Class UserInfoRequestHandler.Params
- java.lang.Object
-
- com.authlete.jaxrs.UserInfoRequestHandler.Params
-
- All Implemented Interfaces:
Serializable
- Enclosing class:
- UserInfoRequestHandler
public static class UserInfoRequestHandler.Params extends Object implements Serializable
Parameters passed to theUserInfoRequestHandler.handle(Params)method.- Since:
- 2.27
- See Also:
- Serialized Form
-
-
Constructor Summary
Constructors Constructor Description Params()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description StringgetAccessToken()Get the access token included in the userinfo request.StringgetClientCertificate()Get the client certificate included in the userinfo request.StringgetDpop()Get the DPoP proof JWT (the value of theDPoPHTTP header).StringgetHtm()Get the HTTP method of the userinfo request.StringgetHtu()Get the URL of the userinfo endpoint.booleanisOldIdaFormatUsed()Get the flag indicating whetherUserInfoRequestHandleruses the old format of"verified_claims"defined in the Implementer's Draft 2 of OpenID Connect for Identity Assurance 1.0 which was published on May 19, 2020.UserInfoRequestHandler.ParamssetAccessToken(String accessToken)Set the access token included in the userinfo request.UserInfoRequestHandler.ParamssetClientCertificate(String clientCertificate)Set the client certificate included in the userinfo request.UserInfoRequestHandler.ParamssetDpop(String dpop)Set the DPoP proof JWT (the value of theDPoPHTTP header).UserInfoRequestHandler.ParamssetHtm(String htm)Set the HTTP method of the userinfo request.UserInfoRequestHandler.ParamssetHtu(String htu)Set the URL of the userinfo endpoint.UserInfoRequestHandler.ParamssetOldIdaFormatUsed(boolean used)Set the flag indicating whetherUserInfoRequestHandleruses the old format of"verified_claims"defined in the Implementer's Draft 2 of OpenID Connect for Identity Assurance 1.0 which was published on May 19, 2020.
-
-
-
Method Detail
-
getAccessToken
public String getAccessToken()
Get the access token included in the userinfo request.- Returns:
- The access token.
-
setAccessToken
public UserInfoRequestHandler.Params setAccessToken(String accessToken)
Set the access token included in the userinfo request.- Parameters:
accessToken- The access token.- Returns:
thisobject.
-
getClientCertificate
public String getClientCertificate()
Get the client certificate included in the userinfo request.- Returns:
- The client certificate.
- See Also:
- RFC 8705 : OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens
-
setClientCertificate
public UserInfoRequestHandler.Params setClientCertificate(String clientCertificate)
Set the client certificate included in the userinfo request.- Parameters:
clientCertificate- The client certificate.- Returns:
thisobject.- See Also:
- RFC 8705 : OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens
-
getDpop
public String getDpop()
Get the DPoP proof JWT (the value of theDPoPHTTP header).See "OAuth 2.0 Demonstration of Proof-of-Possession at the Application Layer (DPoP)" for details.
- Returns:
- The DPoP proof JWT.
-
setDpop
public UserInfoRequestHandler.Params setDpop(String dpop)
Set the DPoP proof JWT (the value of theDPoPHTTP header).See "OAuth 2.0 Demonstration of Proof-of-Possession at the Application Layer (DPoP)" for details.
- Parameters:
dpop- The DPoP proof JWT.- Returns:
thisobject.
-
getHtm
public String getHtm()
Get the HTTP method of the userinfo request.- Returns:
- The HTTP method of the userinfo request.
-
setHtm
public UserInfoRequestHandler.Params setHtm(String htm)
Set the HTTP method of the userinfo request.The value should be either
"GET"or"POST"unless new specifications allowing other HTTP methods at the userinfo endpoint are developed.The value passed here will be used to validate the DPoP proof JWT. See "OAuth 2.0 Demonstration of Proof-of-Possession at the Application Layer (DPoP)" for details.
- Parameters:
htm- The HTTP method of the userinfo request.- Returns:
thisobject.
