All Classes Interface Summary Class Summary Enum Summary Exception Summary
| Class |
Description |
| AbstractJWTValidator |
Abstract JSON Web Token (JWT) validator for ID tokens and logout tokens.
|
| AbstractOptionallyAuthenticatedRequest |
Abstract request with optional client authentication.
|
| AbstractOptionallyIdentifiedRequest |
Abstract request with optional client authentication or client
identification.
|
| AbstractRequest |
The base abstract class for requests.
|
| AccessToken |
The base abstract class for access tokens.
|
| AccessTokenHash |
Access token hash (at_hash).
|
| AccessTokenResponse |
Access token response from the Token endpoint.
|
| AccessTokenType |
Access token type.
|
| AccessTokenValidator |
Access token validator, using the at_hash ID token claim.
|
| ACR |
Authentication Context Class Reference (acr).
|
| ACRRequest |
Resolved authentication Context Class Reference (ACR) request.
|
| Actor |
Authorised actor in impersonation and delegation cases.
|
| Address |
UserInfo address claims set, serialisable to a JSON object.
|
| AggregatedClaims |
Aggregated OpenID claims set.
|
| AMR |
Authentication Method Reference (amr).
|
| ApplicationType |
Enumeration of OpenID Connect client application types.
|
| AssertionDetails |
Common assertion details used in JWT bearer assertions and SAML 2.0 bearer
assertions.
|
| AssertionGrant |
Assertion grant.
|
| Audience |
Audience identifier.
|
| AuthenticationErrorResponse |
OpenID Connect authentication error response.
|
| AuthenticationRequest |
OpenID Connect authentication request.
|
| AuthenticationRequest.Builder |
Builder for constructing OpenID Connect authentication requests.
|
| AuthenticationRequestDetector |
OpenID authentication request detector.
|
| AuthenticationRequestResolver<C extends com.nimbusds.jose.proc.SecurityContext> |
Resolves the final OpenID Connect authentication request by superseding its
parameters with those found in the optional OpenID Connect request object.
|
| AuthenticationResponse |
OpenID Connect authentication response.
|
| AuthenticationResponseParser |
Parser of OpenID Connect authentication response messages.
|
| AuthenticationSuccessResponse |
OpenID Connect authentication success response.
|
| AuthorizationCode |
Authorisation code.
|
| AuthorizationCodeGrant |
Authorisation code grant.
|
| AuthorizationCodeValidator |
Authorisation code validator, using the c_hash ID token claim.
|
| AuthorizationErrorResponse |
Authorisation error response.
|
| AuthorizationGrant |
Authorisation grant.
|
| AuthorizationRequest |
Authorisation request.
|
| AuthorizationRequest.Builder |
Builder for constructing authorisation requests.
|
| AuthorizationResponse |
The base abstract class for authorisation success and error responses.
|
| AuthorizationServerConfigurationRequest |
OAuth 2.0 Authorisation Server (AS) configuration request.
|
| AuthorizationServerEndpointMetadata |
OAuth 2.0 Authorisation Server (AS) metadata for the endpoints.
|
| AuthorizationServerMetadata |
OAuth 2.0 Authorisation Server (AS) metadata.
|
| AuthorizationSuccessResponse |
Authorisation success response.
|
| AuthorizedParty |
Authorised party.
|
| AuthorizedParty |
OAuth 2.0 client authorized to use the ID Token as an OAuth access token,
if different than the client that requested the ID Token (azp).
|
| BackChannelLogoutRequest |
Back-channel logout request initiated by an OpenID provider (OP).
|
| BadJWTExceptions |
Common bad JWT exceptions.
|
| BadSAML2AssertionException |
Bad SAML 2.0 assertion exception.
|
| BearerAccessToken |
Bearer access token.
|
| BearerTokenError |
OAuth 2.0 bearer token error.
|
| Birthplace |
Birthplace claims set, serialisable to a JSON object.
|
| ClaimRequirement |
Enumeration of the claim requirement types.
|
| ClaimsRequest |
Specifies the individual OpenID claims to return from the UserInfo endpoint
and / or in the ID Token.
|
| ClaimsRequest.Entry |
Individual OpenID claim request.
|
| ClaimsSet |
Claims set with basic getters and setters, serialisable to a JSON object.
|
| ClaimsTransport |
Enumeration of the available claims transports.
|
| ClaimType |
Enumeration of the claim types.
|
| ClientAuthentication |
Base abstract class for client authentication at the Token endpoint.
|
| ClientAuthenticationMethod |
Client authentication method at the Token endpoint.
|
| ClientAuthenticationVerifier<T> |
Client authentication verifier.
