IDTokenClaimsSet (OAuth 2.0 SDK with OpenID Connect extensions 4.5 API)

java.lang.Object
- com.nimbusds.openid.connect.sdk.claims.ClaimsSet
- - com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet

public class IDTokenClaimsSet
extends ClaimsSet

ID token claims set, serialisable to a JSON object.

Example ID token claims set:

 {
   "iss"       : "https://server.example.com",
   "sub"       : "24400320",
   "aud"       : "s6BhdRkqt3",
   "nonce"     : "n-0S6_WzA2Mj",
   "exp"       : 1311281970,
   "iat"       : 1311280970,
   "auth_time" : 1311280969,
   "acr"       : "urn:mace:incommon:iap:silver",
   "at_hash"   : "MTIzNDU2Nzg5MDEyMzQ1Ng"
 }

Related specifications:

OpenID Connect Core 1.0, section 2.

Field Summary

Fields
Modifier and Type	Field and Description
`static java.lang.String`	`ACR_CLAIM_NAME` The ACR claim name.
`static java.lang.String`	`AMR_CLAIM_NAME` The AMRs claim name.
`static java.lang.String`	`AT_HASH_CLAIM_NAME` The access token hash claim name.
`static java.lang.String`	`AUD_CLAIM_NAME` The audience claim name.
`static java.lang.String`	`AUTH_TIME_CLAIM_NAME` The subject authentication time claim name.
`static java.lang.String`	`AZP_CLAIM_NAME` The authorised party claim name.
`static java.lang.String`	`C_HASH_CLAIM_NAME` The authorisation code hash claim name.
`static java.lang.String`	`EXP_CLAIM_NAME` The expiration time claim name.
`static java.lang.String`	`IAT_CLAIM_NAME` The issue time claim name.
`static java.lang.String`	`ISS_CLAIM_NAME` The issuer claim name.
`static java.lang.String`	`NONCE_CLAIM_NAME` The nonce claim name.
`static java.lang.String`	`SUB_CLAIM_NAME` The subject claim name.
`static java.lang.String`	`SUB_JWK_CLAIM_NAME` The subject JWK claim name.

Constructor Summary

Constructors
Constructor and Description
`IDTokenClaimsSet(Issuer iss, Subject sub, java.util.List<Audience> aud, java.util.Date exp, java.util.Date iat)` Creates a new minimal ID token claims set.
`IDTokenClaimsSet(com.nimbusds.jwt.ReadOnlyJWTClaimsSet jwtClaimsSet)` Creates a new ID token claims set from the specified JSON Web Token (JWT) claims set.

Method Summary

Methods
Modifier and Type	Method and Description
`AccessTokenHash`	`getAccessTokenHash()` Gets the access token hash.
`ACR`	`getACR()` Gets the Authentication Context Class Reference (ACR).
`java.util.List<AMR>`	`getAMR()` Gets the Authentication Methods References (AMRs).
`java.util.List<Audience>`	`getAudience()` Gets the ID token audience.
`java.util.Date`	`getAuthenticationTime()` Gets the subject authentication time.
`AuthorizedParty`	`getAuthorizedParty()` Gets the authorised party for the ID token.
`CodeHash`	`getCodeHash()` Gets the authorisation code hash.
`java.util.Date`	`getExpirationTime()` Gets the ID token expiration time.
`Issuer`	`getIssuer()` Gets the ID token issuer.
`java.util.Date`	`getIssueTime()` Gets the ID token issue time.
`Nonce`	`getNonce()` Gets the ID token nonce.
`static java.util.Set<java.lang.String>`	`getStandardClaimNames()` Gets the names of the standard top-level ID token claims.
`Subject`	`getSubject()` Gets the ID token subject.
`com.nimbusds.jose.jwk.JWK`	`getSubjectJWK()` Gets the subject's JSON Web Key (JWK) for a self-issued OpenID Connect provider.
`boolean`	`hasRequiredClaims(ResponseType rt)` Checks if this ID token claims set contains all required claims for the specified OpenID Connect response type.
`static IDTokenClaimsSet`	`parse(java.lang.String json)` Parses an ID token claims set from the specified JSON object string.
`void`	`setAccessTokenHash(AccessTokenHash atHash)` Sets the access token hash.
`void`	`setACR(ACR acr)` Sets the Authentication Context Class Reference (ACR).
`void`	`setAMR(java.util.List<AMR> amr)` Sets the Authentication Methods References (AMRs).
`void`	`setAuthenticationTime(java.util.Date authTime)` Sets the subject authentication time.
`void`	`setAuthorizedParty(AuthorizedParty azp)` Sets the authorised party for the ID token.
`void`	`setCodeHash(CodeHash cHash)` Sets the authorisation code hash.
`void`	`setNonce(Nonce nonce)` Sets the ID token nonce.
`void`	`setSubjectJWK(com.nimbusds.jose.jwk.JWK subJWK)` Sets the subject's JSON Web Key (JWK) for a self-issued OpenID Connect provider.

Methods inherited from class com.nimbusds.openid.connect.sdk.claims.ClaimsSet
getBooleanClaim, getClaim, getClaim, getDateClaim, getEmailClaim, getLangTaggedClaim, getNumberClaim, getStringClaim, getStringClaim, getStringListClaim, getURIClaim, getURLClaim, putAll, setClaim, setClaim, setDateClaim, setEmailClaim, setURIClaim, setURLClaim, toJSONObject, toJWTClaimsSet

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - ISS_CLAIM_NAME
```
public static final java.lang.String ISS_CLAIM_NAME
```
    The issuer claim name.
    
    See Also:
    Constant Field Values
  - SUB_CLAIM_NAME
```
public static final java.lang.String SUB_CLAIM_NAME
```
    The subject claim name.
    
    See Also:
    Constant Field Values
  - AUD_CLAIM_NAME
```
public static final java.lang.String AUD_CLAIM_NAME
```
    The audience claim name.
    
    See Also:
    Constant Field Values
  - EXP_CLAIM_NAME
```
public static final java.lang.String EXP_CLAIM_NAME
```
    The expiration time claim name.
    
    See Also:
    Constant Field Values
  - IAT_CLAIM_NAME
```
public static final java.lang.String IAT_CLAIM_NAME
```
    The issue time claim name.
    
    See Also:
    Constant Field Values
  - AUTH_TIME_CLAIM_NAME
```
public static final java.lang.String AUTH_TIME_CLAIM_NAME
```
    The subject authentication time claim name.
    
    See Also:
    Constant Field Values
  - NONCE_CLAIM_NAME
```
public static final java.lang.String NONCE_CLAIM_NAME
```
    The nonce claim name.
    
    See Also:
    Constant Field Values
  - AT_HASH_CLAIM_NAME
```
public static final java.lang.String AT_HASH_CLAIM_NAME
```
    The access token hash claim name.
    
    See Also:
    Constant Field Values
  - C_HASH_CLAIM_NAME
```
public static final java.lang.String C_HASH_CLAIM_NAME
```
    The authorisation code hash claim name.
    
    See Also:
    Constant Field Values
  - ACR_CLAIM_NAME
```
public static final java.lang.String ACR_CLAIM_NAME
```
    The ACR claim name.
    
    See Also:
    Constant Field Values
  - AMR_CLAIM_NAME
```
public static final java.lang.String AMR_CLAIM_NAME
```
    The AMRs claim name.
    
    See Also:
    Constant Field Values
  - AZP_CLAIM_NAME
```
public static final java.lang.String AZP_CLAIM_NAME
```
    The authorised party claim name.
    
    See Also:
    Constant Field Values
  - SUB_JWK_CLAIM_NAME
```
public static final java.lang.String SUB_JWK_CLAIM_NAME
```
    The subject JWK claim name.
    
