com.authlete.common.dto.BackchannelAuthenticationRequest Maven / Gradle / Ivy
Show all versions of authlete-java-common Show documentation
/*
* Copyright (C) 2018-2024 Authlete, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.authlete.common.dto;
import java.io.Serializable;
import java.util.Map;
import com.authlete.common.web.URLCoder;
/**
* Request to Authlete's {@code /api/backchannel/authentication} API.
*
*
* When the implementation of the backchannel authentication endpoint of the
* authorization server receives a backchannel authentication request from a
* client application, the first step is to call Authlete's {@code
* /api/backchannel/authentication} API. The API will parse the backchannel
* authentication request on behalf of the implementation of the backchannel
* authentication endpoint.
*
*
*
*
*
* parameters
(REQUIRED)
* -
*
* Parameters of a backchannel authentication request which are the
* request parameters that the backchannel authentication endpoint of
* the OpenID provider implementation received from the client application.
*
*
* The value of {@code "parameters"} is the entire entity body (which
* is formatted in {@code application/x-www-form-urlencoded}) of the
* request from the client application.
*
*
*
* clientId
(OPTIONAL)
* -
*
* The client ID extracted from {@code Authorization} header of the
* backchannel authentication request from the client application.
*
*
* If the backchannel authentication endpoint of the OpenID provider
* implementation supports Basic Authentication as a means of client
* authentication, and the request from the client application contained
* its client ID in {@code Authorization} header, the value should be
* extracted and set to this parameter.
*
*
*
* clientSecret
(OPTIONAL)
* -
*
* The client secret extracted from {@code Authorization} header of the
* backchannel authentication request from the client application.
*
*
* If the backchannel authentication endpoint of the OpenID provider
* implementation supports Basic Authentication as a means of client
* authentication, and the request from the client application contained
* its client secret in {@code Authorization} header, the value should be
* extracted and set to this parameter.
*
*
*
* clientCertificate
(OPTIONAL)
* -
*
* The client certification used in the TLS connection between the client
* application and the backchannel authentication endpoint of the OpenID
* provider.
*
*
*
* clientCertificatePath
(OPTIONAL)
* -
*
* The client certificate path presented by the client during client
* authentication. Each element is a string in PEM format.
*
*
*
* oauthClientAttestation
(OPTIONAL; Authlete 3.0 onwards)
* -
*
* The value of the {@code OAuth-Client-Attestation} HTTP header, which is
* defined in the specification of OAuth 2.0 Attestation-Based Client Authentication.
*
*
*
* oauthClientAttestationPop
(OPTIONAL; Authlete 3.0 onwards)
* -
*
* The value of the {@code OAuth-Client-Attestation-PoP} HTTP header, which is
* defined in the specification of OAuth 2.0 Attestation-Based Client Authentication.
*
*
*
*
*
*
* @since 2.32
*/
public class BackchannelAuthenticationRequest implements Serializable
{
private static final long serialVersionUID = 2L;
/**
* Request parameters of a backchannel authentication request.
*/
private String parameters;
/**
* Client ID extracted from Authorization header.
*/
private String clientId;
/**
* Client secret extracted from Authorization header.
*/
private String clientSecret;
/**
* Client certificate.
*/
private String clientCertificate;
/**
* Client certificate path.
*/
private String[] clientCertificatePath;
/**
* The value of the {@code OAuth-Client-Attestation} HTTP header.
*
* @since 4.3
* @since Authlete 3.0
*
* @see OAuth 2.0 Attestation-Based Client Authentication
*/
private String oauthClientAttestation;
/**
* The value of the {@code OAuth-Client-Attestation-PoP} HTTP header.
*
* @since 4.3
* @since Authlete 3.0
*
* @see OAuth 2.0 Attestation-Based Client Authentication
*/
private String oauthClientAttestationPop;
/**
* Get the value of {@code parameters} which are the request parameters
* that the backchannel authentication endpoint of the OpenID provider
* implementation received from the client application.
*
* @return
* Request parameters in {@code application/x-www-form-urlencoded}
* format.
*/
public String getParameters()
{
return parameters;
}
/**
* Set the value of {@code parameters} which are the request parameters
* that the backchannel authentication endpoint of the OpenID provider
* implementation received from the client application.
*
* @param parameters
* Request parameters in {@code application/x-www-form-urlencoded}
* format.
*
* @return
* {@code this} object.
