Examples of com.nimbusds.openid.connect.sdk.claims.ACR

• com.nimbusds.openid.connect.sdk.claims.ACR
  Authentication Context Class Reference ( {@code acr}). It identifies the authentication context, i.e. the information that the relying party may require before it makes an entitlements decision with respect to an authentication response. Such context may include, but is not limited to, the actual authentication method used or level of assurance such as ITU-T X.1254 | ISO/IEC 29115 entity authentication assurance level.

  The ACR is represented by a string or an URI string.

  Related specifications:

  • OpenID Connect Core 1.0, section 2.
  • RFC 6711
  • See ISO/IEC DIS 29115

    assertTrue(rts.contains(rt4));

    assertEquals(4, rts.size());

    List<ACR> acrValues = op.getACRs();
    assertTrue(acrValues.contains(new ACR("urn:mace:incommon:iap:silver")));
    assertTrue(acrValues.contains(new ACR("urn:mace:incommon:iap:bronze")));
    assertEquals(2, acrValues.size());

    List<SubjectType> subjectTypes = op.getSubjectTypes();
    assertTrue(subjectTypes.contains(SubjectType.PUBLIC));
    assertTrue(subjectTypes.contains(SubjectType.PAIRWISE));

    assertTrue(meta.getGrantTypes().contains(GrantType.AUTHORIZATION_CODE));
    assertTrue(meta.getGrantTypes().contains(GrantType.REFRESH_TOKEN));
    assertEquals(2, meta.getGrantTypes().size());

    List<ACR> acrList = new LinkedList<>();
    acrList.add(new ACR("1"));
    meta.setACRs(acrList);
    assertEquals("1", meta.getACRs().get(0).getValue());

    List<ClientAuthenticationMethod> authMethods = new LinkedList<>();
    authMethods.add(ClientAuthenticationMethod.CLIENT_SECRET_BASIC);

  public void testConstructAndGet() {

    List<ACR> essentialACRs = new ArrayList<>();
    essentialACRs.add(new ACR("1"));

    List<ACR> voluntaryACRs = new ArrayList<>();
    voluntaryACRs.add(new ACR("2"));

    ACRRequest req = new ACRRequest(essentialACRs, voluntaryACRs);

    assertEquals(essentialACRs, req.getEssentialACRs());
    assertEquals(voluntaryACRs, req.getVoluntaryACRs());

  public void testResolveTopLevelACRRequest()
    throws Exception {

    List<ACR> acrValues = new ArrayList<>();
    acrValues.add(new ACR("1"));
    acrValues.add(new ACR("2"));

    AuthenticationRequest authRequest = new AuthenticationRequest.Builder(
      new ResponseType("code"),
      new Scope("openid", "profile"),
      new ClientID("123"),
      new URI("https://example.com/in")).
      acrValues(acrValues).
      build();

    ACRRequest acrRequest = ACRRequest.resolve(authRequest);

    assertNull(acrRequest.getEssentialACRs());

    List<ACR> voluntaryACRs = acrRequest.getVoluntaryACRs();

    assertTrue(voluntaryACRs.contains(new ACR("1")));
    assertTrue(voluntaryACRs.contains(new ACR("2")));

    assertEquals(2, voluntaryACRs.size());

    assertFalse(acrRequest.isEmpty());
  }

      claims(claims).
      build();

    ACRRequest acrRequest = ACRRequest.resolve(authRequest);

    assertTrue(acrRequest.getEssentialACRs().contains(new ACR("A")));
    assertTrue(acrRequest.getEssentialACRs().contains(new ACR("B")));
    assertEquals(2, acrRequest.getEssentialACRs().size());

    assertNull(acrRequest.getVoluntaryACRs());

    assertFalse(acrRequest.isEmpty());

    ACRRequest acrRequest = ACRRequest.resolve(authRequest);

    assertNull(acrRequest.getEssentialACRs());

    assertTrue(acrRequest.getVoluntaryACRs().contains(new ACR("A")));
    assertTrue(acrRequest.getVoluntaryACRs().contains(new ACR("B")));
    assertEquals(2, acrRequest.getVoluntaryACRs().size());

    assertFalse(acrRequest.isEmpty());
  }

  public void testResolveMixedACRRequest()
    throws Exception {

    List<ACR> acrValues = new ArrayList<>();
    acrValues.add(new ACR("1"));
    acrValues.add(new ACR("2"));

    ClaimsRequest claims = new ClaimsRequest();

    List<String> essentialACRs = new ArrayList<>();
    essentialACRs.add("A");
    essentialACRs.add("B");
    claims.addIDTokenClaim("acr", ClaimRequirement.ESSENTIAL, null, essentialACRs);

    AuthenticationRequest authRequest = new AuthenticationRequest.Builder(
      new ResponseType("code"),
      new Scope("openid", "profile"),
      new ClientID("123"),
      new URI("https://example.com/in")).
      acrValues(acrValues).
      claims(claims).
      build();

    ACRRequest acrRequest = ACRRequest.resolve(authRequest);

    assertTrue(acrRequest.getEssentialACRs().contains(new ACR("A")));
    assertTrue(acrRequest.getEssentialACRs().contains(new ACR("B")));
    assertEquals(2, acrRequest.getEssentialACRs().size());

    assertTrue(acrRequest.getVoluntaryACRs().contains(new ACR("1")));
    assertTrue(acrRequest.getVoluntaryACRs().contains(new ACR("2")));
    assertEquals(2, acrRequest.getVoluntaryACRs().size());

    assertFalse(acrRequest.isEmpty());
  }

    meta.requiresAuthTime(true);
    assertTrue(meta.requiresAuthTime());

    assertNull(meta.getDefaultACRs());
    List<ACR> acrList = new LinkedList<>();
    acrList.add(new ACR("1"));
    meta.setDefaultACRs(acrList);
    assertEquals("1", meta.getDefaultACRs().get(0).toString());

    assertNull(meta.getInitiateLoginURI());
    meta.setInitiateLoginURI(new URI("http://do-login.com"));

      op.acrValues = new ArrayList<>();

      for (String v: JSONObjectUtils.getStringArray(jsonObject, "acr_values_supported")) {

        if (v != null)
          op.acrValues.add(new ACR(v));
      }
    }

    if (jsonObject.containsKey("token_endpoint_auth_methods_supported")) {

        if (claimEntry.getClaimRequirement().equals(ClaimRequirement.ESSENTIAL)) {

          essentialACRs = new ArrayList<>();

          if (claimEntry.getValue() != null)
            essentialACRs.add(new ACR(claimEntry.getValue()));

          if (claimEntry.getValues() != null) {

            for (String v: claimEntry.getValues())
              essentialACRs.add(new ACR(v));
          }

        } else {
          voluntaryACRs = new ArrayList<>();

          if (claimEntry.getValue() != null)
            voluntaryACRs.add(new ACR(claimEntry.getValue()));

          if (claimEntry.getValues() != null) {

            for (String v: claimEntry.getValues())
              voluntaryACRs.add(new ACR(v));
          }
        }
      }
    }