public class OIDCClientMetadata extends ClientMetadata
Related specifications:
Constructor and Description |
---|
OIDCClientMetadata()
Creates a new OpenID Connect client metadata instance.
|
OIDCClientMetadata(ClientMetadata metadata)
Creates a new OpenID Connect client metadata instance from the
specified base OAuth 2.0 client metadata.
|
Modifier and Type | Method and Description |
---|---|
void |
applyDefaults()
Applies the client metadata defaults where no values have been
specified.
|
ApplicationType |
getApplicationType()
Gets the client application type.
|
URI |
getBackChannelLogoutURI()
Gets the back-channel logout URI.
|
List<ACR> |
getDefaultACRs()
Gets the default Authentication Context Class Reference (ACR)
values.
|
int |
getDefaultMaxAge()
Gets the default maximum authentication age.
|
URI |
getFrontChannelLogoutURI()
Gets the front-channel logout URI.
|
com.nimbusds.jose.JWEAlgorithm |
getIDTokenJWEAlg()
Gets the JSON Web Encryption (JWE) algorithm required for the ID
Tokens issued to this client.
|
com.nimbusds.jose.EncryptionMethod |
getIDTokenJWEEnc()
Gets the JSON Web Encryption (JWE) method required for the ID Tokens
issued to this client.
|
com.nimbusds.jose.JWSAlgorithm |
getIDTokenJWSAlg()
Gets the JSON Web Signature (JWS) algorithm required for the ID
Tokens issued to this client.
|
URI |
getInitiateLoginURI()
Gets the HTTPS URI that the authorisation server can call to
initiate a login at the client.
|
Set<URI> |
getPostLogoutRedirectionURIs()
Gets the post logout redirection URIs.
|
static Set<String> |
getRegisteredParameterNames()
Gets the registered (standard) OpenID Connect client metadata
parameter names.
|
com.nimbusds.jose.JWEAlgorithm |
getRequestObjectJWEAlg()
Gets the JSON Web Encryption (JWE) algorithm required for the OpenID
Connect request objects sent by this client.
|
com.nimbusds.jose.EncryptionMethod |
getRequestObjectJWEEnc()
Gets the JSON Web Encryption (JWE) method required for the OpenID
Connect request objects sent by this client.
|
com.nimbusds.jose.JWSAlgorithm |
getRequestObjectJWSAlg()
Gets the JSON Web Signature (JWS) algorithm required for the OpenID
Connect request objects sent by this client.
|
Set<URI> |
getRequestObjectURIs()
Gets the pre-registered OpenID Connect request object URIs.
|
URI |
getSectorIDURI()
Gets the sector identifier URI.
|
SubjectType |
getSubjectType()
Gets the subject identifier type for responses to this client.
|
com.nimbusds.jose.JWEAlgorithm |
getUserInfoJWEAlg()
Gets the JSON Web Encryption (JWE) algorithm required for the
UserInfo responses to this client.
|
com.nimbusds.jose.EncryptionMethod |
getUserInfoJWEEnc()
Gets the JSON Web Encryption (JWE) method required for the UserInfo
responses to this client.
|
com.nimbusds.jose.JWSAlgorithm |
getUserInfoJWSAlg()
Gets the JSON Web Signature (JWS) algorithm required for the
UserInfo responses to this client.
|
static OIDCClientMetadata |
parse(net.minidev.json.JSONObject jsonObject)
Parses an OpenID Connect client metadata instance from the specified
JSON object.
|
boolean |
requiresAuthTime()
Gets the default requirement for the
auth_time claim in the
ID Token. |
void |
requiresAuthTime(boolean requiresAuthTime)
Sets the default requirement for the
auth_time claim in the
ID Token. |
boolean |
requiresBackChannelLogoutSession()
Gets the requirement for a session identifier on back-channel
logout.
|
void |
requiresBackChannelLogoutSession(boolean requiresSession)
Sets the requirement for a session identifier on back-channel
logout.
|
boolean |
requiresFrontChannelLogoutSession()
Gets the requirement for a session identifier on front-channel
logout.
|
void |
requiresFrontChannelLogoutSession(boolean requiresSession)
Sets the requirement for a session identifier on front-channel
logout.
|
SectorID |
resolveSectorID()
Resolves the sector identifier from the client metadata.
