public interface ClientCredentialsSelector<T>
Selection of client_secret_basic
, client_secret_post
and client_secret_jwt
secrets is handled by the selectClientSecrets(com.nimbusds.oauth2.sdk.id.ClientID, com.nimbusds.oauth2.sdk.auth.ClientAuthenticationMethod, com.nimbusds.oauth2.sdk.auth.verifier.Context<T>)
method.
Selection of private_key_jwt
keys is handled by the selectPublicKeys(com.nimbusds.oauth2.sdk.id.ClientID, com.nimbusds.oauth2.sdk.auth.ClientAuthenticationMethod, com.nimbusds.jose.JWSHeader, boolean, com.nimbusds.oauth2.sdk.auth.verifier.Context<T>)
method.
The generic context object
may be used to return
client metadata
or
other information to the caller.
Modifier and Type | Method and Description |
---|---|
List<Secret> |
selectClientSecrets(ClientID claimedClientID,
ClientAuthenticationMethod authMethod,
Context<T> context)
Selects one or more client secret candidates for
client_secret_basic ,
client_secret_post and
client_secret_jwt
authentication. |
List<? extends PublicKey> |
selectPublicKeys(ClientID claimedClientID,
ClientAuthenticationMethod authMethod,
com.nimbusds.jose.JWSHeader jwsHeader,
boolean forceReload,
Context<T> context)
Selects one or more public key candidates (e.g.
|
List<Secret> selectClientSecrets(ClientID claimedClientID, ClientAuthenticationMethod authMethod, Context<T> context) throws InvalidClientException
client_secret_basic
,
client_secret_post
and
client_secret_jwt
authentication.claimedClientID
- The client identifier (to be verified). Not
null
.authMethod
- The client authentication method. Not
null
.context
- Additional context. May be null
.InvalidClientException
- If the client is invalid.List<? extends PublicKey> selectPublicKeys(ClientID claimedClientID, ClientAuthenticationMethod authMethod, com.nimbusds.jose.JWSHeader jwsHeader, boolean forceReload, Context<T> context) throws InvalidClientException
private_key_jwt
authentication.claimedClientID
- The client identifier (to be verified). Not
null
.authMethod
- The client authentication method. Not
null
.jwsHeader
- The JWS header, which may contain parameters
such as key ID to facilitate the key
selection. Not null
.forceReload
- true
to force reload of the JWK set
(for a remote JWK set referenced by URL).context
- Additional context. Not null
.InvalidClientException
- If the client is invalid.Copyright © 2016 Connect2id Ltd.. All rights reserved.