Examples of com.nimbusds.oauth2.sdk.ResponseType

com.nimbusds.oauth2.sdk.auth.Secret
Authorisation response type. Can be single-valued or multiple-valued.
The following helper methods can be used to find out the OAuth 2.0 protocol flow that a particular response type implies:
- {@link #impliesImplicitFlow}
- {@link #impliesCodeFlow}
Example response type implying an authorisation code flow:
```
 ResponseType() rt = new ResponseType(); rt.add(ResponseType.Value.CODE); 
```
Example response type from OpenID Connect specifying an ID token and an access token (implies implicit flow):
```
 ResponseType() rt = new ResponseType(); rt.add(OIDCResponseTypeValue.ID_TOKEN); rt.add(ResponseType.Value.TOKEN); 
```
Related specifications:
- OAuth 2.0 (RFC 6749), sections 3.1.1 and 4.1.1.
- OAuth 2.0 Multiple Response Type Encoding Practices.

    if (redirectURI == null)
      throw new ParseException("Missing \"redirect_uri\" parameter", 
                         OAuth2Error.INVALID_REQUEST, clientID, null, state);




    ResponseType rt = ar.getResponseType();
    
    try {
      OIDCResponseTypeValidator.validate(rt);
      
    } catch (IllegalArgumentException e) {
      
      throw new ParseException("Unsupported \"response_type\" parameter: " + e.getMessage(), 
                   OAuth2Error.UNSUPPORTED_RESPONSE_TYPE, 
                   clientID, redirectURI, state);
    }
    
    // Required in OIDC, must include "openid" parameter
    Scope scope = ar.getScope();


    if (scope == null)
      throw new ParseException("Missing \"scope\" parameter", 
                         OAuth2Error.INVALID_REQUEST, 
                   clientID, redirectURI, state);


    if (! scope.contains(OIDCScopeValue.OPENID))
      throw new ParseException("The scope must include an \"openid\" token",
                         OAuth2Error.INVALID_REQUEST, 
                   clientID, redirectURI, state);








    // Parse the remaining OIDC parameters
    Nonce nonce = Nonce.parse(params.get("nonce"));
    
    // Nonce required in implicit flow
    if (rt.impliesImplicitFlow() && nonce == null)
      throw new ParseException("Missing \"nonce\" parameter: Required in implicit flow",
                         OAuth2Error.INVALID_REQUEST,
                         clientID, redirectURI, state);
    
    Display display;

View Full Code Here

  @Override
  public void applyTo(final HTTPRequest httpRequest)
    throws SerializeException {
  
    if (httpRequest.getMethod() != HTTPRequest.Method.POST)
      throw new SerializeException("The HTTP request method must be POST");
    
    ContentType ct = httpRequest.getContentType();
    
    if (ct == null)
      throw new SerializeException("Missing HTTP Content-Type header");
    
    if (! ct.match(CommonContentTypes.APPLICATION_URLENCODED))
      throw new SerializeException("The HTTP Content-Type header must be " + CommonContentTypes.APPLICATION_URLENCODED);
    
    Map <String,String> params = httpRequest.getQueryParameters();
    
    params.putAll(toParameters());

View Full Code Here

    try {
      params.put("client_assertion", clientAssertion.serialize());
    
    } catch (IllegalStateException e) {
    
      throw new SerializeException("Couldn't serialize JWT to a client assertion string: " + e.getMessage(), e);
    }  
    
    params.put("client_assertion_type", CLIENT_ASSERTION_TYPE);
    
    return params;

View Full Code Here

  @Override
  public void applyTo(final HTTPRequest httpRequest)
    throws SerializeException {
    
    if (httpRequest.getMethod() != HTTPRequest.Method.POST)
      throw new SerializeException("The HTTP request method must be POST");
    
    ContentType ct = httpRequest.getContentType();
    
    if (ct == null)
      throw new SerializeException("Missing HTTP Content-Type header");
    
    if (! ct.match(CommonContentTypes.APPLICATION_URLENCODED))
      throw new SerializeException("The HTTP Content-Type header must be " + CommonContentTypes.APPLICATION_URLENCODED);
    
    Map <String,String> params = httpRequest.getQueryParameters();
    
    params.putAll(toParameters());

View Full Code Here


    httpRequest.ensureMethod(HTTPRequest.Method.POST);
    httpRequest.ensureContentType(CommonContentTypes.APPLICATION_URLENCODED);


    // Parse client authentication, if any
    ClientAuthentication clientAuth = ClientAuthentication.parse(httpRequest);


    // No fragment! May use query component!
    Map<String,String> params = httpRequest.getQueryParameters();


    // Parse grant

View Full Code Here

  public void testWithAccessTokenAndClientAuth()
    throws Exception {


    URI endpointURI = new URI("https://c2id.com/token/revoke");
    Token token = new BearerAccessToken();
    ClientAuthentication clientAuth = new ClientSecretBasic(new ClientID("123"), new Secret("secret"));