    See Also:
    Constant Field Values
- Constructor Detail
  - IDTokenClaimsSet
```
public IDTokenClaimsSet(Issuer iss,
                Subject sub,
                java.util.List<Audience> aud,
                java.util.Date exp,
                java.util.Date iat)
```
    Creates a new minimal ID token claims set. Note that the ID token may require additional claims to be present depending on the original OpenID Connect authorisation request.
    
    Parameters:
    iss - The issuer. Must not be null.
    sub - The subject. Must not be null.
    aud - The audience. Must not be null.
    exp - The expiration time. Must not be null.
    iat - The issue time. Must not be null.
  - IDTokenClaimsSet
```
public IDTokenClaimsSet(com.nimbusds.jwt.ReadOnlyJWTClaimsSet jwtClaimsSet)
                 throws ParseException
```
    Creates a new ID token claims set from the specified JSON Web Token (JWT) claims set.
    
    Parameters:
    jwtClaimsSet - The JWT claims set. Must not be null.
    
    Throws:
    
    ParseException - If the JSON object doesn't contain the minimally required issuer iss, subject sub, audience list aud, expiration date exp and issue date iat claims.
- Method Detail
  - getStandardClaimNames
```
public static java.util.Set<java.lang.String> getStandardClaimNames()
```
    Gets the names of the standard top-level ID token claims.
    
    Returns:
    The names of the standard top-level ID token claims (read-only set).
  - hasRequiredClaims
```
public boolean hasRequiredClaims(ResponseType rt)
```
    Checks if this ID token claims set contains all required claims for the specified OpenID Connect response type.
    
    Parameters:
    rt - The OpenID Connect response type. Must not be null.
    
    Returns:
    true if the required claims are contained, else false.
  - getIssuer
```
public Issuer getIssuer()
```
    Gets the ID token issuer. Corresponds to the iss claim.
    
    Returns:
    The issuer.
  - getSubject
```
public Subject getSubject()
```
    Gets the ID token subject. Corresponds to the sub claim.
    
    Returns:
    The subject.
  - getAudience
```
public java.util.List<Audience> getAudience()
```
    Gets the ID token audience. Corresponds to the aud claim.
    
    Returns:
    The audience.
  - getExpirationTime
```
public java.util.Date getExpirationTime()
```
    Gets the ID token expiration time. Corresponds to the exp claim.
    
    Returns:
    The expiration time.
  - getIssueTime
```
public java.util.Date getIssueTime()
```
    Gets the ID token issue time. Corresponds to the iss claim.
    
    Returns:
    The issue time.
  - getAuthenticationTime
```
public java.util.Date getAuthenticationTime()
```
    Gets the subject authentication time. Corresponds to the auth_time claim.
    
    Returns:
    The authentication time, null if not specified or parsing failed.
  - setAuthenticationTime
```
public void setAuthenticationTime(java.util.Date authTime)
```
    Sets the subject authentication time. Corresponds to the auth_time claim.
    
    Parameters:
    authTime - The authentication time, null if not specified.
  - getNonce
```
public Nonce getNonce()
```
    Gets the ID token nonce. Corresponds to the nonce claim.
    
    Returns:
    The nonce, null if not specified or parsing failed.
  - setNonce
```
public void setNonce(Nonce nonce)
```
    Sets the ID token nonce. Corresponds to the nonce claim.
    
    Parameters:
    nonce - The nonce, null if not specified.
  - getAccessTokenHash
```
public AccessTokenHash getAccessTokenHash()
```
    Gets the access token hash. Corresponds to the at_hash claim.
    
    Returns:
    The access token hash, null if not specified or parsing failed.
  - setAccessTokenHash
```
public void setAccessTokenHash(AccessTokenHash atHash)
```
    Sets the access token hash. Corresponds to the at_hash claim.
    
    Parameters:
    atHash - The access token hash, null if not specified.
  - getCodeHash
```
public CodeHash getCodeHash()
```
    Gets the authorisation code hash. Corresponds to the c_hash claim.
    
