Package com.nimbusds.oauth2.sdk

Class AuthorizationResponse

    • Constructor Detail

      • AuthorizationResponse

        protected AuthorizationResponse​(URI redirectURI,
                                State state,
                                ResponseMode rm)
        Creates a new authorisation response.
        Parameters:
        redirectURI - The base redirection URI. Must not be null.
        state - The state, null if not requested.
        rm - The response mode, null if not specified.

      • AuthorizationResponse

        protected AuthorizationResponse​(URI redirectURI,
                                com.nimbusds.jwt.JWT jwtResponse,
                                ResponseMode rm)
        Creates a new JSON Web Token (JWT) secured authorisation response.
        Parameters:
        redirectURI - The base redirection URI. Must not be null.
        jwtResponse - The JWT response. Must not be null.
        rm - The response mode, null if not specified.

    • Method Detail

      • getRedirectionURI

        public URI getRedirectionURI()
        Returns the base redirection URI.
        Returns:
        The base redirection URI (without the appended error response parameters).

      • getState

        public State getState()
        Returns the optional state.
        Returns:
        The state, null if not requested or if the response is JWT-secured in which case the state parameter may be included as a JWT claim.

      • getJWTResponse

        public com.nimbusds.jwt.JWT getJWTResponse()
        Returns the JSON Web Token (JWT) secured response.
        Returns:
        The JWT-secured response, null for a regular authorisation response.

      • getResponseMode

        public ResponseMode getResponseMode()
        Returns the optional explicit response mode.
        Returns:
        The response mode, null if not specified.

      • toParameters

        public abstract Map<String,​List<String>> toParameters()
        Returns the parameters of this authorisation response.

        Example parameters (authorisation success): 

         access_token = 2YotnFZFEjr1zCsicMWpAA
 state = xyz
 token_type = example
 expires_in = 3600
        Returns:
        The parameters as a map.

      • toURI

        public URI toURI()
        Returns a URI representation (redirection URI + fragment / query string) of this authorisation response.

        Example URI: 

         http://example.com/cb#access_token=2YotnFZFEjr1zCsicMWpAA
 &state=xyz
 &token_type=example
 &expires_in=3600
        Returns:
        A URI representation of this authorisation response.

      • toHTTPResponse

        public HTTPResponse toHTTPResponse()
        Returns an HTTP response for this authorisation response. Applies to the query or fragment response mode using HTTP 302 redirection.

        Example HTTP response (authorisation success): 

         HTTP/1.1 302 Found
 Location: http://example.com/cb#access_token=2YotnFZFEjr1zCsicMWpAA
 &state=xyz
 &token_type=example
 &expires_in=3600
        Specified by:
        toHTTPResponse in interface Response
        Returns:
        An HTTP response for this authorisation response.
        See Also:
        toHTTPRequest()

      • toHTTPRequest

        public HTTPRequest toHTTPRequest()
        Returns an HTTP request for this authorisation response. Applies to the form_post response mode.

        Example HTTP request (authorisation success): 

         GET /cb?code=SplxlOBeZQQYbYS6WxSbIA&state=xyz HTTP/1.1
 Host: client.example.com
        Returns:
        An HTTP request for this authorisation response.
        See Also:
        toHTTPResponse()

      • parse

        public static AuthorizationResponse parse​(URI redirectURI,
                                          Map<String,​List<String>> params)
                                   throws ParseException
        Parses an authorisation response.
        Parameters:
        redirectURI - The base redirection URI. Must not be null.
        params - The response parameters to parse. Must not be null.
        Returns:
        The authorisation success or error response.
        Throws:
        ParseException - If the parameters couldn't be parsed to an authorisation success or error response.

      • parse

        public static AuthorizationResponse parse​(URI redirectURI,
                                          Map<String,​List<String>> params,
                                          JARMValidator jarmValidator)
                                   throws ParseException
        Parses an authorisation response which may be JSON Web Token (JWT) secured.
        Parameters:
        redirectURI - The base redirection URI. Must not be null.
        params - The response parameters to parse. Must not be null.
        jarmValidator - The validator of JSON Web Token (JWT) secured authorisation responses (JARM), null if a plain response is expected.
        Returns:
        The authorisation success or error response.
        Throws:
        ParseException - If the parameters couldn't be parsed to an authorisation success or error response, or if validation of the JWT secured response failed.

      • parse

        public static AuthorizationResponse parse​(URI uri)
                                   throws ParseException
        Parses an authorisation response.

        Use a relative URI if the host, port and path details are not known: 

         URI relUrl = new URI("https:///?code=Qcb0Orv1...&state=af0ifjsldkj");
        Parameters:
        uri - The URI to parse. Can be absolute or relative, with a fragment or query string containing the authorisation response parameters. Must not be null.
        Returns:
        The authorisation success or error response.
        Throws:
        ParseException - If no authorisation response parameters were found in the URL.