|
| ClientCredentialsGrant |
Client credentials grant.
|
| ClientCredentialsParser |
Client credentials parser.
|
| ClientCredentialsSelector<T> |
Selector of client credential candidates for client authentication
verification.
|
| ClientDeleteRequest |
Client delete request.
|
| ClientID |
Client identifier.
|
| ClientInformation |
Client information.
|
| ClientInformationResponse |
Client information response.
|
| ClientMetadata |
Client metadata.
|
| ClientReadRequest |
Client read request.
|
| ClientRegistrationErrorResponse |
Client registration error response.
|
| ClientRegistrationRequest |
Client registration request.
|
| ClientRegistrationResponse |
The base abstract for client registration responses.
|
| ClientSecretBasic |
Client secret basic authentication at the Token endpoint.
|
| ClientSecretJWT |
Client secret JWT authentication at the Token endpoint.
|
| ClientSecretPost |
Client secret post authentication at the Token endpoint.
|
| ClientType |
Enumeration of the OAuth 2.0 client types.
|
| ClientUpdateRequest |
Client registration request.
|
| ClientX509CertificateBindingVerifier<T> |
Deprecated.
|
| CodeChallenge |
Authorisation code challenge.
|
| CodeChallengeMethod |
Method that was used to derive an authorisation code challenge.
|
| CodeHash |
Authorisation code hash (c_hash).
|
| CodeVerifier |
Authorisation code verifier.
|
| CollectionUtils |
Collection utilities.
|
| CommonContentTypes |
Deprecated. |
| ContentTypeUtils |
Content type matching.
|
| Context<T> |
Generic context for passing objects.
|
| CountryCode |
Abstract class for country codes.
|
| DateWithTimeZoneOffset |
Date with timezone offset.
|
| DeviceAuthorizationErrorResponse |
OAuth 2.0 device authorization error response.
|
| DeviceAuthorizationGrantError |
OAuth 2.0 Device Authorization Grant specific errors.
|
| DeviceAuthorizationRequest |
Device authorisation request.
|
| DeviceAuthorizationRequest.Builder |
Builder for constructing authorisation requests.
|
| DeviceAuthorizationResponse |
Token endpoint response.
|
| DeviceAuthorizationSuccessResponse |
A device authorization response from the device authorization endpoint.
|
| DeviceCode |
Device code.
|
| DeviceCodeGrant |
Device code grant for the OAuth 2.0 Device Authorization Grant.
|
| Display |
Enumeration of the display types for authentication and consent UIs.
|
| DistributedClaims |
Distributed OpenID claims set.
|
| ErrorObject |
Error object, used to encapsulate OAuth 2.0 and other errors.
|
| ErrorResponse |
Response message indicating an error.
|
| Gender |
|
| GeneralException |
The base class for checked exceptions defined in this SDK.
|
| GrantType |
Authorisation grant type.
|
| HashBasedPairwiseSubjectCodec |
SHA-256 based encoder of pairwise subject identifiers.
|
| HashClaim |
The base class for SHA-2 based claims.
|
| Hint |
Hints intended for the client authentication verifier.
|
| HTTPEndpoint |
HTTP endpoint.
|
| HTTPRequest |
|
| HTTPRequest.Method |
Enumeration of the HTTP methods used in OAuth 2.0 requests.
|
| HTTPResponse |
|
| IDDocumentDescription |
Identity document description.
|
| IDDocumentEvidence |
Identity document used as identity evidence.
|
| IDDocumentType |
Identity document type.
|
| Identifier |
The base class for representing identifiers and identities.
|
| IdentityEvidence |
The base abstract class for identity evidences.
|
| IdentityEvidenceType |
Identity evidence type.
|
| IdentityTrustFramework |
Identity trust framework identifiers.
|
| IdentityVerification |
Identity verification.
|
| IdentityVerificationMethod |
Identity verification method.
|
| IdentityVerifier |
Legal entity that performed an identity verification on behalf of an OpenID
provider.
|
| IDTokenClaimsSet |
ID token claims set, serialisable to a JSON object.
|
| IDTokenClaimsVerifier |
ID token claims verifier.
|
| IDTokenValidator |
Validator of ID tokens issued by an OpenID Provider (OP).
|
| InvalidClientException |
Invalid client exception.
|
| InvalidHashException |
Invalid access token / code hash exception.
|
| InvalidPairwiseSubjectException |
Invalid pairwise subject exception.
|
| ISO3166_1Alpha2CountryCode |
ISO 3166-1 alpha-2 (two-letter) country code.
|
| Issuer |
Issuer identifier.