-
getHtu
public String getHtu()
Get the URL of the userinfo endpoint.- Returns:
- The URL of the userinfo endpoint.
-
setHtu
public UserInfoRequestHandler.Params setHtu(String htu)
Set the URL of the userinfo endpoint.If this parameter is omitted, the
userInfoEndpointproperty ofServicewill be used as the default value.The value passed here will be used to validate the DPoP proof JWT. See "OAuth 2.0 Demonstration of Proof-of-Possession at the Application Layer (DPoP)" for details.
- Parameters:
htu- The URL of the userinfo endpoint.- Returns:
thisobject.
-
isOldIdaFormatUsed
public boolean isOldIdaFormatUsed()
Get the flag indicating whetherUserInfoRequestHandleruses the old format of"verified_claims"defined in the Implementer's Draft 2 of OpenID Connect for Identity Assurance 1.0 which was published on May 19, 2020.When this flag is on,
UserInfoRequestHandlercalls thegetVerifiedClaims(String, VerifiedClaimsConstraint)method ofUserInfoRequestHandlerSpi. On the other hand, if this flag is off, thegetVerifiedClaims(String, Object)method is called instead. This is a breaking change from authlete-java-jaxrs version 2.41. This flag exists to mitigate the breaking change.The Implementer's Draft 3 of OpenID Connect for Identity Assurance 1.0, which was published on September 6, 2021, made many breaking changes. In addition, it is certain that further breaking changes will be made in the next draft. Considering the instability of the specification, it is not a good approach to define Java classes that correspond to elements in
"verified_claims". Thecom.authlete.common.assurancepackage in the authlete-java-common library was developed based on the approach for the Implementer's Draft 2, but it is not useful any more. This is the reason thegetVerifiedClaims(String, VerifiedClaimsConstraint)method (whose second argument is an instance ofVerifiedClaimsConstraintwhich is defined in thecom.authlete.common.assurance.constraintpackage) was marked as deprecated.- Returns:
trueifUserInfoRequestHandlercallsgetVerifiedClaims(String, VerifiedClaimsConstraint)method ofUserInfoRequestHandlerSpi.falseifUserInfoRequestHandlercallsgetVerifiedClaims(String, Object)method instead.- Since:
- 2.42
- See Also:
- OpenID Connect for Identity Assurance 1.0
-
setOldIdaFormatUsed
public UserInfoRequestHandler.Params setOldIdaFormatUsed(boolean used)
Set the flag indicating whetherUserInfoRequestHandleruses the old format of"verified_claims"defined in the Implementer's Draft 2 of OpenID Connect for Identity Assurance 1.0 which was published on May 19, 2020.When this flag is on,
UserInfoRequestHandlercalls thegetVerifiedClaims(String, VerifiedClaimsConstraint)method ofUserInfoRequestHandlerSpi. On the other hand, if this flag is off, thegetVerifiedClaims(String, Object)method is called instead. This is a breaking change from authlete-java-jaxrs version 2.41. This flag exists to mitigate the breaking change.The Implementer's Draft 3 of OpenID Connect for Identity Assurance 1.0, which was published on September 6, 2021, made many breaking changes. In addition, it is certain that further breaking changes will be made in the next draft. Considering the instability of the specification, it is not a good approach to define Java classes that correspond to elements in
"verified_claims". Thecom.authlete.common.assurancepackage in the authlete-java-common library was developed based on the approach for the Implementer's Draft 2, but it is not useful any more. This is the reason thegetVerifiedClaims(String, VerifiedClaimsConstraint)method (whose second argument is an instance ofVerifiedClaimsConstraintwhich is defined in thecom.authlete.common.assurance.constraintpackage) was marked as deprecated.- Parameters:
used-trueto makeUserInfoRequestHandlercallgetVerifiedClaims(String, VerifiedClaimsConstraint)method ofUserInfoRequestHandlerSpi.falseto makeUserInfoRequestHandlercallgetVerifiedClaims(String, Object)method instead.- Returns:
thisobject.- Since:
- 2.42
- See Also:
- OpenID Connect for Identity Assurance 1.0
-
-