Class UserInfoRequestHandler.Params
- java.lang.Object
-
- com.authlete.jaxrs.UserInfoRequestHandler.Params
-
- All Implemented Interfaces:
Serializable
- Enclosing class:
- UserInfoRequestHandler
public static class UserInfoRequestHandler.Params extends Object implements Serializable
Parameters passed to theUserInfoRequestHandler.handle(Params)
method.- Since:
- 2.27
- See Also:
- Serialized Form
-
-
Constructor Summary
Constructors Constructor Description Params()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description String
getAccessToken()
Get the access token included in the userinfo request.String
getClientCertificate()
Get the client certificate included in the userinfo request.String
getDpop()
Get the DPoP proof JWT (the value of theDPoP
HTTP header).String
getHtm()
Get the HTTP method of the userinfo request.String
getHtu()
Get the URL of the userinfo endpoint.boolean
isOldIdaFormatUsed()
Get the flag indicating whetherUserInfoRequestHandler
uses the old format of"verified_claims"
defined in the Implementer's Draft 2 of OpenID Connect for Identity Assurance 1.0 which was published on May 19, 2020.UserInfoRequestHandler.Params
setAccessToken(String accessToken)
Set the access token included in the userinfo request.UserInfoRequestHandler.Params
setClientCertificate(String clientCertificate)
Set the client certificate included in the userinfo request.UserInfoRequestHandler.Params
setDpop(String dpop)
Set the DPoP proof JWT (the value of theDPoP
HTTP header).UserInfoRequestHandler.Params
setHtm(String htm)
Set the HTTP method of the userinfo request.UserInfoRequestHandler.Params
setHtu(String htu)
Set the URL of the userinfo endpoint.UserInfoRequestHandler.Params
setOldIdaFormatUsed(boolean used)
Set the flag indicating whetherUserInfoRequestHandler
uses the old format of"verified_claims"
defined in the Implementer's Draft 2 of OpenID Connect for Identity Assurance 1.0 which was published on May 19, 2020.
-
-
-
Method Detail
-
getAccessToken
public String getAccessToken()
Get the access token included in the userinfo request.- Returns:
- The access token.
-
setAccessToken
public UserInfoRequestHandler.Params setAccessToken(String accessToken)
Set the access token included in the userinfo request.- Parameters:
accessToken
- The access token.- Returns:
this
object.
-
getClientCertificate
public String getClientCertificate()
Get the client certificate included in the userinfo request.- Returns:
- The client certificate.
- See Also:
- RFC 8705 : OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens
-
setClientCertificate
public UserInfoRequestHandler.Params setClientCertificate(String clientCertificate)
Set the client certificate included in the userinfo request.- Parameters:
clientCertificate
- The client certificate.- Returns:
this
object.- See Also:
- RFC 8705 : OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens
-
getDpop
public String getDpop()
Get the DPoP proof JWT (the value of theDPoP
HTTP header).See "OAuth 2.0 Demonstration of Proof-of-Possession at the Application Layer (DPoP)" for details.
- Returns:
- The DPoP proof JWT.
-
setDpop
public UserInfoRequestHandler.Params setDpop(String dpop)
Set the DPoP proof JWT (the value of theDPoP
HTTP header).See "OAuth 2.0 Demonstration of Proof-of-Possession at the Application Layer (DPoP)" for details.
- Parameters:
dpop
- The DPoP proof JWT.- Returns:
this
object.
-
getHtm
public String getHtm()
Get the HTTP method of the userinfo request.- Returns:
- The HTTP method of the userinfo request.
-
setHtm
public UserInfoRequestHandler.Params setHtm(String htm)
Set the HTTP method of the userinfo request.The value should be either
"GET"
or"POST"
unless new specifications allowing other HTTP methods at the userinfo endpoint are developed.The value passed here will be used to validate the DPoP proof JWT. See "OAuth 2.0 Demonstration of Proof-of-Possession at the Application Layer (DPoP)" for details.
- Parameters:
htm
- The HTTP method of the userinfo request.- Returns:
this
object.