|
| JARMClaimsVerifier |
JSON Web Token (JWT) encoded authorisation response claims verifier.
|
| JARMUtils |
JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) utilities.
|
| JARMValidator |
Validator of JSON Web Token (JWT) secured authorisation responses (JARM).
|
| JSONArrayUtils |
JSON array helper methods for parsing and typed retrieval of values.
|
| JSONObjectUtils |
JSON object helper methods for parsing and typed retrieval of member values.
|
| JWTAssertionDetails |
JSON Web Token (JWT) bearer assertion details (claims set) for OAuth 2.0
client authentication and authorisation grants.
|
| JWTAssertionDetailsVerifier |
JSON Web Token (JWT) bearer assertion details (claims set) verifier for
OAuth 2.0 client authentication and authorisation grants.
|
| JWTAssertionFactory |
Static JWT bearer assertion factory.
|
| JWTAuthentication |
Base abstract class for JSON Web Token (JWT) based client authentication at
the Token endpoint.
|
| JWTAuthenticationClaimsSet |
JWT client authentication claims set, serialisable to a JSON object and JWT
claims set.
|
| JWTBearerGrant |
JWT bearer grant.
|
| JWTClaimsSetUtils |
JSON Web Token (JWT) claims set utilities.
|
| JWTID |
JSON Web Token (JWT) identifier.
|
| LogoutRequest |
Logout request initiated by an OpenID relying party (RP).
|
| LogoutTokenClaimsSet |
Back-channel logout token claims set, serialisable to a JSON object.
|
| LogoutTokenClaimsVerifier |
ID token claims verifier.
|
| LogoutTokenValidator |
Validator of logout tokens issued by an OpenID Provider (OP).
|
| MapUtils |
Map utilities.
|
| Message |
Marker interface for OAuth 2.0 authorisation framework messages.
|
| MultivaluedMapUtils |
Multi-valued map utilities.
|
| Nonce |
Nonce.
|
| OAuth2Error |
Standard OAuth 2.0 authorisation and token endpoint errors.
|
| OIDCClientInformation |
OpenID Connect client information.
|
| OIDCClientInformationResponse |
OpenID Connect client information response.
|
| OIDCClientMetadata |
OpenID Connect client metadata.
|
| OIDCClientRegistrationRequest |
OpenID Connect client registration request.
|
| OIDCClientRegistrationResponseParser |
Parser of OpenID Connect client registration response messages.
|
| OIDCClientUpdateRequest |
OpenID Connect client registration request.
|
| OIDCError |
OpenID Connect specific errors.
|
| OIDCProviderConfigurationRequest |
OpenID Provider (OP) configuration request.
|
| OIDCProviderEndpointMetadata |
OpenID Provider (OP) endpoint metadata.
|
| OIDCProviderMetadata |
OpenID Provider (OP) metadata.
|
| OIDCResponseTypeValue |
OpenID Connect id_token response type value constant. |
| OIDCScopeValue |
Standard OpenID Connect scope value.
|
| OIDCTokenResponse |
OpenID Connect token response from the Token endpoint.
|
| OIDCTokenResponseParser |
Parser of OpenID Connect token endpoint response messages.
|
| OIDCTokens |
ID token, access token and optional refresh token.
|
| OrderedJSONObject |
Ordered JSON object.
|
| PairwiseSubjectCodec |
Encoder and decoder of pairwise subject identifiers.
|
| ParseException |
Parse exception.
|
| PersonClaims |
|
| PKIClientX509CertificateBindingVerifier<T> |
Client X.509 certificate binding verifier.
|
| PKITLSClientAuthentication |
PKI mutual TLS client authentication at the Token endpoint.
|
| PlainClientSecret |
Base abstract class for plain secret based client authentication at the
Token endpoint.
|
| PrivateKeyJWT |
Private key JWT authentication at the Token endpoint.
|
| Prompt |
Prompts for end-user re-authentication and consent.
|
| Prompt.Type |
Enumeration of the prompt types.
|
| ProtectedResourceRequest |
Base abstract class for protected resource requests using an OAuth 2.0
access token.
|
| PushedAuthorizationErrorResponse |
Pushed authorisation error response.
|
| PushedAuthorizationRequest |
Pushed authorisation request.
|
| PushedAuthorizationResponse |
Pushed authorisation response.
|
| PushedAuthorizationSuccessResponse |
Pushed authorisation success response.
|
| QESEvidence |
Qualified electronic signature (QES) used as identity evidence.
|
| RefreshToken |
Refresh token.
|
| RefreshTokenGrant |
Refresh token grant.
|
| RegistrationError |
OAuth 2.0 client registration errors.
