@ThreadSafe public class AuthenticationRequestResolver extends Object
request
parameter, or by URL using the
request_uri
parameter.
To process signed (JWS) and optionally encrypted (JWE) request object
JWTs a JWT decoder
for the expected JWS / JWE algorithms must be provided at construction time.
To fetch OpenID Connect request objects specified by URL a
JWT retriever
must be provided, otherwise only inlined request objects can be processed.
Related specifications:
Constructor and Description |
---|
AuthenticationRequestResolver()
Creates a new minimal OpenID Connect authentication request
resolver.
|
AuthenticationRequestResolver(JWTDecoder jwtDecoder)
Creates a new OpenID Connect authentication request resolver that
supports OpenID Connect request objects passed by value (using the
authentication
request parameter). |
AuthenticationRequestResolver(JWTDecoder jwtDecoder,
ResourceRetriever jwtRetriever)
Creates a new OpenID Connect request object resolver that supports
OpenID Connect request objects passed by value (using the
authentication
request parameter) or by reference (using the
authentication request_uri parameter). |
Modifier and Type | Method and Description |
---|---|
JWTDecoder |
getJWTDecoder()
Gets the JWT decoder.
|
ResourceRetriever |
getJWTRetriever()
Gets the JWT retriever.
|
static Map<String,String> |
reformatClaims(com.nimbusds.jwt.JWTClaimsSet claimsSet)
Reformats the specified JWT claims set to a
java.util.Map&<String,String> instance.
|
AuthenticationRequest |
resolve(AuthenticationRequest request)
Resolves the specified OpenID Connect authentication request by
superseding its parameters with those found in the optional OpenID
Connect request object (if any).
|
public AuthenticationRequestResolver()
ResolveException
if the authentication request
includes a request
or request_uri
parameter.public AuthenticationRequestResolver(JWTDecoder jwtDecoder)
request
parameter). It will throw a
ResolveException
if the authentication request includes a
request_uri
parameter.jwtDecoder
- A configured JWT decoder providing JWS validation
and optional JWE decryption of the request
objects. Must not be null
.public AuthenticationRequestResolver(JWTDecoder jwtDecoder, ResourceRetriever jwtRetriever)
request
parameter) or by reference (using the
authentication request_uri
parameter).jwtDecoder
- A configured JWT decoder providing JWS
validation and optional JWE decryption of the
request objects. Must not be null
.jwtRetriever
- A configured JWT retriever for OpenID Connect
request objects passed by URI. Must not be
null
.public JWTDecoder getJWTDecoder()
null
if not specified.public ResourceRetriever getJWTRetriever()
null
if not specified.public static Map<String,String> reformatClaims(com.nimbusds.jwt.JWTClaimsSet claimsSet) throws ResolveException
claimsSet
- The JWT claims set to reformat. Must not be
null
.ResolveException
- If reformatting of the JWT claims set
failed.public AuthenticationRequest resolve(AuthenticationRequest request) throws ResolveException
request
- The OpenID Connect authentication request. Must not be
null
.ResolveException
- If the request couldn't be resolved.Copyright © 2015 Connect2id Ltd.. All Rights Reserved.