-
getHtu
public String getHtu()
Get the URL of the userinfo endpoint.- Returns:
- The URL of the userinfo endpoint.
-
setHtu
public UserInfoRequestHandler.Params setHtu(String htu)
Set the URL of the userinfo endpoint.If this parameter is omitted, the
userInfoEndpoint
property ofService
will be used as the default value.The value passed here will be used to validate the DPoP proof JWT. See "OAuth 2.0 Demonstration of Proof-of-Possession at the Application Layer (DPoP)" for details.
- Parameters:
htu
- The URL of the userinfo endpoint.- Returns:
this
object.
-
isOldIdaFormatUsed
public boolean isOldIdaFormatUsed()
Get the flag indicating whetherUserInfoRequestHandler
uses the old format of"verified_claims"
defined in the Implementer's Draft 2 of OpenID Connect for Identity Assurance 1.0 which was published on May 19, 2020.When this flag is on,
UserInfoRequestHandler
calls thegetVerifiedClaims(String, VerifiedClaimsConstraint)
method ofUserInfoRequestHandlerSpi
. On the other hand, if this flag is off, thegetVerifiedClaims(String, Object)
method is called instead. This is a breaking change from authlete-java-jaxrs version 2.41. This flag exists to mitigate the breaking change.The Implementer's Draft 3 of OpenID Connect for Identity Assurance 1.0, which was published on September 6, 2021, made many breaking changes. In addition, it is certain that further breaking changes will be made in the next draft. Considering the instability of the specification, it is not a good approach to define Java classes that correspond to elements in
"verified_claims"
. Thecom.authlete.common.assurance
package in the authlete-java-common library was developed based on the approach for the Implementer's Draft 2, but it is not useful any more. This is the reason thegetVerifiedClaims(String, VerifiedClaimsConstraint)
method (whose second argument is an instance ofVerifiedClaimsConstraint
which is defined in thecom.authlete.common.assurance.constraint
package) was marked as deprecated.- Returns:
true
ifUserInfoRequestHandler
callsgetVerifiedClaims(String, VerifiedClaimsConstraint)
method ofUserInfoRequestHandlerSpi
.false
ifUserInfoRequestHandler
callsgetVerifiedClaims(String, Object)
method instead.- Since:
- 2.42
- See Also:
- OpenID Connect for Identity Assurance 1.0
-
setOldIdaFormatUsed
public UserInfoRequestHandler.Params setOldIdaFormatUsed(boolean used)
Set the flag indicating whetherUserInfoRequestHandler
uses the old format of"verified_claims"
defined in the Implementer's Draft 2 of OpenID Connect for Identity Assurance 1.0 which was published on May 19, 2020.When this flag is on,
UserInfoRequestHandler
calls thegetVerifiedClaims(String, VerifiedClaimsConstraint)
method ofUserInfoRequestHandlerSpi
. On the other hand, if this flag is off, thegetVerifiedClaims(String, Object)
method is called instead. This is a breaking change from authlete-java-jaxrs version 2.41. This flag exists to mitigate the breaking change.The Implementer's Draft 3 of OpenID Connect for Identity Assurance 1.0, which was published on September 6, 2021, made many breaking changes. In addition, it is certain that further breaking changes will be made in the next draft. Considering the instability of the specification, it is not a good approach to define Java classes that correspond to elements in
"verified_claims"
. Thecom.authlete.common.assurance
package in the authlete-java-common library was developed based on the approach for the Implementer's Draft 2, but it is not useful any more. This is the reason thegetVerifiedClaims(String, VerifiedClaimsConstraint)
method (whose second argument is an instance ofVerifiedClaimsConstraint
which is defined in thecom.authlete.common.assurance.constraint
package) was marked as deprecated.- Parameters:
used
-true
to makeUserInfoRequestHandler
callgetVerifiedClaims(String, VerifiedClaimsConstraint)
method ofUserInfoRequestHandlerSpi
.false
to makeUserInfoRequestHandler
callgetVerifiedClaims(String, Object)
method instead.- Returns:
this
object.- Since:
- 2.42
- See Also:
- OpenID Connect for Identity Assurance 1.0
-
-