    Returns:
    The authorisation code hash, null if not specified or parsing failed.
  - setCodeHash
```
public void setCodeHash(CodeHash cHash)
```
    Sets the authorisation code hash. Corresponds to the c_hash claim.
    
    Parameters:
    cHash - The authorisation code hash, null if not specified.
  - getACR
```
public ACR getACR()
```
    Gets the Authentication Context Class Reference (ACR). Corresponds to the acr claim.
    
    Returns:
    The Authentication Context Class Reference (ACR), null if not specified or parsing failed.
  - setACR
```
public void setACR(ACR acr)
```
    Sets the Authentication Context Class Reference (ACR). Corresponds to the acr claim.
    
    Parameters:
    acr - The Authentication Context Class Reference (ACR), null if not specified.
  - getAMR
```
public java.util.List<AMR> getAMR()
```
    Gets the Authentication Methods References (AMRs). Corresponds to the amr claim.
    
    Returns:
    The Authentication Methods Reference (AMR) list, null if not specified or parsing failed.
  - setAMR
```
public void setAMR(java.util.List<AMR> amr)
```
    Sets the Authentication Methods References (AMRs). Corresponds to the amr claim.
    
    Parameters:
    amr - The Authentication Methods Reference (AMR) list, null if not specified.
  - getAuthorizedParty
```
public AuthorizedParty getAuthorizedParty()
```
    Gets the authorised party for the ID token. Corresponds to the azp claim.
    
    Returns:
    The authorised party, null if not specified or parsing failed.
  - setAuthorizedParty
```
public void setAuthorizedParty(AuthorizedParty azp)
```
    Sets the authorised party for the ID token. Corresponds to the azp claim.
    
    Parameters:
    azp - The authorised party, null if not specified.
  - getSubjectJWK
```
public com.nimbusds.jose.jwk.JWK getSubjectJWK()
```
    Gets the subject's JSON Web Key (JWK) for a self-issued OpenID Connect provider. Corresponds to the sub_jwk claim.
    
    Returns:
    The subject's JWK, null if not specified or parsing failed.
  - setSubjectJWK
```
public void setSubjectJWK(com.nimbusds.jose.jwk.JWK subJWK)
```
    Sets the subject's JSON Web Key (JWK) for a self-issued OpenID Connect provider. Corresponds to the sub_jwk claim.
    
    Parameters:
    subJWK - The subject's JWK (must be public), null if not specified.
  - parse
```
public static IDTokenClaimsSet parse(java.lang.String json)
                              throws ParseException
```
    Parses an ID token claims set from the specified JSON object string.
    
    Parameters:
    json - The JSON object string to parse. Must not be null.
    
    Returns:
    The ID token claims set.
    
    Throws:
    
    ParseException - If parsing failed.

Class IDTokenClaimsSet

Field Summary

Constructor Summary

Method Summary

Methods inherited from class com.nimbusds.openid.connect.sdk.claims.ClaimsSet

Methods inherited from class java.lang.Object

Field Detail

ISS_CLAIM_NAME

SUB_CLAIM_NAME

AUD_CLAIM_NAME

EXP_CLAIM_NAME

IAT_CLAIM_NAME

AUTH_TIME_CLAIM_NAME

NONCE_CLAIM_NAME

AT_HASH_CLAIM_NAME

C_HASH_CLAIM_NAME

ACR_CLAIM_NAME

AMR_CLAIM_NAME

AZP_CLAIM_NAME

SUB_JWK_CLAIM_NAME

Constructor Detail

IDTokenClaimsSet

IDTokenClaimsSet

Method Detail

getStandardClaimNames

hasRequiredClaims

getIssuer

getSubject

getAudience

getExpirationTime

getIssueTime

getAuthenticationTime

setAuthenticationTime

getNonce

setNonce

getAccessTokenHash

setAccessTokenHash

getCodeHash

setCodeHash

getACR

setACR

getAMR

setAMR

getAuthorizedParty

setAuthorizedParty

getSubjectJWK

setSubjectJWK

parse