Package com.nimbusds.oauth2.sdk

Class AuthorizationSuccessResponse

  • All Implemented Interfaces:
    Message, Response, SuccessResponse
    Direct Known Subclasses:
    AuthenticationSuccessResponse
    @Immutable
public class AuthorizationSuccessResponse
extends AuthorizationResponse
implements SuccessResponse
    Authorisation success response. Used to return an authorisation code or access token at the Authorisation endpoint.

    Example HTTP response with code (code flow): 

     HTTP/1.1 302 Found
 Location: https://client.example.com/cb?code=SplxlOBeZQQYbYS6WxSbIA&state=xyz

    Example HTTP response with access token (implicit flow): 

     HTTP/1.1 302 Found
 Location: http://example.com/cb#access_token=2YotnFZFEjr1zCsicMWpAA
           &state=xyz&token_type=Bearer&expires_in=3600

    Related specifications:

    • OAuth 2.0 (RFC 6749), sections 4.1.2 and 4.2.2.
    • OAuth 2.0 Multiple Response Type Encoding Practices 1.0.
    • OAuth 2.0 Form Post Response Mode 1.0.
    • Financial-grade API: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM).
    • OAuth 2.0 Authorization Server Issuer Identifier in Authorization Response (draft-ietf-oauth-iss-auth-resp-00).

    • Constructor Detail

      • AuthorizationSuccessResponse

        public AuthorizationSuccessResponse​(URI redirectURI,
                                    AuthorizationCode code,
                                    AccessToken accessToken,
                                    State state,
                                    ResponseMode rm)
        Creates a new authorisation success response.
        Parameters:
        redirectURI - The base redirection URI. Must not be null.
        code - The authorisation code, null if not requested.
        accessToken - The access token, null if not requested.
        state - The state, null if not specified.
        rm - The response mode, null if not specified.

      • AuthorizationSuccessResponse

        public AuthorizationSuccessResponse​(URI redirectURI,
                                    AuthorizationCode code,
                                    AccessToken accessToken,
                                    State state,
                                    Issuer issuer,
                                    ResponseMode rm)
        Creates a new authorisation success response.
        Parameters:
        redirectURI - The base redirection URI. Must not be null.
        code - The authorisation code, null if not requested.
        accessToken - The access token, null if not requested.
        state - The state, null if not specified.
        issuer - The issuer, null if not specified.
        rm - The response mode, null if not specified.

      • AuthorizationSuccessResponse

        public AuthorizationSuccessResponse​(URI redirectURI,
                                    com.nimbusds.jwt.JWT jwtResponse,
                                    ResponseMode rm)
        Creates a new JSON Web Token (JWT) secured authorisation success response.
        Parameters:
        redirectURI - The base redirection URI. Must not be null.
        jwtResponse - The JWT-secured response. Must not be null.
        rm - The response mode, null if not specified.

    • Method Detail

      • indicatesSuccess

        public boolean indicatesSuccess()
        Description copied from interface: Response
        Checks if the response indicates success.
        Specified by:
        indicatesSuccess in interface Response
        Returns:
        true if the response indicates success, else false.

      • getAccessToken

        public AccessToken getAccessToken()
        Gets the access token.
        Returns:
        The access token, null if not requested.

      • parse

        public static AuthorizationSuccessResponse parse​(URI redirectURI,
                                                 Map<String,​List<String>> params)
                                          throws ParseException
        Parses an authorisation success response.
        Parameters:
        redirectURI - The base redirection URI. Must not be null.
        params - The response parameters to parse. Must not be null.
        Returns:
        The authorisation success response.
        Throws:
        ParseException - If the parameters couldn't be parsed to an authorisation success response.

      • parse

        public static AuthorizationSuccessResponse parse​(URI uri)
                                          throws ParseException
        Parses an authorisation success response.

        Use a relative URI if the host, port and path details are not known: 

         URI relUrl = new URI("https:///?code=Qcb0Orv1...&state=af0ifjsldkj");

        Example URI: 

         https://client.example.com/cb?code=SplxlOBeZQQYbYS6WxSbIA&state=xyz
        Parameters:
        uri - The URI to parse. Can be absolute or relative, with a fragment or query string containing the authorisation response parameters. Must not be null.
        Returns:
        The authorisation success response.
        Throws:
        ParseException - If the redirection URI couldn't be parsed to an authorisation success response.

      • parse

        public static AuthorizationSuccessResponse parse​(HTTPResponse httpResponse)
                                          throws ParseException
        Parses an authorisation success response from the specified initial HTTP 302 redirect response generated at the authorisation endpoint.

        Example HTTP response: 

         HTTP/1.1 302 Found
 Location: https://client.example.com/cb?code=SplxlOBeZQQYbYS6WxSbIA&state=xyz
        Parameters:
        httpResponse - The HTTP response to parse. Must not be null.
        Returns:
        The authorisation success response.
        Throws:
        ParseException - If the HTTP response couldn't be parsed to an authorisation success response.
        See Also:
        parse(HTTPRequest)

      • parse

        public static AuthorizationSuccessResponse parse​(HTTPRequest httpRequest)
                                          throws ParseException
        Parses an authorisation success response from the specified HTTP request at the client redirection (callback) URI. Applies to query, fragment and form_post response modes.

        Example HTTP request (authorisation success): 

         GET /cb?code=SplxlOBeZQQYbYS6WxSbIA&state=xyz HTTP/1.1
 Host: client.example.com
        Parameters:
        httpRequest - The HTTP request to parse. Must not be null.
        Returns:
        The authorisation success response.
        Throws:
        ParseException - If the HTTP request couldn't be parsed to an authorisation success response.
        See Also:
        parse(HTTPResponse)