|
void |
setApplicationType(ApplicationType applicationType)
Sets the client application type.
|
void |
setBackChannelLogoutURI(URI backChannelLogoutURI)
Sets the back-channel logout URI.
|
void |
setDefaultACRs(List<ACR> defaultACRs)
Sets the default Authentication Context Class Reference (ACR)
values.
|
void |
setDefaultMaxAge(int defaultMaxAge)
Sets the default maximum authentication age.
|
void |
setFrontChannelLogoutURI(URI frontChannelLogoutURI)
Sets the front-channel logout URI.
|
void |
setIDTokenJWEAlg(com.nimbusds.jose.JWEAlgorithm idTokenJWEAlg)
Sets the JSON Web Encryption (JWE) algorithm required for the ID
Tokens issued to this client.
|
void |
setIDTokenJWEEnc(com.nimbusds.jose.EncryptionMethod idTokenJWEEnc)
Sets the JSON Web Encryption (JWE) method required for the ID Tokens
issued to this client.
|
void |
setIDTokenJWSAlg(com.nimbusds.jose.JWSAlgorithm idTokenJWSAlg)
Sets the JSON Web Signature (JWS) algorithm required for the ID
Tokens issued to this client.
|
void |
setInitiateLoginURI(URI loginURI)
Sets the HTTPS URI that the authorisation server can call to
initiate a login at the client.
|
void |
setPostLogoutRedirectionURIs(Set<URI> logoutURIs)
Sets the post logout redirection URIs.
|
void |
setRequestObjectJWEAlg(com.nimbusds.jose.JWEAlgorithm requestObjectJWEAlg)
Sets the JSON Web Encryption (JWE) algorithm required for the OpenID
Connect request objects sent by this client.
|
void |
setRequestObjectJWEEnc(com.nimbusds.jose.EncryptionMethod requestObjectJWEEnc)
Sets the JSON Web Encryption (JWE) method required for the OpenID
Connect request objects sent by this client.
|
void |
setRequestObjectJWSAlg(com.nimbusds.jose.JWSAlgorithm requestObjectJWSAlg)
Sets the JSON Web Signature (JWS) algorithm required for the OpenID
Connect request objects sent by this client.
|
void |
setRequestObjectURIs(Set<URI> requestObjectURIs)
Sets the pre-registered OpenID Connect request object URIs.
|
void |
setSectorIDURI(URI sectorIDURI)
Sets the sector identifier URI.
|
void |
setSubjectType(SubjectType subjectType)
Sets the subject identifier type for responses to this client.
|
void |
setUserInfoJWEAlg(com.nimbusds.jose.JWEAlgorithm userInfoJWEAlg)
Sets the JSON Web Encryption (JWE) algorithm required for the
UserInfo responses to this client.
|
void |
setUserInfoJWEEnc(com.nimbusds.jose.EncryptionMethod userInfoJWEEnc)
Sets the JSON Web Encryption (JWE) method required for the UserInfo
responses to this client.
|
void |
setUserInfoJWSAlg(com.nimbusds.jose.JWSAlgorithm userInfoJWSAlg)
Sets the JSON Web Signature (JWS) algorithm required for the
UserInfo responses to this client.
|
net.minidev.json.JSONObject |
toJSONObject(boolean includeCustomFields)
Returns the JSON object representation of this client metadata.
