Authlete
DeviceVerificationResponse Class Reference

Response from Authlete's /api/device/verification API. More...

Inheritance diagram for DeviceVerificationResponse:
ApiResponse

Properties

DeviceVerificationAction Action [get, set]
 The next action that the authorization server implementation should take. More...
 
long ClientId [get, set]
 The client ID of the client application to which the user code has been issued. More...
 
string ClientIdAlias [get, set]
 The client ID alias of the client application to which the user code has been issued. More...
 
bool IsClientIdAliasUsed [get, set]
 The flag which indicates whether the client ID alias was used in the device authorization request. More...
 
string ClientName [get, set]
 The name of the client application to which the user code has been issued. More...
 
Scope[] Scopes [get, set]
 The scopes requested by the device authorization request. More...
 
string[] ClaimNames [get, set]
 The names of the claims which were requested indirectly via some special scopes. See 5.4. Requesting Claims using Scope Values in OpenID Connect Core 1.0 for details. More...
 
string[] Acrs [get, set]
 The list of ACRs (Authentication Context Class References) requested by the device authorization request. More...
 
long ExpiresAt [get, set]
 The date in milliseconds since the Unix epoch (1970-Jan-1) at which the user code will expire. More...
 
string[] Resources [get, set]
 The resources specified by the resource request parameters in the preceding device authorization request. See RFC 8707 (Resource Indicators for OAuth 2.0) for details. More...
 
- Properties inherited from ApiResponse
string ResultCode [get, set]
 The code of the result of an Authlete API call. For example, "A004001". More...
 
string ResultMessage [get, set]
 The message of the result of an Authlete API call. For example, "[A001202] /client/get/list, Authorization header is missing." More...
 

Detailed Description

Response from Authlete's /api/device/verification API.

Authlete's /api/device/verification API returns JSON which can be mapped to this class. The authorization server implementation should retrieve the value of the action response parameter (which can be obtained via the Action property) from the response and take the following steps according to the value.



When the value of the Action property is DeviceVerificationAction.BAD_REQUEST, it means that the user code exists, has not expired, and belongs to the service. The authorization server implementation should interact with the end-user to ask whether she approves or rejects the authorization request from the device.



When the value of the Action property is DeviceVerificationAction.EXPIRED, it means that the user code has expired. The authorization server implementation should tell the end-user that the user code has expired and urge her to re-initiate a device flow.



When the value of the Action property is DeviceVerificationAction.NOT_EXIST, it means that the user code does not exist. The authorization server implementation should tell the end-user that the user code is invalid and urge her to retry to input a valid user code.



When the value of the Action property is DeviceVerificationAction.SERVER_ERROR, it means that an error occurred on Authlete side. The authorization server implementation should tell the end-user that something wrong happened and urge her to re-initiate a device flow.

Since version 1.5.0.

Property Documentation

◆ Acrs

string [] Acrs
getset

The list of ACRs (Authentication Context Class References) requested by the device authorization request.

◆ Action

DeviceVerificationAction Action
getset

The next action that the authorization server implementation should take.

◆ ClaimNames

string [] ClaimNames
getset

The names of the claims which were requested indirectly via some special scopes. See 5.4. Requesting Claims using Scope Values in OpenID Connect Core 1.0 for details.

This property always holds null if the scope request parameter of the device authorization request does not include the openid scope even if special scopes (such as profile) are included in the request (unless the openid scope is included in the default set of scopes which is used when the scope request parameter is omitted).

◆ ClientId

long ClientId
getset

The client ID of the client application to which the user code has been issued.

◆ ClientIdAlias

string ClientIdAlias
getset

The client ID alias of the client application to which the user code has been issued.

◆ ClientName

string ClientName
getset

The name of the client application to which the user code has been issued.

◆ ExpiresAt

long ExpiresAt
getset

The date in milliseconds since the Unix epoch (1970-Jan-1) at which the user code will expire.

◆ IsClientIdAliasUsed

bool IsClientIdAliasUsed
getset

The flag which indicates whether the client ID alias was used in the device authorization request.

◆ Resources

string [] Resources
getset

The resources specified by the resource request parameters in the preceding device authorization request. See RFC 8707 (Resource Indicators for OAuth 2.0) for details.

◆ Scopes

Scope [] Scopes
getset

The scopes requested by the device authorization request.

Note that Description property and Descriptions property of each element (Scope instance) in the array held by this property always null even if descriptions of the scopes are registered.


The documentation for this class was generated from the following file: