Class ClientAuthentication

  • Direct Known Subclasses:
    JWTAuthentication, PlainClientSecret, TLSClientAuthentication

    public abstract class ClientAuthentication
    extends Object
    Base abstract class for client authentication at the Token endpoint.

    Related specifications:

    • OAuth 2.0 (RFC 6749), section 2.3.
    • JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants (RFC 7523), section 2.2.
    • OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access Tokens (draft-ietf-oauth-mtls-15), section 2.
    • Constructor Detail

      • ClientAuthentication

        protected ClientAuthentication​(ClientAuthenticationMethod method,
                                       ClientID clientID)
        Creates a new abstract client authentication.
        method - The client authentication method. Must not be null.
        clientID - The client identifier. Must not be null.
    • Method Detail

      • getClientID

        public ClientID getClientID()
        Gets the client identifier.
        The client identifier.
      • parse

        public static ClientAuthentication parse​(HTTPRequest httpRequest)
                                          throws ParseException
        Parses the specified HTTP request for a supported client authentication (see ClientAuthenticationMethod). This method is intended to aid parsing of authenticated TokenRequests.
        httpRequest - The HTTP request to parse. Must not be null.
        The client authentication method, null if none or the method is not supported.
        ParseException - If the inferred client authentication couldn't be parsed.
      • applyTo

        public abstract void applyTo​(HTTPRequest httpRequest)
        Applies the authentication to the specified HTTP request by setting its Authorization header and/or POST entity-body parameters (according to the implemented client authentication method).
        httpRequest - The HTTP request. Must not be null.