|
getContacts, getCustomField, getCustomFields, getEmailContacts, getGrantTypes, getJWKSet, getJWKSetURI, getLogoURI, getLogoURI, getLogoURIEntries, getName, getName, getNameEntries, getPolicyURI, getPolicyURI, getPolicyURIEntries, getRedirectionURIs, getRedirectionURIStrings, getResponseTypes, getScope, getSoftwareID, getSoftwareVersion, getTermsOfServiceURI, getTermsOfServiceURI, getTermsOfServiceURIEntries, getTokenEndpointAuthJWSAlg, getTokenEndpointAuthMethod, getURI, getURI, getURIEntries, hasScopeValue, setContacts, setCustomField, setCustomFields, setEmailContacts, setGrantTypes, setJWKSet, setJWKSetURI, setLogoURI, setLogoURI, setName, setName, setPolicyURI, setPolicyURI, setRedirectionURI, setRedirectionURIs, setResponseTypes, setScope, setSoftwareID, setSoftwareVersion, setTermsOfServiceURI, setTermsOfServiceURI, setTokenEndpointAuthJWSAlg, setTokenEndpointAuthMethod, setURI, setURI, toJSONObject
public OIDCClientMetadata()
public OIDCClientMetadata(ClientMetadata metadata)
metadata
- The base OAuth 2.0 client metadata. Must not be
null
.public static Set<String> getRegisteredParameterNames()
public ApplicationType getApplicationType()
application_type
client metadata field.null
if not specified.public void setApplicationType(ApplicationType applicationType)
application_type
client metadata field.applicationType
- The client application type, null
if
not specified.public SubjectType getSubjectType()
subject_type
client metadata field.null
if not specified.public void setSubjectType(SubjectType subjectType)
subject_type
client metadata field.subjectType
- The subject identifier type, null
if not
specified.public URI getSectorIDURI()
sector_identifier_uri
client metadata field.null
if not specified.public void setSectorIDURI(URI sectorIDURI)
sector_identifier_uri
client metadata field.sectorIDURI
- The sector identifier URI, null
if not
specified.public SectorID resolveSectorID()
null
if the subject type is
set to public.IllegalStateException
- If resolution failed due to incomplete
or inconsistent metadata.public Set<URI> getRequestObjectURIs()
request_uris
client metadata field.null
if not specified.public void setRequestObjectURIs(Set<URI> requestObjectURIs)
request_uris
client metadata field.requestObjectURIs
- The request object URIs, null
if
not specified.public com.nimbusds.jose.JWSAlgorithm getRequestObjectJWSAlg()
request_object_signing_alg
client metadata field.null
if not specified.public void setRequestObjectJWSAlg(com.nimbusds.jose.JWSAlgorithm requestObjectJWSAlg)
request_object_signing_alg
client metadata field.requestObjectJWSAlg
- The JWS algorithm, null
if not
specified.public com.nimbusds.jose.JWEAlgorithm getRequestObjectJWEAlg()
request_object_encryption_alg
client metadata field.null
if not specified.public void setRequestObjectJWEAlg(com.nimbusds.jose.JWEAlgorithm requestObjectJWEAlg)
request_object_encryption_alg
client metadata field.requestObjectJWEAlg
- The JWE algorithm, null
if not
specified.public com.nimbusds.jose.EncryptionMethod getRequestObjectJWEEnc()
request_object_encryption_enc
client metadata field.null
if not specified.public void setRequestObjectJWEEnc(com.nimbusds.jose.EncryptionMethod requestObjectJWEEnc)
request_object_encryption_enc
client metadata field.requestObjectJWEEnc
- The JWE method, null
if not
specified.public com.nimbusds.jose.JWSAlgorithm getIDTokenJWSAlg()
id_token_signed_response_alg
client metadata field.null
if not specified.public void setIDTokenJWSAlg(com.nimbusds.jose.JWSAlgorithm idTokenJWSAlg)
id_token_signed_response_alg
client metadata field.idTokenJWSAlg
- The JWS algorithm, null
if not
specified.public com.nimbusds.jose.JWEAlgorithm getIDTokenJWEAlg()
id_token_encrypted_response_alg
client metadata field.null
if not specified.public void setIDTokenJWEAlg(com.nimbusds.jose.JWEAlgorithm idTokenJWEAlg)
id_token_encrypted_response_alg
client metadata field.idTokenJWEAlg
- The JWE algorithm, null
if not
specified.public com.nimbusds.jose.EncryptionMethod getIDTokenJWEEnc()
id_token_encrypted_response_enc
client metadata field.null
if not specified.public void setIDTokenJWEEnc(com.nimbusds.jose.EncryptionMethod idTokenJWEEnc)
id_token_encrypted_response_enc
client metadata field.idTokenJWEEnc
- The JWE method, null
if not specified.public com.nimbusds.jose.JWSAlgorithm getUserInfoJWSAlg()
userinfo_signed_response_alg
client metadata field.null
if not specified.public void setUserInfoJWSAlg(com.nimbusds.jose.JWSAlgorithm userInfoJWSAlg)
userinfo_signed_response_alg
client metadata field.userInfoJWSAlg
- The JWS algorithm, null
if not
specified.public com.nimbusds.jose.JWEAlgorithm getUserInfoJWEAlg()
userinfo_encrypted_response_alg
client metadata field.null
if not specified.public void setUserInfoJWEAlg(com.nimbusds.jose.JWEAlgorithm userInfoJWEAlg)
userinfo_encrypted_response_alg
client metadata field.userInfoJWEAlg
- The JWE algorithm, null
if not
specified.public com.nimbusds.jose.EncryptionMethod getUserInfoJWEEnc()
userinfo_encrypted_response_enc
client metadata field.null
if not specified.public void setUserInfoJWEEnc(com.nimbusds.jose.EncryptionMethod userInfoJWEEnc)
userinfo_encrypted_response_enc
client metadata field.userInfoJWEEnc
- The JWE method, null
if not specified.public int getDefaultMaxAge()
default_max_age
client metadata field.public void setDefaultMaxAge(int defaultMaxAge)
default_max_age
client metadata field.defaultMaxAge
- The default max authentication age, in seconds.
