Package com.nimbusds.oauth2.sdk.jarm

Class JARMUtils

java.lang.Object
com.nimbusds.oauth2.sdk.jarm.JARMUtils
public final class JARMUtils extends Object
JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) utilities.

  • Field Details

  • Method Details

    • supportsJARM

      public static boolean supportsJARM(AuthorizationServerMetadata asMetadata)
      Returns true if JARM is supported for the specified OpenID provider / Authorisation server metadata.
      Parameters:
      asMetadata - The OpenID provider / Authorisation server metadata. Must not be null.
      Returns:
      true if JARM is supported, else false.

    • toJWTClaimsSet

      public static com.nimbusds.jwt.JWTClaimsSet toJWTClaimsSet(Issuer iss, ClientID aud, Date exp, AuthorizationResponse response)
      Creates a JSON Web Token (JWT) claims set for the specified authorisation success response.
      Parameters:
      iss - The OAuth 2.0 authorisation server issuer. Must not be null.
      aud - The client ID. Must not be null.
      exp - The JWT expiration time. Must not be null.
      response - The plain authorisation response to use its parameters. If it specifies an iss (issuer) parameter its value must match the JWT iss claim. Must not be null.
      Returns:
      The JWT claims set.

    • toMultiValuedStringParameters

      public static Map<String,List<String>> toMultiValuedStringParameters(com.nimbusds.jwt.JWTClaimsSet jwtClaimsSet)
      Returns a multi-valued map representation of the specified JWT claims set.
      Parameters:
      jwtClaimsSet - The JWT claims set. Must not be null.
      Returns:
      The multi-valued map.

    • impliesAuthorizationErrorResponse

      public static boolean impliesAuthorizationErrorResponse(String jwtString) throws ParseException
      Returns true if the specified JWT-secured authorisation response implies an error response. Note that the JWT is not validated in any way!
      Parameters:
      jwtString - The JWT-secured authorisation response string. Must not be null.
      Returns:
      true if an error is implied by the presence of the error claim, else false (also for encrypted JWTs which payload cannot be inspected without decrypting first).
      Throws:
      ParseException - If the JWT is invalid or plain (unsecured).

    • impliesAuthorizationErrorResponse

      public static boolean impliesAuthorizationErrorResponse(com.nimbusds.jwt.JWT jwt) throws ParseException
      Returns true if the specified JWT-secured authorisation response implies an error response. Note that the JWT is not validated in any way!
      Parameters:
      jwt - The JWT-secured authorisation response. Must not be null.
      Returns:
      true if an error is implied by the presence of the error claim, else false (also for encrypted JWTs which payload cannot be inspected without decrypting first).
      Throws:
      ParseException - If the JWT is plain (unsecured).