Class JWTAssertionDetails
- java.lang.Object
-
- com.nimbusds.oauth2.sdk.assertions.AssertionDetails
-
- com.nimbusds.oauth2.sdk.assertions.jwt.JWTAssertionDetails
-
- Direct Known Subclasses:
JWTAuthenticationClaimsSet
@Immutable public class JWTAssertionDetails extends AssertionDetails
JSON Web Token (JWT) bearer assertion details (claims set) for OAuth 2.0 client authentication and authorisation grants.Used for
client secret JWT
andprivate key JWT
authentication at the Token endpoint as well asJWT bearer assertion grants
.Example JWT bearer assertion claims set for client authentication:
{ "iss" : "http://client.example.com", "sub" : "http://client.example.com", "aud" : [ "http://idp.example.com/token" ], "jti" : "d396036d-c4d9-40d8-8e98-f7e8327002d9", "exp" : 1311281970, "iat" : 1311280970 }
Related specifications:
- JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants (RFC 7523), section 3.
-
-
Constructor Summary
Constructors Constructor Description JWTAssertionDetails(Issuer iss, Subject sub, Audience aud)
Creates a new JWT bearer assertion details (claims set) instance.JWTAssertionDetails(Issuer iss, Subject sub, List<Audience> aud, Date exp, Date nbf, Date iat, JWTID jti, Map<String,Object> other)
Creates a new JWT bearer assertion details (claims set) instance.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description Map<String,Object>
getCustomClaims()
Returns the custom claims.JWTID
getJWTID()
Returns the optional assertion identifier, as a JWT ID.Date
getNotBeforeTime()
Returns the optional not-before time.static Set<String>
getReservedClaimsNames()
Gets the names of the reserved JWT bearer assertion claims.static JWTAssertionDetails
parse(com.nimbusds.jwt.JWTClaimsSet jwtClaimsSet)
Parses a JWT bearer assertion details instance from the specified JWT claims set.static JWTAssertionDetails
parse(net.minidev.json.JSONObject jsonObject)
Parses a JWT bearer assertion details (claims set) instance from the specified JSON object.net.minidev.json.JSONObject
toJSONObject()
Returns a JSON object representation of this JWT bearer assertion details.com.nimbusds.jwt.JWTClaimsSet
toJWTClaimsSet()
Returns a JSON Web Token (JWT) claims set representation of this JWT bearer assertion details.-
Methods inherited from class com.nimbusds.oauth2.sdk.assertions.AssertionDetails
getAudience, getExpirationTime, getID, getIssuer, getIssueTime, getSubject
-
-
-
-
Constructor Detail
-
JWTAssertionDetails
public JWTAssertionDetails(Issuer iss, Subject sub, Audience aud)
Creates a new JWT bearer assertion details (claims set) instance. The expiration time (exp) is set to five minutes from the current system time. Generates a default identifier (jti) for the JWT. The issued-at (iat) and not-before (nbf) claims are not set.- Parameters:
iss
- The issuer identifier. Must not benull
.sub
- The subject. Must not benull
.aud
- The audience identifier, typically the URI of the authorisation server's Token endpoint. Must not benull
.
-
JWTAssertionDetails
public JWTAssertionDetails(Issuer iss, Subject sub, List<Audience> aud, Date exp, Date nbf, Date iat, JWTID jti, Map<String,Object> other)
Creates a new JWT bearer assertion details (claims set) instance.- Parameters:
iss
- The issuer identifier. Must not benull
.sub
- The subject. Must not benull
.aud
- The audience, typically including the URI of the authorisation server's token endpoint. Must not benull
.exp
- The expiration time. Must not benull
.nbf
- The time before which the token must not be accepted for processing,null
if not specified.iat
- The time at which the token was issued,null
if not specified.jti
- Unique identifier for the JWT,null
if not specified.other
- Other custom claims to include,null
if none.
-
-
Method Detail
-
getReservedClaimsNames
public static Set<String> getReservedClaimsNames()
Gets the names of the reserved JWT bearer assertion claims.- Returns:
- The names of the reserved JWT bearer assertion claims (read-only set).
-
getNotBeforeTime
public Date getNotBeforeTime()
Returns the optional not-before time. Corresponds to thenbf
claim.- Returns:
- The not-before time,
null
if not specified.
-
getJWTID
public JWTID getJWTID()
Returns the optional assertion identifier, as a JWT ID. Corresponds to thejti
claim.- Returns:
- The optional JWT ID,
null
if not specified. - See Also:
AssertionDetails.getID()
-
getCustomClaims
public Map<String,Object> getCustomClaims()
Returns the custom claims.- Returns:
- The custom claims,
null
if not specified.
-
toJSONObject
public net.minidev.json.JSONObject toJSONObject()
Returns a JSON object representation of this JWT bearer assertion details.- Returns:
- The JSON object.
-
toJWTClaimsSet
public com.nimbusds.jwt.JWTClaimsSet toJWTClaimsSet()
Returns a JSON Web Token (JWT) claims set representation of this JWT bearer assertion details.- Returns:
- The JWT claims set.
-
parse
public static JWTAssertionDetails parse(net.minidev.json.JSONObject jsonObject) throws ParseException
Parses a JWT bearer assertion details (claims set) instance from the specified JSON object.- Parameters:
jsonObject
- The JSON object. Must not benull
.- Returns:
- The JWT bearer assertion details.
- Throws:
ParseException
- If the JSON object couldn't be parsed to a JWT bearer assertion details instance.
-
parse
public static JWTAssertionDetails parse(com.nimbusds.jwt.JWTClaimsSet jwtClaimsSet) throws ParseException
Parses a JWT bearer assertion details instance from the specified JWT claims set.- Parameters:
jwtClaimsSet
- The JWT claims set. Must not benull
.- Returns:
- The JWT bearer assertion details.
- Throws:
ParseException
- If the JWT claims set couldn't be parsed to a JWT bearer assertion details instance.
-
-