All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.nimbusds.oauth2.sdk.auth.ClientAuthenticationMethod Maven / Gradle / Ivy

Go to download

OAuth 2.0 SDK with OpenID Connection extensions for developing client and server applications.

There is a newer version: 11.19.1
Show newest version
package com.nimbusds.oauth2.sdk.auth;


import net.jcip.annotations.Immutable;

import com.nimbusds.oauth2.sdk.id.Identifier;


/**
 * Client authentication method at the Token endpoint.
 *
 * 

Constants are provided for four client authentication methods: * *

    *
  • {@link #CLIENT_SECRET_BASIC} (default) *
  • {@link #CLIENT_SECRET_POST} *
  • {@link #CLIENT_SECRET_JWT} *
  • {@link #PRIVATE_KEY_JWT} *
  • {@link #NONE} *
* *

Use the constructor to define a custom client authentication method. * *

Related specifications: * *

    *
  • OAuth 2.0 (RFC 6749), section 2.3. *
  • OAuth 2.0 Dynamic Client Registration Protocol * (draft-ietf-oauth-dyn-reg-20), section 2. *
*/ @Immutable public final class ClientAuthenticationMethod extends Identifier { /** * Clients that have received a client secret from the authorisation * server authenticate with the authorisation server in accordance with * section 3.2.1 of OAuth 2.0 using HTTP Basic authentication. This is * the default if no method has been registered for the client. */ public static final ClientAuthenticationMethod CLIENT_SECRET_BASIC = new ClientAuthenticationMethod("client_secret_basic"); /** * Clients that have received a client secret from the authorisation * server authenticate with the authorisation server in accordance with * section 3.2.1 of OAuth 2.0 by including the client credentials in * the request body. */ public static final ClientAuthenticationMethod CLIENT_SECRET_POST = new ClientAuthenticationMethod("client_secret_post"); /** * Clients that have received a client secret from the authorisation * server, create a JWT using an HMAC SHA algorithm, such as HMAC * SHA-256. The HMAC (Hash-based Message Authentication Code) is * calculated using the value of client secret as the shared key. The * client authenticates in accordance with section 2.2 of (JWT) Bearer * Token Profiles and OAuth 2.0 Assertion Profile. */ public static final ClientAuthenticationMethod CLIENT_SECRET_JWT = new ClientAuthenticationMethod("client_secret_jwt"); /** * Clients that have registered a public key sign a JWT using the RSA * algorithm if a RSA key was registered or the ECDSA algorithm if an * Elliptic Curve key was registered (see JWA for the algorithm * identifiers). The client authenticates in accordance with section * 2.2 of (JWT) Bearer Token Profiles and OAuth 2.0 Assertion Profile. */ public static final ClientAuthenticationMethod PRIVATE_KEY_JWT = new ClientAuthenticationMethod("private_key_jwt"); /** * The client is a public client as defined in OAuth 2.0 and does not * have a client secret. */ public static final ClientAuthenticationMethod NONE = new ClientAuthenticationMethod("none"); /** * Gets the default client authentication method. * * @return {@link #CLIENT_SECRET_BASIC} */ public static ClientAuthenticationMethod getDefault() { return CLIENT_SECRET_BASIC; } /** * Creates a new client authentication method with the specified value. * * @param value The authentication method value. Must not be * {@code null} or empty string. */ public ClientAuthenticationMethod(final String value) { super(value); } /** * Parses a client authentication method from the specified value. * * @param value The authentication method value. Must not be * {@code null} or empty string. * * @return The client authentication method. */ public static ClientAuthenticationMethod parse(final String value) { if (value.equals(CLIENT_SECRET_BASIC.getValue())) { return CLIENT_SECRET_BASIC; } else if (value.equals(CLIENT_SECRET_POST.getValue())) { return CLIENT_SECRET_POST; } else if (value.equals(CLIENT_SECRET_JWT.getValue())) { return CLIENT_SECRET_JWT; } else if (value.equals(PRIVATE_KEY_JWT.getValue())) { return PRIVATE_KEY_JWT; } else if (value.equals(NONE.getValue())) { return NONE; } else { return new ClientAuthenticationMethod(value); } } @Override public boolean equals(final Object object) { return object instanceof ClientAuthenticationMethod && this.toString().equals(object.toString()); } }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy