolve(List<ACR> acrValues, OIDCClaimsRequest claimsRequest)
      Resolves the requested essential and voluntary ACR values from the specified top-level acr_values request parameter and claims request parameter.
      Parameters:
      acrValues - The top-level acr_values request parameter, null if not specified.
      claimsRequest - The OpenID claims request parameter, null if not specified.
      Returns:
      The resolved ACR request.