      • parse

        public static AuthorizationResponse parse​(URI uri,
                                          JARMValidator jarmValidator)
                                   throws ParseException
        Parses and validates a JSON Web Token (JWT) secured authorisation response.

        Use a relative URI if the host, port and path details are not known: 

         URI relUrl = new URI("https:///?response=eyJhbGciOiJSUzI1NiIsI...");
        Parameters:
        uri - The URI to parse. Can be absolute or relative, with a fragment or query string containing the authorisation response parameters. Must not be null.
        jarmValidator - The validator of JSON Web Token (JWT) secured authorisation responses (JARM). Must not be null.
        Returns:
        The authorisation success or error response.
        Throws:
        ParseException - If no authorisation response parameters were found in the URL of if validation of the JWT response failed.

      • parse

        public static AuthorizationResponse parse​(HTTPResponse httpResponse)
                                   throws ParseException
        Parses an authorisation response from the specified initial HTTP 302 redirect response output at the authorisation endpoint.

        Example HTTP response (authorisation success): 

         HTTP/1.1 302 Found
 Location: https://client.example.com/cb?code=SplxlOBeZQQYbYS6WxSbIA&state=xyz
        Parameters:
        httpResponse - The HTTP response to parse. Must not be null.
        Returns:
        The authorisation response.
        Throws:
        ParseException - If the HTTP response couldn't be parsed to an authorisation response.
        See Also:
        parse(HTTPRequest)

      • parse

        public static AuthorizationResponse parse​(HTTPResponse httpResponse,
                                          JARMValidator jarmValidator)
                                   throws ParseException
        Parses and validates a JSON Web Token (JWT) secured authorisation response from the specified initial HTTP 302 redirect response output at the authorisation endpoint.

        Example HTTP response (authorisation success): 

         HTTP/1.1 302 Found
 Location: https://client.example.com/cb?response=eyJhbGciOiJSUzI1...
        Parameters:
        httpResponse - The HTTP response to parse. Must not be null.
        jarmValidator - The validator of JSON Web Token (JWT) secured authorisation responses (JARM). Must not be null.
        Returns:
        The authorisation response.
        Throws:
        ParseException - If the HTTP response couldn't be parsed to an authorisation response or if validation of the JWT response failed.
        See Also:
        parse(HTTPRequest)

      • parse

        public static AuthorizationResponse parse​(HTTPRequest httpRequest)
                                   throws ParseException
        Parses an authorisation response from the specified HTTP request at the client redirection (callback) URI. Applies to the query, fragment and form_post response modes.

        Example HTTP request (authorisation success): 

         GET /cb?code=SplxlOBeZQQYbYS6WxSbIA&state=xyz HTTP/1.1
 Host: client.example.com
        Parameters:
        httpRequest - The HTTP request to parse. Must not be null.
        Returns:
        The authorisation response.
        Throws:
        ParseException - If the HTTP request couldn't be parsed to an authorisation response.
        See Also:
        parse(HTTPResponse)

      • parse

        public static AuthorizationResponse parse​(HTTPRequest httpRequest,
                                          JARMValidator jarmValidator)
                                   throws ParseException
        Parses and validates a JSON Web Token (JWT) secured authorisation response from the specified HTTP request at the client redirection (callback) URI. Applies to the query.jwt, fragment.jwt and form_post.jwt response modes.

        Example HTTP request (authorisation success): 

         GET /cb?response=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9... HTTP/1.1
 Host: client.example.com
        Parameters:
        httpRequest - The HTTP request to parse. Must not be null.
        jarmValidator - The validator of JSON Web Token (JWT) secured authorisation responses (JARM). Must not be null.
        Returns:
        The authorisation response.
        Throws:
        ParseException - If the HTTP request couldn't be parsed to an authorisation response or if validation of the JWT response failed.
        See Also:
        parse(HTTPResponse)

      • parseResponseParameters

        public static Map<String,​List<String>> parseResponseParameters​(URI uri)
                                                              throws ParseException
        Parses the relevant authorisation response parameters. This method is intended for internal SDK usage only.
        Parameters:
        uri - The URI to parse its query or fragment parameters. Must not be null.
        Returns:
        The authorisation response parameters.
        Throws:
        ParseException - If parsing failed.

      • parseResponseParameters

        public static Map<String,​List<String>> parseResponseParameters​(HTTPRequest httpRequest)
                                                              throws ParseException
        Parses the relevant authorisation response parameters. This method is intended for internal SDK usage only.
        Parameters:
        httpRequest - The HTTP request. Must not be null.
        Returns:
        The authorisation response parameters.
        Throws:
        ParseException - If parsing failed.