AuthenticationRequest
@Immutable public class AuthorizationRequest extends AbstractRequest
Extending classes may define additional request parameters as well as enforce tighter requirements on the base parameters.
Example HTTP request:
https://server.example.com/authorize? response_type=code &client_id=s6BhdRkqt3 &state=xyz &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcb
Related specifications:
Modifier and Type | Class | Description |
---|---|---|
static class |
AuthorizationRequest.Builder |
Builder for constructing authorisation requests.
|
Constructor | Description |
---|---|
AuthorizationRequest(URI uri,
ResponseType rt,
ClientID clientID) |
Creates a new minimal authorisation request.
|
AuthorizationRequest(URI uri,
ResponseType rt,
ResponseMode rm,
ClientID clientID,
URI redirectURI,
Scope scope,
State state) |
Creates a new authorisation request.
|
AuthorizationRequest(URI uri,
ResponseType rt,
ResponseMode rm,
ClientID clientID,
URI redirectURI,
Scope scope,
State state,
CodeChallenge codeChallenge,
CodeChallengeMethod codeChallengeMethod,
List<URI> resources,
boolean includeGrantedScopes,
Map<String,List<String>> customParams) |
Creates a new authorisation request with extension and custom
parameters.
|
Modifier and Type | Method | Description |
---|---|---|
ClientID |
getClientID() |
Gets the client identifier.
|
CodeChallenge |
getCodeChallenge() |
Returns the code challenge for PKCE.
|
CodeChallengeMethod |
getCodeChallengeMethod() |
Returns the code challenge method for PKCE.
|
List<String> |
getCustomParameter(String name) |
Returns the specified custom parameter.
|
Map<String,List<String>> |
getCustomParameters() |
Returns the additional custom parameters.
|
URI |
getRedirectionURI() |
Gets the redirection URI.
|
static Set<String> |
getRegisteredParameterNames() |
Returns the registered (standard) OAuth 2.0 authorisation request
parameter names.
|
List<URI> |
getResources() |
Returns the resource server URI.
|
ResponseMode |
getResponseMode() |
Gets the optional response mode.
|
ResponseType |
getResponseType() |
Gets the response type.
|
Scope |
getScope() |
Gets the scope.
|
State |
getState() |
Gets the state.
|
ResponseMode |
impliedResponseMode() |
Returns the implied response mode, determined by the optional
response_mode parameter, and if that isn't specified, by
the response_type . |
boolean |
includeGrantedScopes() |
Returns
true if incremental authorisation is requested. |
static AuthorizationRequest |
parse(HTTPRequest httpRequest) |
Parses an authorisation request from the specified HTTP request.
|
static AuthorizationRequest |
parse(String query) |
Parses an authorisation request from the specified URI query string.
|
static AuthorizationRequest |
parse(URI uri) |
Parses an authorisation request from the specified URI.
|
static AuthorizationRequest |
parse(URI uri,
String query) |
Parses an authorisation request from the specified URI and query
string.
|
static AuthorizationRequest |
parse(URI uri,
Map<String,List<String>> params) |
Parses an authorisation request from the specified URI and query
parameters.
|
static AuthorizationRequest |
parse(Map<String,List<String>> params) |
Parses an authorisation request from the specified URI query
parameters.
|
HTTPRequest |
toHTTPRequest() |
Returns the matching HTTP request.
|
HTTPRequest |
toHTTPRequest(HTTPRequest.Method method) |
Returns the matching HTTP request.
|
Map<String,List<String>> |
toParameters() |
Returns the URI query parameters for this authorisation request.
|
String |
toQueryString() |
Returns the URI query string for this authorisation request.
|
URI |
toURI() |
Returns the complete URI representation for this authorisation
request, consisting of the
authorization
endpoint URI with the query string appended. |
getEndpointURI
public AuthorizationRequest(URI uri, ResponseType rt, ClientID clientID)
uri
- The URI of the authorisation endpoint. May be
null
if the toHTTPRequest(com.nimbusds.oauth2.sdk.http.HTTPRequest.Method)
method
will not be used.rt
- The response type. Corresponds to the
response_type
parameter. Must not be
null
.clientID
- The client identifier. Corresponds to the
client_id
parameter. Must not be
null
.public AuthorizationRequest(URI uri, ResponseType rt, ResponseMode rm, ClientID clientID, URI redirectURI, Scope scope, State state)
uri
- The URI of the authorisation endpoint.
May be null
if the
toHTTPRequest(com.nimbusds.oauth2.sdk.http.HTTPRequest.Method)
method will not be
used.rt
- The response type. Corresponds to the
response_type
parameter. Must not
be null
.rm
- The response mode. Corresponds to the
optional response_mode
parameter.
Use of this parameter is not recommended
unless a non-default response mode is
requested (e.g. form_post).clientID
- The client identifier. Corresponds to the
client_id
parameter. Must not be
null
.redirectURI
- The redirection URI. Corresponds to the
optional redirect_uri
parameter.
null
if not specified.scope
- The request scope. Corresponds to the
optional scope
parameter.
null
if not specified.state
- The state. Corresponds to the recommended
state
parameter. null
if
not specified.public AuthorizationRequest(URI uri, ResponseType rt, ResponseMode rm, ClientID clientID, URI redirectURI, Scope scope, State state, CodeChallenge codeChallenge, CodeChallengeMethod codeChallengeMethod, List<URI> resources, boolean includeGrantedScopes, Map<String,List<String>> customParams)
uri
- The URI of the authorisation endpoint.
