Package com.nimbusds.oauth2.sdk.auth

Class ClientSecretBasic

java.lang.Object
com.nimbusds.oauth2.sdk.auth.ClientAuthentication
com.nimbusds.oauth2.sdk.auth.PlainClientSecret
com.nimbusds.oauth2.sdk.auth.ClientSecretBasic
@Immutable public final class ClientSecretBasic extends PlainClientSecret
Client secret basic authentication at the Token endpoint. Implements ClientAuthenticationMethod.CLIENT_SECRET_BASIC.

Example HTTP Authorization header (for client identifier "s6BhdRkqt3" and secret "7Fjfp0ZBr1KtDRbnfVdmIw"): 

 Authorization: Basic czZCaGRSa3F0Mzo3RmpmcDBaQnIxS3REUmJuZlZkbUl3

Related specifications:

  • OAuth 2.0 (RFC 6749)
  • OpenID Connect Core 1.0
  • HTTP Authentication: Basic and Digest Access Authentication (RFC 2617)

  • Constructor Details

    • ClientSecretBasic

      public ClientSecretBasic(ClientID clientID, Secret secret)
      Creates a new client secret basic authentication.
      Parameters:
      clientID - The client identifier. Must not be null.
      secret - The client secret. Must not be null.

  • Method Details

    • getFormParameterNames

      public Set<String> getFormParameterNames()
      Description copied from class: ClientAuthentication
      Returns the name of the form parameters, if such are used by the authentication method.
      Specified by:
      getFormParameterNames in class ClientAuthentication
      Returns:
      The form parameter names, empty set if none.

    • toHTTPAuthorizationHeader

      public String toHTTPAuthorizationHeader()
      Returns the HTTP Authorization header representation of this client secret basic authentication.

      Note that OAuth 2.0 (RFC 6749, section 2.3.1) requires the client ID and secret to be application/x-www-form-urlencoded before passing them to the HTTP basic authentication algorithm. This behaviour differs from the original HTTP Basic Authentication specification (RFC 2617).

      Example HTTP Authorization header (for client identifier "Aladdin" and password "open sesame"): 

      
 Authorization: Basic QWxhZGRpbjpvcGVuK3Nlc2FtZQ==

      See RFC 2617, section 2.

      Returns:
      The HTTP Authorization header.

    • applyTo

      public void applyTo(HTTPRequest httpRequest)
      Description copied from class: ClientAuthentication
      Applies the authentication to the specified HTTP request by setting its Authorization header and/or POST entity-body parameters (according to the implemented client authentication method).
      Specified by:
      applyTo in class ClientAuthentication
      Parameters:
      httpRequest - The HTTP request. Must not be null.

    • parse

      public static ClientSecretBasic parse(String header) throws ParseException
      Parses a client secret basic authentication from the specified HTTP Authorization header.
      Parameters:
      header - The HTTP Authorization header to parse. Must not be null.
      Returns:
      The client secret basic authentication.
      Throws:
      ParseException - If the header couldn't be parsed to a client secret basic authentication.

    • parse

      public static ClientSecretBasic parse(HTTPRequest httpRequest) throws ParseException
      Parses a client secret basic authentication from the specified HTTP request.
      Parameters:
      httpRequest - The HTTP request to parse. Must not be null and must contain a valid Authorization header.
      Returns:
      The client secret basic authentication.
      Throws:
      ParseException - If the HTTP Authorization header couldn't be parsed to a client secret basic authentication.