*/
public BackchannelAuthenticationRequest setParameters(String parameters)
{
this.parameters = parameters;
return this;
}
/**
* Set the value of {@code parameters} which are the request parameters
* that the backchannel authentication endpoint of the OpenID provider
* implementation received from the client application.
*
*
* This method converts the given map into a string in
* {@code application/x-www-form-urlencoded} and passes it to
* {@link #setParameters(String)} method.
*
*
* @param parameters
* Request parameters.
*
* @return
* {@code this} object.
*/
public BackchannelAuthenticationRequest setParameters(Map parameters)
{
return setParameters(URLCoder.formUrlEncode(parameters));
}
/**
* Get the client ID extracted from {@code Authorization} header of the
* backchannel authentication request from the client application.
*
* @return
* The client ID.
*/
public String getClientId()
{
return clientId;
}
/**
* Set the client ID extracted from {@code Authorization} header of the
* backchannel authentication request from the client application.
*
* @param clientId
* The client ID.
*
* @return
* {@code this} object.
*/
public BackchannelAuthenticationRequest setClientId(String clientId)
{
this.clientId = clientId;
return this;
}
/**
* Get the client secret extracted from {@code Authorization} header of
* the backchannel authentication request from the client application.
*
* @return
* The client secret.
*/
public String getClientSecret()
{
return clientSecret;
}
/**
* Set the client secret extracted from {@code Authorization} header of
* the backchannel authentication request from the client application.
*
* @param clientSecret
* The client secret.
*
* @return
* {@code this} object.
*/
public BackchannelAuthenticationRequest setClientSecret(String clientSecret)
{
this.clientSecret = clientSecret;
return this;
}
/**
* Get the client certificate used in the TLS connection between the
* client application and the backchannel authentication endpoint of the
* OpenID provider.
*
* @return
* The client certificate.
*/
public String getClientCertificate()
{
return clientCertificate;
}
/**
* Set the client certificate used in the TLS connection between the
* client application and the backchannel authentication endpoint of the
* OpenID provider.
*
* @param certificate
* The client certificate
*
* @return
* {@code this} object.
*/
public BackchannelAuthenticationRequest setClientCertificate(String certificate)
{
this.clientCertificate = certificate;
return this;
}
/**
* Get the client certificate path presented by the client during client
* authentication.
*
* @return
* The client certificate path. Each element is a string in PEM
* format.
*/
public String[] getClientCertificatePath()
{
return clientCertificatePath;
}
/**
* Set the client certificate path presented by the client during client
* authentication.
*
* @param path
* The client certificate path.
*
* @return
* {@code this} object.
*/
public BackchannelAuthenticationRequest setClientCertificatePath(String[] path)
{
this.clientCertificatePath = path;
return this;
}
/**
* Get the value of the {@code OAuth-Client-Attestation} HTTP header.
*
* @return
* The value of the {@code OAuth-Client-Attestation} HTTP header.
*
* @since 4.3
* @since Authlete 3.0
*
* @see OAuth 2.0 Attestation-Based Client Authentication
*/
public String getOauthClientAttestation()
{
return oauthClientAttestation;
}
/**
* Set the value of the {@code OAuth-Client-Attestation} HTTP header.
*
* @param jwt
* The value of the {@code OAuth-Client-Attestation} HTTP header.
*
* @return
* {@code this} object.
*
* @since 4.3
* @since Authlete 3.0
*
* @see OAuth 2.0 Attestation-Based Client Authentication
*/
public BackchannelAuthenticationRequest setOauthClientAttestation(String jwt)
{
this.oauthClientAttestation = jwt;
return this;
}
/**
* Get the value of the {@code OAuth-Client-Attestation-PoP} HTTP header.
*
* @return
* The value of the {@code OAuth-Client-Attestation-PoP} HTTP header.
*
* @since 4.3
* @since Authlete 3.0
*
* @see OAuth 2.0 Attestation-Based Client Authentication
*/
public String getOauthClientAttestationPop()
{
return oauthClientAttestationPop;
}
/**
* Set the value of the {@code OAuth-Client-Attestation-PoP} HTTP header.
*
* @param jwt
* The value of the {@code OAuth-Client-Attestation-PoP} HTTP header.
*
* @return
* {@code this} object.
*
* @since 4.3
* @since Authlete 3.0
*
* @see OAuth 2.0 Attestation-Based Client Authentication
*/
public BackchannelAuthenticationRequest setOauthClientAttestationPop(String jwt)
{
this.oauthClientAttestationPop = jwt;
return this;
}
}