May be null
if the
toHTTPRequest(com.nimbusds.oauth2.sdk.http.HTTPRequest.Method)
method will not
be used.rt
- The response type. Corresponds to the
response_type
parameter. Must
not be null
.rm
- The response mode. Corresponds to the
optional response_mode
parameter. Use of this parameter is not
recommended unless a non-default
response mode is requested (e.g.
form_post).clientID
- The client identifier. Corresponds to
the client_id
parameter. Must
not be null
.redirectURI
- The redirection URI. Corresponds to the
optional redirect_uri
parameter.
null
if not specified.scope
- The request scope. Corresponds to the
optional scope
parameter.
null
if not specified.state
- The state. Corresponds to the
recommended state
parameter.
null
if not specified.codeChallenge
- The code challenge for PKCE,
null
if not specified.codeChallengeMethod
- The code challenge method for PKCE,
null
if not specified.resources
- The resource URI(s), null
if not
specified.includeGrantedScopes
- true
to request incremental
authorisation.customParams
- Custom parameters, empty map or
null
if none.public static Set<String> getRegisteredParameterNames()
public ResponseType getResponseType()
response_type
parameter.public ResponseMode getResponseMode()
response_mode
parameter.null
if not specified.public ResponseMode impliedResponseMode()
response_mode
parameter, and if that isn't specified, by
the response_type
.public ClientID getClientID()
client_id
parameter.public URI getRedirectionURI()
redirection_uri
parameter.null
if not specified.public Scope getScope()
scope
parameter.null
if not specified.public State getState()
state
parameter.null
if not specified.public CodeChallenge getCodeChallenge()
null
if not specified.public CodeChallengeMethod getCodeChallengeMethod()
null
if not specified.public List<URI> getResources()
null
if not specified.public boolean includeGrantedScopes()
true
if incremental authorisation is requested.true
if incremental authorisation is requested,
else false
.public Map<String,List<String>> getCustomParameters()
public List<String> getCustomParameter(String name)
name
- The parameter name. Must not be null
.null
if not specified.public Map<String,List<String>> toParameters()
Example parameters:
response_type = code client_id = s6BhdRkqt3 state = xyz redirect_uri = https://client.example.com/cb
public String toQueryString()
Note that the '?' character preceding the query string in an URI is not included in the returned string.
Example URI query string:
response_type=code &client_id=s6BhdRkqt3 &state=xyz &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcb
public URI toURI()
authorization
endpoint URI
with the query string
appended.
Example URI:
https://server.example.com/authorize? response_type=code &client_id=s6BhdRkqt3 &state=xyz &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcb
public HTTPRequest toHTTPRequest(HTTPRequest.Method method)
method
- The HTTP request method which can be GET or POST. Must
not be null
.public HTTPRequest toHTTPRequest()
Request
public static AuthorizationRequest parse(Map<String,List<String>> params) throws ParseException
Example parameters:
response_type = code client_id = s6BhdRkqt3 state = xyz redirect_uri = https://client.example.com/cb
params
- The parameters. Must not be null
.ParseException
- If the parameters couldn't be parsed to an
authorisation request.public static AuthorizationRequest parse(URI uri, Map<String,List<String>> params) throws ParseException
Example parameters:
response_type = code client_id = s6BhdRkqt3 state = xyz redirect_uri = https://client.example.com/cb
uri
- The URI of the authorisation endpoint. May be
null
if the toHTTPRequest()
method
will not be used.params
- The parameters. Must not be null
.ParseException
- If the parameters couldn't be parsed to an
authorisation request.public static AuthorizationRequest parse(String query) throws ParseException
Example URI query string:
response_type=code &client_id=s6BhdRkqt3 &state=xyz &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcb
query
- The URI query string. Must not be null
.ParseException
- If the query string couldn't be parsed to an
authorisation request.public static AuthorizationRequest parse(URI uri, String query) throws ParseException
Example URI query string:
response_type=code &client_id=s6BhdRkqt3 &state=xyz &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcb
uri
- The URI of the authorisation endpoint. May be
null
if the toHTTPRequest()
method
will not be used.query
- The URI query string. Must not be null
.ParseException
- If the query string couldn't be parsed to an
authorisation request.public static AuthorizationRequest parse(URI uri) throws ParseException
Example URI:
https://server.example.com/authorize? response_type=code &client_id=s6BhdRkqt3 &state=xyz &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcb
uri
- The URI. Must not be null
.ParseException
- If the URI couldn't be parsed to an
authorisation request.public static AuthorizationRequest parse(HTTPRequest httpRequest) throws ParseException
Example HTTP request (GET):
https://server.example.com/authorize? response_type=code &client_id=s6BhdRkqt3 &state=xyz &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcb
httpRequest
- The HTTP request. Must not be null
.ParseException
- If the HTTP request couldn't be parsed to an
authorisation request.Copyright © 2018 Connect2id Ltd.. All rights reserved.