If not specified -1.public boolean requiresAuthTime()
auth_time
claim in the
ID Token. Corresponds to the require_auth_time
client
metadata field.true
the auth_Time
claim in the ID Token
is required by default.public void requiresAuthTime(boolean requiresAuthTime)
auth_time
claim in the
ID Token. Corresponds to the require_auth_time
client
metadata field.requiresAuthTime
- If true
the auth_Time
claim
in the ID Token is required by default.public List<ACR> getDefaultACRs()
default_acr_values
client
metadata field.null
if not specified.public void setDefaultACRs(List<ACR> defaultACRs)
default_acr_values
client
metadata field.defaultACRs
- The default ACRs, by order of preference,
null
if not specified.public URI getInitiateLoginURI()
initiate_login_uri
client metadata field.null
if not specified.public void setInitiateLoginURI(URI loginURI)
initiate_login_uri
client metadata field.loginURI
- The login URI, null
if not specified.public Set<URI> getPostLogoutRedirectionURIs()
post_logout_redirect_uris
client metadata field.null
if not specified.public void setPostLogoutRedirectionURIs(Set<URI> logoutURIs)
post_logout_redirect_uris
client metadata field.logoutURIs
- The logout redirection URIs, null
if not
specified.public URI getFrontChannelLogoutURI()
frontchannel_logout_uri
client metadata field.null
if not specified.public void setFrontChannelLogoutURI(URI frontChannelLogoutURI)
frontchannel_logout_uri
client metadata field.frontChannelLogoutURI
- The front-channel logout URI,
null
if not specified.public boolean requiresFrontChannelLogoutSession()
frontchannel_logout_session_required
client metadata
field.true
if a session identifier is required, else
false
.public void requiresFrontChannelLogoutSession(boolean requiresSession)
frontchannel_logout_session_required
client metadata
field.requiresSession
- true
if a session identifier is
required, else false
.public URI getBackChannelLogoutURI()
backchannel_logout_uri
client metadata field.null
if not specified.public void setBackChannelLogoutURI(URI backChannelLogoutURI)
backchannel_logout_uri
client metadata field.backChannelLogoutURI
- The back-channel logout URI,
null
if not specified.public boolean requiresBackChannelLogoutSession()
backchannel_logout_session_required
client metadata
field.true
if a session identifier is required, else
false
.public void requiresBackChannelLogoutSession(boolean requiresSession)
backchannel_logout_session_required
client metadata
field.requiresSession
- true
if a session identifier is
required, else false
.public void applyDefaults()
["code"]
.
"authorization_code".
ApplicationType.WEB
.
applyDefaults
in class ClientMetadata
public net.minidev.json.JSONObject toJSONObject(boolean includeCustomFields)
ClientMetadata
toJSONObject
in class ClientMetadata
includeCustomFields
- true
to include any custom
metadata fields, false
to omit
them.public static OIDCClientMetadata parse(net.minidev.json.JSONObject jsonObject) throws ParseException
jsonObject
- The JSON object to parse. Must not be
null
.ParseException
- If the JSON object couldn't be parsed to an
OpenID Connect client metadata instance.Copyright © 2017 Connect2id Ltd.. All rights reserved.