|
| Request |
Request message, serialises to an HTTP request.
|
| RequestObjectPOSTErrorResponse |
Deprecated. |
| RequestObjectPOSTRequest |
Deprecated. |
| RequestObjectPOSTResponse |
Deprecated. |
| RequestObjectPOSTSuccessResponse |
Deprecated. |
| ResolveException |
Resolve exception.
|
| ResourceOwnerPasswordCredentialsGrant |
Resource owner password credentials grant.
|
| ResourceUtils |
Resource server URI utilities.
|
| Response |
Response message, serialises to an HTTP response.
|
| ResponseMode |
Authorisation response mode.
|
| ResponseType |
Authorisation response type.
|
| ResponseType.Value |
Authorisation response type value.
|
| Role |
Enumeration of the OAuth 2.0 roles.
|
| SAML2AssertionDetails |
SAML 2.0 bearer assertion details for OAuth 2.0 client authentication and
authorisation grants.
|
| SAML2AssertionDetailsVerifier |
SAML 2.0 bearer assertion details verifier for OAuth 2.0 client
authentication and authorisation grants.
|
| SAML2AssertionFactory |
Static SAML 2.0 bearer assertion factory.
|
| SAML2AssertionValidator |
SAML 2.0 assertion validator.
|
| SAML2BearerGrant |
SAML 2.0 bearer grant.
|
| Scope |
Authorisation scope.
|
| Scope.Value |
Authorisation scope value.
|
| Scope.Value.Requirement |
Enumeration of the scope value requirements for
application-specific authorisation requests.
|
| Secret |
Secret.
|
| SecretKeyDerivation |
Derives an AES secret key from a client secret.
|
| SectorID |
Sector identifier.
|
| SectorIDURIValidator |
Sector identifier URI validator.
|
| SelfSignedTLSClientAuthentication |
Self-signed certificate mutual TLS client authentication at the Token
endpoint.
|
| SerializeException |
Serialization exception (unchecked).
|
| ServletUtils |
HTTP servlet utilities.
|
| SessionID |
Session identifier.
|
| SimpleDate |
Simple date.
|
| SIVAESBasedPairwiseSubjectCodec |
SIV AES - based encoder / decoder of pairwise subject identifiers.
|
| SoftwareID |
Identifier for an OAuth 2.0 client software.
|
| SoftwareVersion |
Version identifier for an OAuth 2.0 client software.
|
| State |
Opaque value used to maintain state between a request and a callback.
|
| StateHash |
State hash (s_hash).
|
| StateValidator |
State validator, using the optional s_hash ID token claim.
|
| StringUtils |
String utilities.
|
| Subject |
Subject (user) identifier.
|
| SubjectType |
Enumeration of the subject identifier types.
|
| SuccessResponse |
Response message indicating success.
|
| TLSClientAuthentication |
The base abstract class for mutual TLS client authentication at the Token
endpoint.
|
| TLSUtils |
TLS / SSL utilities.
|
| TLSVersion |
TLS version.
|
| Token |
The base abstract class for access and refresh tokens.
|
| TokenEncoding |
Enumeration of the possible token encodings.
|
| TokenErrorResponse |
OAuth 2.0 Token error response.
|
| TokenIntrospectionErrorResponse |
Token introspection error response.
|
| TokenIntrospectionRequest |
Token introspection request.
|
| TokenIntrospectionResponse |
Token introspection response.
|
| TokenIntrospectionSuccessResponse |
Token introspection success response.
|
| TokenIntrospectionSuccessResponse.Builder |
Builder for constructing token introspection success responses.
|
| TokenRequest |
Token request.
|
| TokenResponse |
Token endpoint response.
|
| TokenRevocationRequest |
Token revocation request.
|
| Tokens |
Access and optional refresh token.
|
| TXN |
Transaction identifier.
|
| TypelessAccessToken |
Typeless access token, cannot be serialised.
|
| URIUtils |
URI operations.
|
| URLUtils |
URL operations.
|
| UserCode |
User code.
|
| UserInfo |
UserInfo claims set, serialisable to a JSON object.
|
| UserInfoErrorResponse |
UserInfo error response.
|
| UserInfoRequest |
UserInfo request.
|
| UserInfoResponse |
The base abstract class for UserInfo success and error responses.
|
| UserInfoSuccessResponse |
UserInfo success response.
|
| UtilityBillEvidence |
Utility bill used as identity evidence.
|
| VerifiedClaimsSet |
Verified claims set.
|
| X509CertificateConfirmation |
X.509 certificate SHA-256 confirmation.
|
| X509CertificateUtils |
X.509 certificate utilities.
|