@ThreadSafe public class AuthenticationRequestResolver<C extends com.nimbusds.jose.proc.SecurityContext> extends Object
request
parameter, or by URL using the
request_uri
parameter.
To process signed and optionally encrypted request objects a
JWT processor
for the expected JWS / JWE algorithms
must be provided at construction time.
To fetch OpenID Connect request objects specified by URL a
JWT retriever
must be provided, otherwise only
inlined request objects can be processed.
Related specifications:
Constructor and Description |
---|
AuthenticationRequestResolver()
Creates a new minimal OpenID Connect authentication request
resolver.
|
AuthenticationRequestResolver(com.nimbusds.jwt.proc.JWTProcessor<C> jwtProcessor)
Creates a new OpenID Connect authentication request resolver that
supports OpenID Connect request objects passed by value (using the
authentication
request parameter). |
AuthenticationRequestResolver(com.nimbusds.jwt.proc.JWTProcessor<C> jwtProcessor,
ResourceRetriever jwtRetriever)
Creates a new OpenID Connect request object resolver that supports
OpenID Connect request objects passed by value (using the
authentication
request parameter) or by reference (using the
authentication request_uri parameter). |
Modifier and Type | Method and Description |
---|---|
com.nimbusds.jwt.proc.JWTProcessor<C> |
getJWTProcessor()
Returns the JWT processor.
|
ResourceRetriever |
getJWTRetriever()
Returns the JWT retriever.
|
static Map<String,String> |
reformatClaims(com.nimbusds.jwt.JWTClaimsSet claimsSet)
Reformats the specified JWT claims set to a
java.util.Map&<String,String> instance.
|
AuthenticationRequest |
resolve(AuthenticationRequest request,
C securityContext)
Resolves the specified OpenID Connect authentication request by
superseding its parameters with those found in the optional OpenID
Connect request object (if any).
|
public AuthenticationRequestResolver()
ResolveException
if the authentication request
includes a request
or request_uri
parameter.public AuthenticationRequestResolver(com.nimbusds.jwt.proc.JWTProcessor<C> jwtProcessor)
request
parameter). It will throw a
ResolveException
if the authentication request includes a
request_uri
parameter.jwtProcessor
- A configured JWT processor providing JWS
validation and optional JWE decryption of the
request objects. Must not be null
.public AuthenticationRequestResolver(com.nimbusds.jwt.proc.JWTProcessor<C> jwtProcessor, ResourceRetriever jwtRetriever)
request
parameter) or by reference (using the
authentication request_uri
parameter).jwtProcessor
- A configured JWT processor providing JWS
validation and optional JWE decryption of the
request objects. Must not be null
.jwtRetriever
- A configured JWT retriever for OpenID Connect
request objects passed by URI. Must not be
null
.public com.nimbusds.jwt.proc.JWTProcessor<C> getJWTProcessor()
null
if not specified.public ResourceRetriever getJWTRetriever()
null
if not specified.public static Map<String,String> reformatClaims(com.nimbusds.jwt.JWTClaimsSet claimsSet)
claimsSet
- The JWT claims set to reformat. Must not be
null
.public AuthenticationRequest resolve(AuthenticationRequest request, C securityContext) throws ResolveException, com.nimbusds.jose.JOSEException
request
- The OpenID Connect authentication request.
Must not be null
.securityContext
- Optional security context to pass to the JWT
processor, null
if not specified.ResolveException
- If the request couldn't be resolved.com.nimbusds.jose.JOSEException
Copyright © 2016 Connect2id Ltd.. All rights reserved.