Package com.authlete.common.dto

Class NativeSsoResponse

java.lang.Object

com.authlete.common.dto.ApiResponse

com.authlete.common.dto.NativeSsoResponse

All Implemented Interfaces:

Serializable

public class NativeSsoResponse
extends ApiResponse

A response from Authlete's /nativesso API.

A response from the /nativesso API can be mapped to this class. The API caller should extract the value of the "action" parameter from the API response and take the next action based on the value of the parameter.

action = OK

The action value OK means that a Native SSO-compliant ID token and a token response have been prepared successfully. In this case, the implementation of the token endpoint should return a successful response to the client application. The HTTP status code and the content type of the response should be 200 and application/json, respectively. The value of the responseContent parameter can be used as the message body of the response.

 HTTP/1.1 200 OK
 Content-Type: application/json
 Cache-Control: no-store

 (Put the value of the "responseContent" parameter here.)
 

The resulting message body will look like this:

 {
   "access_token":      "(Access Token)",
   "token_type":        "(Token Type)",
   "expires_in":         (Lifetime in Seconds),
   "scope":             "(Space-separated Scopes)",
   "refresh_token":     "(Refresh Token)",
   "id_token":          "(ID Token)",
   "device_secret":     "(Device Secret)",
   "issued_token_type": "urn:ietf:params:oauth:token-type:access_token"
 }

The issued_token_type parameter in the token response is required only in the token exchange flow, but the current implementation of the /nativesso API always embeds the parameter, even in the authorization code and refresh token flows. Since it is allowed to include any parameters in token responses, this behavior should not cause any issues.

action = INTERNAL_SERVER_ERROR

The action value INTERNAL_SERVER_ERROR means that something wrong happened on Authlete side. In this case, the implementation of the token endpoint should return an error response to the client application. The HTTP status code and the content type of the error response should be 500 and application/json, respectively. The value of the responseContent parameter can be used as the message body of the error response.

 HTTP/1.1 500 Internal Server Error
 Content-Type: application/json
 Cache-Control: no-store

 (Put the value of the "responseContent" parameter here.)
 

Note that, however, in real production deployments, it may be better to return a vaguer error response instead of a bare one like above.

action = CALLER_ERROR

The action value CALLER_ERROR means that the API call is wrong. For example, the "accessToken" request parameter is missing.

Caller errors should be solved before the service is deployed in a production environment.

Since:

4.18, Authlete 3.0

See Also:

OpenID Connect Native SSO for Mobile Apps 1.0, NativeSsoRequest, Serialized Form

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	NativeSsoResponse.Action	The next action that the implementation of the token endpoint should take.

Constructor Summary

Constructors

Constructor	Description
NativeSsoResponse()

Method Summary

Modifier and Type	Method	Description
NativeSsoResponse.Action	getAction()	Get the next action that the implementation of the token endpoint should take.
String	getIdToken()	Get the issued ID token.
String	getResponseContent()	Get the response content that can be used as the message body of the token response that should be returned from the token endpoint.
NativeSsoResponse	setAction(NativeSsoResponse.Action action)	Set the next action that the implementation of the token endpoint should take.
NativeSsoResponse	setIdToken(String idToken)	Set the issued ID token.
NativeSsoResponse	setResponseContent(String responseContent)	Set the response content that can be used as the message body of the token response that should be returned from the token endpoint.

Methods inherited from class com.authlete.common.dto.ApiResponse

getResultCode, getResultMessage, setResultCode, setResultMessage

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

NativeSsoResponse

public NativeSsoResponse()

Method Detail

getAction

public NativeSsoResponse.Action getAction()

Get the next action that the implementation of the token endpoint should take.

Returns:

The next action that the implementation of the token endpoint should take.

setAction

public NativeSsoResponse setAction(NativeSsoResponse.Action action)

Set the next action that the implementation of the token endpoint should take.

Parameters:

action - The next action that the implementation of the token endpoint should take.

Returns:

this object.

getResponseContent

public String getResponseContent()

Get the response content that can be used as the message body of the token response that should be returned from the token endpoint.

Returns:

The response content.

setResponseContent

public NativeSsoResponse setResponseContent(String responseContent)

Set the response content that can be used as the message body of the token response that should be returned from the token endpoint.

Parameters:

responseContent - The response content.

Returns:

this object.

getIdToken

public String getIdToken()

Get the issued ID token.

Returns:

The issued ID token in the JWS compact serialization format.

setIdToken

public NativeSsoResponse setIdToken(String idToken)

Set the issued ID token.

Parameters:

idToken - The issued ID token in the JWS compact serialization format.

Returns:

this object.