Package com.nimbusds.openid.connect.sdk

Class AuthenticationRequest.Builder

    • Constructor Detail

      • Builder

        public Builder​(ResponseType rt,
               Scope scope,
               ClientID clientID,
               URI redirectURI)
        Creates a new OpenID Connect authentication request builder.
        Parameters:
        rt - The response type. Corresponds to the response_type parameter. Must specify a valid OpenID Connect response type. Must not be null.
        scope - The request scope. Corresponds to the scope parameter. Must contain an openid value. Must not be null.
        clientID - The client identifier. Corresponds to the client_id parameter. Must not be null.
        redirectURI - The redirection URI. Corresponds to the redirect_uri parameter. Must not be null unless set by means of the optional request_object / request_uri parameter.

      • Builder

        public Builder​(com.nimbusds.jwt.JWT requestObject,
               ClientID clientID)
        Creates a new JWT secured OpenID Connect authentication request (JAR) builder.
        Parameters:
        requestObject - The request object. Must not be null.
        clientID - The client ID. Must not be null.

      • Builder

        public Builder​(URI requestURI,
               ClientID clientID)
        Creates a new JWT secured OpenID Connect authentication request (JAR) builder.
        Parameters:
        requestURI - The request object URI. Must not be null.
        clientID - The client ID. Must not be null.

      • Builder

        public Builder​(AuthenticationRequest request)
        Creates a new OpenID Connect authentication request builder from the specified request.
        Parameters:
        request - The OpenID Connect authentication request. Must not be null.

    • Method Detail

      • redirectionURI

        public AuthenticationRequest.Builder redirectionURI​(URI redirectURI)
        Sets the redirection URI. Corresponds to the redirection_uri parameter.
        Parameters:
        redirectURI - The redirection URI. Must not be null.
        Returns:
        This builder.

      • state

        public AuthenticationRequest.Builder state​(State state)
        Sets the state. Corresponds to the recommended state parameter.
        Parameters:
        state - The state, null if not specified.
        Returns:
        This builder.

      • endpointURI

        public AuthenticationRequest.Builder endpointURI​(URI uri)
        Sets the URI of the endpoint (HTTP or HTTPS) for which the request is intended.
        Parameters:
        uri - The endpoint URI, null if not specified.
        Returns:
        This builder.

      • nonce

        public AuthenticationRequest.Builder nonce​(Nonce nonce)
        Sets the nonce. Corresponds to the conditionally optional nonce parameter.
        Parameters:
        nonce - The nonce, null if not specified.
        Returns:
        This builder.

      • display

        public AuthenticationRequest.Builder display​(Display display)
        Sets the requested display type. Corresponds to the optional display parameter.
        Parameters:
        display - The requested display type, null if not specified.
        Returns:
        This builder.

      • prompt

        public AuthenticationRequest.Builder prompt​(Prompt prompt)
        Sets the requested prompt. Corresponds to the optional prompt parameter.
        Parameters:
        prompt - The requested prompt, null if not specified.
        Returns:
        This builder.

      • maxAge

        public AuthenticationRequest.Builder maxAge​(int maxAge)
        Sets the required maximum authentication age. Corresponds to the optional max_age parameter.
        Parameters:
        maxAge - The maximum authentication age, in seconds; 0 if not specified.
        Returns:
        This builder.

      • uiLocales

        public AuthenticationRequest.Builder uiLocales​(List<com.nimbusds.langtag.LangTag> uiLocales)
        Sets the end-user's preferred languages and scripts for the user interface, ordered by preference. Corresponds to the optional ui_locales parameter.
        Parameters:
        uiLocales - The preferred UI locales, null if not specified.
        Returns:
        This builder.

      • claimsLocales

        public AuthenticationRequest.Builder claimsLocales​(List<com.nimbusds.langtag.LangTag> claimsLocales)
        Sets the end-user's preferred languages and scripts for the claims being returned, ordered by preference. Corresponds to the optional claims_locales parameter.
        Parameters:
        claimsLocales - The preferred claims locales, null if not specified.
        Returns:
        This builder.

      • idTokenHint

        public AuthenticationRequest.Builder idTokenHint​(com.nimbusds.jwt.JWT idTokenHint)
        Sets the ID Token hint. Corresponds to the conditionally optional id_token_hint parameter.
        Parameters:
        idTokenHint - The ID Token hint, null if not specified.
        Returns:
        This builder.

      • loginHint

        public AuthenticationRequest.Builder loginHint​(String loginHint)
        Sets the login hint. Corresponds to the optional login_hint parameter.
        Parameters:
        loginHint - The login hint, null if not specified.
        Returns:
        This builder.

      • acrValues

        public AuthenticationRequest.Builder acrValues​(List<ACR> acrValues)
        Sets the requested Authentication Context Class Reference values. Corresponds to the optional acr_values parameter.
        Parameters:
        acrValues - The requested ACR values, null if not specified.
        Returns:
        This builder.

      • claims

        public AuthenticationRequest.Builder claims​(ClaimsRequest claims)
        Sets the individual claims to be returned. Corresponds to the optional claims parameter.
        Parameters:
        claims - The individual claims to be returned, null if not specified.
        Returns:
        This builder.

      • purpose

        public AuthenticationRequest.Builder purpose​(String purpose)
        Sets the transaction specific purpose. Corresponds to the optional purpose parameter.
        Parameters:
        purpose - The purpose, null if not specified.
        Returns:
        This builder.

      • requestObject

        public AuthenticationRequest.Builder requestObject​(com.nimbusds.jwt.JWT requestObject)
        Sets the request object. Corresponds to the optional request parameter. Must not be specified together with a request object URI.
        Parameters:
        requestObject - The request object, null if not specified.
        Returns:
        This builder.

      • requestURI

        public AuthenticationRequest.Builder requestURI​(URI requestURI)
        Sets the request object URI. Corresponds to the optional request_uri parameter. Must not be specified together with a request object.
        Parameters:
        requestURI - The request object URI, null if not specified.
        Returns:
        This builder.

      • responseMode

        public AuthenticationRequest.Builder responseMode​(ResponseMode rm)
        Sets the response mode. Corresponds to the optional response_mode parameter. Use of this parameter is not recommended unless a non-default response mode is requested (e.g. form_post).
        Parameters:
        rm - The response mode, null if not specified.
        Returns:
        This builder.

      • codeChallenge

        public AuthenticationRequest.Builder codeChallenge​(CodeVerifier codeVerifier,
                                                   CodeChallengeMethod codeChallengeMethod)
        Sets the code challenge for Proof Key for Code Exchange (PKCE) by public OAuth clients.
        Parameters:
        codeVerifier - The code verifier to use to compute the code challenge, null if PKCE is not specified.
        codeChallengeMethod - The code challenge method, null if not specified. Defaults to CodeChallengeMethod.PLAIN if a code verifier is specified.
        Returns:
        This builder.

      • resources

        public AuthenticationRequest.Builder resources​(URI... resources)
        Sets the resource server URI(s).
        Parameters:
        resources - The resource URI(s), null if not specified.
        Returns:
        This builder.

      • includeGrantedScopes

        public AuthenticationRequest.Builder includeGrantedScopes​(boolean includeGrantedScopes)
        Requests incremental authorisation.
        Parameters:
        includeGrantedScopes - true to request incremental authorisation.
        Returns:
        This builder.