Package com.nimbusds.openid.connect.sdk.op

Class ACRRequest

java.lang.Object
com.nimbusds.openid.connect.sdk.op.ACRRequest
@Immutable public final class ACRRequest extends Object
Resolved authentication Context Class Reference (ACR) request.

  • Constructor Details

    • ACRRequest

      public ACRRequest(List<ACR> essentialACRs, List<ACR> voluntaryACRs)
      Creates a new Authentication Context Class Reference (ACR) request.
      Parameters:
      essentialACRs - The requested essential ACR values, by order of preference, null if not specified.
      voluntaryACRs - The requested voluntary ACR values, by order of preference, null if not specified.

  • Method Details

    • getEssentialACRs

      public List<ACR> getEssentialACRs()
      Gets the requested essential ACR values.
      Returns:
      The essential ACR values, by order of preference, null if not specified.

    • getVoluntaryACRs

      public List<ACR> getVoluntaryACRs()
      Gets the requested voluntary ACR values.
      Returns:
      The voluntary ACR values, by order of preference, null if not specified.

    • isEmpty

      public boolean isEmpty()
      Returns true if no essential and voluntary ACR values are requested.
      Returns:
      true if no essential and voluntary ACR values are requested, else false.

    • applyDefaultACRs

      public ACRRequest applyDefaultACRs(OIDCClientInformation clientInfo)
      Applies any default requested ACR values (as voluntary values) from the registered client information.
      Parameters:
      clientInfo - The registered client information. Must not be null.
      Returns:
      The ACR request, updated if default ACR values are applied.

    • applyDefaultACRs

      public ACRRequest applyDefaultACRs(OIDCClientInformation clientInfo, List<ACR> defaultACRs)
      Applies any default requested ACR values (as voluntary values) from the registered client information and a global OpenID provider configuration.
      Parameters:
      clientInfo - The registered client information. Must not be null.
      defaultACRs - Fallback default ACR values in case there are no registered for the client, null if none.
      Returns:
      The ACR request, updated if default ACR values are applied.

    • ensureACRSupport

      public void ensureACRSupport(AuthorizationRequest authzRequest, List<ACR> supportedACRs) throws GeneralException
      Ensures all requested essential ACR values are supported by the OpenID provider.
      Parameters:
      authzRequest - The OAuth 2.0 authorisation request / OpenID authentication request. Must not be null.
      supportedACRs - The ACR values supported by the OpenID provider, null if not specified.
      Throws:
      GeneralException - If a requested essential ACR value is not supported by the OpenID provider.

    • ensureACRSupport

      @Deprecated public void ensureACRSupport(AuthenticationRequest authRequest, OIDCProviderMetadata opMetadata) throws GeneralException
      Deprecated.
      Ensures all requested essential ACR values are supported by the OpenID provider.
      Parameters:
      authRequest - The OpenID authentication request. Must not be null.
      opMetadata - The OpenID provider metadata. Must not be null.
      Throws:
      GeneralException - If a requested essential ACR value is not supported by the OpenID provider.

    • resolve

      public static ACRRequest resolve(AuthorizationRequest authzRequest)
      Resolves the requested essential and voluntary ACR values from the specified OAuth 2.0 authorisation request / OpenID authentication request.
      Parameters:
      authzRequest - The OAuth 2.0 authorisation request / OpenID authentication request. Should be resolved. Must not be null.
      Returns:
      The resolved ACR request.

    • resolve

      public static ACRRequest resolve(CIBARequest cibaRequest)
      Resolves the requested essential and voluntary ACR values from the specified CIBA request.
      Parameters:
      cibaRequest - The CIBA request. Must be resolved and not null.
      Returns:
      The resolved ACR request.

    • resolve

      public static ACRRequest resolve(List<ACR> acrValues, OIDCClaimsRequest claimsRequest)
      Resolves the requested essential and voluntary ACR values from the specified top-level acr_values request parameter and claims request parameter.
      Parameters:
      acrValues - The top-level acr_values request parameter, null if not specified.
      claimsRequest - The OpenID claims request parameter, null if not specified.
      Returns:
      The resolved ACR request.