Package com.nimbusds.oauth2.sdk.auth

Class ClientSecretBasic

  • @Immutable
public final class ClientSecretBasic
extends PlainClientSecret
    Client secret basic authentication at the Token endpoint. Implements ClientAuthenticationMethod.CLIENT_SECRET_BASIC.

    Example HTTP Authorization header (for client identifier "s6BhdRkqt3" and secret "7Fjfp0ZBr1KtDRbnfVdmIw"): 

     Authorization: Basic czZCaGRSa3F0Mzo3RmpmcDBaQnIxS3REUmJuZlZkbUl3

    Related specifications:

    • OAuth 2.0 (RFC 6749), sections 2.3.1 and 3.2.1.
    • OpenID Connect Core 1.0, section 9.
    • HTTP Authentication: Basic and Digest Access Authentication (RFC 2617).

    • Constructor Detail

      • ClientSecretBasic

        public ClientSecretBasic​(ClientID clientID,
                         Secret secret)
        Creates a new client secret basic authentication.
        Parameters:
        clientID - The client identifier. Must not be null.
        secret - The client secret. Must not be null.

    • Method Detail

      • toHTTPAuthorizationHeader

        public String toHTTPAuthorizationHeader()
        Returns the HTTP Authorization header representation of this client secret basic authentication.

        Note that OAuth 2.0 (RFC 6749, section 2.3.1) requires the client ID and secret to be application/x-www-form-urlencoded before passing them to the HTTP basic authentication algorithm. This behaviour differs from the original HTTP Basic Authentication specification (RFC 2617).

        Example HTTP Authorization header (for client identifier "Aladdin" and password "open sesame"): 

        
 Authorization: Basic QWxhZGRpbjpvcGVuK3Nlc2FtZQ==

        See RFC 2617, section 2.

        Returns:
        The HTTP Authorization header.

      • applyTo

        public void applyTo​(HTTPRequest httpRequest)
        Description copied from class: ClientAuthentication
        Applies the authentication to the specified HTTP request by setting its Authorization header and/or POST entity-body parameters (according to the implemented client authentication method).
        Specified by:
        applyTo in class ClientAuthentication
        Parameters:
        httpRequest - The HTTP request. Must not be null.

      • parse

        public static ClientSecretBasic parse​(String header)
                               throws ParseException
        Parses a client secret basic authentication from the specified HTTP Authorization header.
        Parameters:
        header - The HTTP Authorization header to parse. Must not be null.
        Returns:
        The client secret basic authentication.
        Throws:
        ParseException - If the header couldn't be parsed to a client secret basic authentication.

      • parse

        public static ClientSecretBasic parse​(HTTPRequest httpRequest)
                               throws ParseException
        Parses a client secret basic authentication from the specified HTTP request.
        Parameters:
        httpRequest - The HTTP request to parse. Must not be null and must contain a valid Authorization header.
        Returns:
        The client secret basic authentication.
        Throws:
        ParseException - If the HTTP Authorization header couldn't be parsed to a client secret basic authentication.