    TokenRevocationRequest request = new TokenRevocationRequest(endpointURI, clientAuth, token);
    assertEquals(endpointURI, request.getEndpointURI());
    assertEquals(clientAuth, request.getClientAuthentication());
    assertEquals(token, request.getToken());

View Full Code Here

  public void testWithRefreshTokenAndClientAuth()
    throws Exception {


    URI endpointURI = new URI("https://c2id.com/token/revoke");
    Token token = new RefreshToken();
    ClientAuthentication clientAuth = new ClientSecretBasic(new ClientID("123"), new Secret("secret"));


    TokenRevocationRequest request = new TokenRevocationRequest(endpointURI, clientAuth, token);
    assertEquals(endpointURI, request.getEndpointURI());
    assertEquals(clientAuth, request.getClientAuthentication());
    assertEquals(token, request.getToken());

View Full Code Here

  public void testWithAccessTokenAndClientAuth()
    throws Exception {


    URI endpointURI = new URI("https://c2id.com/token/revoke");
    Token token = new BearerAccessToken();
    ClientAuthentication clientAuth = new ClientSecretBasic(new ClientID("123"), new Secret("secret"));


    TokenRevocationRequest request = new TokenRevocationRequest(endpointURI, clientAuth, token);
    assertEquals(endpointURI, request.getEndpointURI());
    assertEquals(clientAuth, request.getClientAuthentication());
    assertEquals(token, request.getToken());


    HTTPRequest httpRequest = request.toHTTPRequest();
    assertEquals(HTTPRequest.Method.POST, httpRequest.getMethod());
    assertEquals(endpointURI.toURL().toString(), httpRequest.getURL().toString());
    assertEquals(CommonContentTypes.APPLICATION_URLENCODED, httpRequest.getContentType());


    assertEquals(token.getValue(), httpRequest.getQueryParameters().get("token"));
    assertEquals("access_token", httpRequest.getQueryParameters().get("token_type_hint"));
    assertEquals(2, httpRequest.getQueryParameters().size());


    ClientSecretBasic basicAuth = ClientSecretBasic.parse(httpRequest.getAuthorization());
    assertEquals("123", basicAuth.getClientID().getValue());
    assertEquals("secret", basicAuth.getClientSecret().getValue());
  }

View Full Code Here

  public void testWithRefreshTokenAndClientAuth()
    throws Exception {


    URI endpointURI = new URI("https://c2id.com/token/revoke");
    Token token = new RefreshToken();
    ClientAuthentication clientAuth = new ClientSecretBasic(new ClientID("123"), new Secret("secret"));


    TokenRevocationRequest request = new TokenRevocationRequest(endpointURI, clientAuth, token);
    assertEquals(endpointURI, request.getEndpointURI());
    assertEquals(clientAuth, request.getClientAuthentication());
    assertEquals(token, request.getToken());


    HTTPRequest httpRequest = request.toHTTPRequest();
    assertEquals(HTTPRequest.Method.POST, httpRequest.getMethod());
    assertEquals(endpointURI.toURL().toString(), httpRequest.getURL().toString());
    assertEquals(CommonContentTypes.APPLICATION_URLENCODED, httpRequest.getContentType());


    assertEquals(token.getValue(), httpRequest.getQueryParameters().get("token"));
    assertEquals("refresh_token", httpRequest.getQueryParameters().get("token_type_hint"));
    assertEquals(2, httpRequest.getQueryParameters().size());


    ClientSecretBasic basicAuth = ClientSecretBasic.parse(httpRequest.getAuthorization());
    assertEquals("123", basicAuth.getClientID().getValue());
    assertEquals("secret", basicAuth.getClientSecret().getValue());
  }

View Full Code Here

  public void testWithAccessTokenAndClientAuth()
    throws Exception {


    URI endpointURI = new URI("https://c2id.com/token/revoke");
    Token token = new BearerAccessToken();
    ClientAuthentication clientAuth = new ClientSecretBasic(new ClientID("123"), new Secret("secret"));


    TokenRevocationRequest request = new TokenRevocationRequest(endpointURI, clientAuth, token);
    assertEquals(endpointURI, request.getEndpointURI());
    assertEquals(clientAuth, request.getClientAuthentication());
    assertEquals(token, request.getToken());

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of com.nimbusds.oauth2.sdk.ResponseType

com.nimbusds.jose.crypto.MACSigner

com.nimbusds.jose.JWSHeader

com.nimbusds.jose.util.Base64URL

com.nimbusds.jwt.JWT

com.nimbusds.jwt.JWTClaimsSet

com.nimbusds.jwt.PlainJWT

com.nimbusds.jwt.SignedJWT

com.nimbusds.oauth2.sdk.AccessTokenResponseTest

com.nimbusds.oauth2.sdk.auth.ClientAuthentication

com.nimbusds.oauth2.sdk.auth.ClientAuthenticationMethod

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.