Documentation

BackchannelAuthenticationFailReason Uses EnumTrait

The value of "reason" in requests to Authlete's /api/backchannel/authentication/fail API.

$ACCESS_DENIED

The resource owner or the authorization server denied the request.


    public
    static    BackchannelAuthenticationFailReason
    $ACCESS_DENIED

Calling /api/backchannel/authentication/fail API with this reason implies that the backchannel authentication endpoint is going to return an error of access_denied to the client application without asking the end-user whether she authorizes or rejects the request.

Using this reason will result in "error":"access_denied".

$EXPIRED_LOGIN_HINT_TOKEN

The `login_hint_token` included in the backchannel authentication request is not valid because it has expired.


    public
    static    BackchannelAuthenticationFailReason
    $EXPIRED_LOGIN_HINT_TOKEN

Note that the CIBA Core specification does not describe the format of login_hint_token and how to detect expiration.

Using this reason will result in "error":"expired_login_hint_token".

$INVALID_BINDING_MESSAGE

The binding message is invalid or unacceptable for use in the context of the given backchannel authentication request.


    public
    static    BackchannelAuthenticationFailReason
    $INVALID_BINDING_MESSAGE

Using this reason will result in "error":"invalid_binding_message".

$INVALID_TARGET

The requested resource is invalid, missing, unknown, or malformed.


    public
    static    BackchannelAuthenticationFailReason
    $INVALID_TARGET

Using this reason will result in "error":"invalid_target".

$INVALID_USER_CODE

The user code included in the backchannel authentication request is invalid.


    public
    static    BackchannelAuthenticationFailReason
    $INVALID_USER_CODE

Using this reason will result in "error":"invalid_user_code".

$MISSING_USER_CODE

A user code is required but the backchannel authentication request does not contain it.


    public
    static    BackchannelAuthenticationFailReason
    $MISSING_USER_CODE

Note that /api/backchannel/authentication API does not return "action":"USER_IDENTIFICATION" when both the backchannel_user_code_parameter_supported metadata of the service and the backchannel_user_code_parameter metadata of the client are true and the backchannel authentication request does not include the user_code request parameter. In this case, /api/backchannel/authentication API returns "action":"BAD_REQUEST" with JSON containing "error":"missing_user_code".

Therefore, the authorization server implementation will never have to call /api/backchannel/authentication/fail API with "reason":"MISSING_USER_CODE" unless the server has intentionally implemented custom rules to require a user code even in the case where the backchannel_user_code_parameter metadata of the client which has made the backchannel authentication request is false.

Using this reason will result in "error":"missing_user_code".

$SERVER_ERROR

The backchannel authentication request cannot be processed successfully due to a server-side error.


    public
    static    BackchannelAuthenticationFailReason
    $SERVER_ERROR

Using this reason will result in "error":"server_error".

$UNAUTHORIZED_CLIENT

The client is not authorized to use the CIBA flow.


    public
    static    BackchannelAuthenticationFailReason
    $UNAUTHORIZED_CLIENT

Note that /api/backchannel/authentication API does not return "action":"USER_IDENTIFICATION" in cases where the client does not exist or client authentication has failed. Therefore, the authorization server implementation will never have to call /api/backchannel/authentication/fail API with "reason":"UNAUTHORIZED_CLIENT" unless the server has intentionally implemented custom rules to reject backchannel authentication requests from particular clients.

Using this reason will result in "error":"unauthorized_client".

$UNKNOWN_USER_ID

The authorization server is not able to identify which end-user the client wishes to be authenticated by means of the hint (`login_hint_token`, `id_token_hint` or `login_hint`) included in the backchannel authentication request.


    public
    static    BackchannelAuthenticationFailReason
    $UNKNOWN_USER_ID

Using this reason will result in "error":"unknown_user_id".

__toString()

Get the name of this instance.


    public
                __toString() : string

Return values

string —

The name of this instance.

name()

Get the name of this instance.


    public
                name() : string

Return values

string —

The name of this instance.

valueOf()

Get an instance of this class that the given argument represents.


    public
            static    valueOf(mixed $value) : static

If the given argument is an instance of this class, the instance itself is returned.

Otherwise, if the given argument is null, null is returned.

Otherwise, if the type of the given argument is not string, an InvalidArgumentException is returned.

Otherwise, a class variable whose name is equal to the given argument is looked up. If found, the instance is returned. If not found, an InvalidArgumentException is thrown.

Parameters

$value : mixed: A string that represents an instance of this class, or an instance of this class, or null.

Return values

static —

An instance of this class.

values()

Get the list of public class variables listed in this class.


    public
            static    values() : array<string|int, mixed>

Return values

array<string|int, mixed> —

Instances of this class which are defined as public class variables.

Documentation

BackchannelAuthenticationFailReason Uses EnumTrait

Tags

Table of Contents

Properties

$ACCESS_DENIED

Tags

$EXPIRED_LOGIN_HINT_TOKEN

Tags

$INVALID_BINDING_MESSAGE

Tags

$INVALID_TARGET

Tags

$INVALID_USER_CODE

Tags

$MISSING_USER_CODE

Tags

$SERVER_ERROR

Tags

$UNAUTHORIZED_CLIENT

Tags

$UNKNOWN_USER_ID

Tags

Methods

__toString()

Return values

name()

Return values

valueOf()

Parameters

Return values

values()

Return values

Search results