Package org.springframework.security.oauth2.server.authorization.oidc

Class OidcClientMetadataClaimNames

java.lang.Object
org.springframework.security.oauth2.server.authorization.oidc.OidcClientMetadataClaimNames
public final class OidcClientMetadataClaimNames extends Object
The names of the "claims" defined by OpenID Connect Dynamic Client Registration 1.0 that are contained in the OpenID Client Registration Request and Response.
Since:
0.1.1
See Also:

  • Field Details

    • CLIENT_ID

      public static final String CLIENT_ID
      client_id - the Client Identifier
      See Also:

    • CLIENT_ID_ISSUED_AT

      public static final String CLIENT_ID_ISSUED_AT
      client_id_issued_at - the time at which the Client Identifier was issued
      See Also:

    • CLIENT_SECRET

      public static final String CLIENT_SECRET
      client_secret - the Client Secret
      See Also:

    • CLIENT_SECRET_EXPIRES_AT

      public static final String CLIENT_SECRET_EXPIRES_AT
      client_secret_expires_at - the time at which the client_secret will expire or 0 if it will not expire
      See Also:

    • CLIENT_NAME

      public static final String CLIENT_NAME
      client_name - the name of the Client to be presented to the End-User
      See Also:

    • REDIRECT_URIS

      public static final String REDIRECT_URIS
      redirect_uris - the redirection URI values used by the Client
      See Also:

    • POST_LOGOUT_REDIRECT_URIS

      public static final String POST_LOGOUT_REDIRECT_URIS
      post_logout_redirect_uris - the post logout redirection URI values used by the Client. The post_logout_redirect_uri parameter is used by the client when requesting that the End-User's User Agent be redirected to after a logout has been performed.
      Since:
      1.1
      See Also:

    • TOKEN_ENDPOINT_AUTH_METHOD

      public static final String TOKEN_ENDPOINT_AUTH_METHOD
      token_endpoint_auth_method - the authentication method used by the Client for the Token Endpoint
      See Also:

    • TOKEN_ENDPOINT_AUTH_SIGNING_ALG

      public static final String TOKEN_ENDPOINT_AUTH_SIGNING_ALG
      token_endpoint_auth_signing_alg - the JWS algorithm that must be used for signing the JWT used to authenticate the Client at the Token Endpoint for the private_key_jwt and client_secret_jwt authentication methods
      Since:
      0.2.2
      See Also:

    • GRANT_TYPES

      public static final String GRANT_TYPES
      grant_types - the OAuth 2.0 grant_type values that the Client will restrict itself to using
      See Also:

    • RESPONSE_TYPES

      public static final String RESPONSE_TYPES
      response_types - the OAuth 2.0 response_type values that the Client will restrict itself to using
      See Also:

    • SCOPE

      public static final String SCOPE
      scope - a space-separated list of OAuth 2.0 scope values that the Client will restrict itself to using
      See Also:

    • JWKS_URI

      public static final String JWKS_URI
      jwks_uri - the URL for the Client's JSON Web Key Set
      Since:
      0.2.2
      See Also:

    • ID_TOKEN_SIGNED_RESPONSE_ALG

      public static final String ID_TOKEN_SIGNED_RESPONSE_ALG
      id_token_signed_response_alg - the JWS algorithm required for signing the ID Token issued to the Client
      See Also:

    • REGISTRATION_ACCESS_TOKEN

      public static final String REGISTRATION_ACCESS_TOKEN
      registration_access_token - the Registration Access Token that can be used at the Client Configuration Endpoint
      Since:
      0.2.1
      See Also:

    • REGISTRATION_CLIENT_URI

      public static final String REGISTRATION_CLIENT_URI
      registration_client_uri - the URL of the Client Configuration Endpoint where the Registration Access Token can be used
      Since:
      0.2.1
      See Also: