Package com.ibm.websphere.security.openidconnect.token

Interface IdToken

public interface IdToken

Method Summary

Modifier and Type	Method	Description
String	getAccessToken()	Get the access token
String	getAccessTokenHash()	returns the Hash code of access token This is optional (claim at_hash)
Map<String,Object>	getAllClaims()	get all the claims in the payload of Id Token
String	getAllClaimsAsJson()
List<String>	getAudience()	returns the audience(s) This is required Case sensitive (claim aud)
long	getAuthorizationTimeSeconds()	returns The authorization time of the Id Token This is not required (key-id auth_time)
String	getAuthorizedParty()	Authorized Party This is optional Case sensitive (claim azp)
Object	getClaim(String key)	Using the key to get its value
String	getClassReference()	returns Authentication Context Class Reference This is optional (claim acr)
String	getClientId()	returns the client Id This is not required (key-id azp2)
long	getExpirationTimeSeconds()	return the expiration time of the Id Token The time is represented as the number of seconds from 1970-01-01T0:0:0:0Z This is required (claim exp)
long	getIssuedAtTimeSeconds()	returns the issued time of Id Token This is required (claim iat)
String	getIssuer()	returns Issuer Identifier for the Issuer of the Response This is required Case sensitive (claim iss)
String	getJwtId()	Returns the JWT ID of the IdToken This is not required.
List<String>	getMethodsReferences()	returns Authentication Methods References This is optional (claim amr)
String	getNonce()	returns the value of nonce This value is optional usually.
long	getNotBeforeTimeSeconds()	return the time which Id Token is not valid before it The time is represented as the number of seconds from 1970-01-01T0:0:0:0Z This is not required (key-id nbf)
String	getRawIdToken()	Returns the raw ID token string
String	getRefreshToken()	Get the refresh token
String	getSubject()	returns the Subject Identifier This is required.
String	getType()	returns the Type of IdToken, such as: Bearer This is not required.

Method Details

getJwtId

String getJwtId()

Returns the JWT ID of the IdToken This is not required. Case sensitive (key-id jti)

Returns:

JWT ID

getType

String getType()

returns the Type of IdToken, such as: Bearer This is not required. Case sensitive (key-id typ)

Returns:

Token Type

getIssuer

String getIssuer()

returns Issuer Identifier for the Issuer of the Response This is required Case sensitive (claim iss)

Returns:

Issuer

getSubject

String getSubject()

returns the Subject Identifier This is required. Case sensitive (claim sub)

Returns:

subject Id

getAudience

List<String> getAudience()

returns the audience(s) This is required Case sensitive (claim aud)

Returns:

audience(s)

getClientId

String getClientId()

returns the client Id This is not required (key-id azp2)

Returns:

Client Id

getExpirationTimeSeconds

long getExpirationTimeSeconds()

return the expiration time of the Id Token The time is represented as the number of seconds from 1970-01-01T0:0:0:0Z This is required (claim exp)

Returns:

Expiration time in seconds

getNotBeforeTimeSeconds

long getNotBeforeTimeSeconds()

return the time which Id Token is not valid before it The time is represented as the number of seconds from 1970-01-01T0:0:0:0Z This is not required (key-id nbf)

Returns:

Not Before Time in seconds

getIssuedAtTimeSeconds

long getIssuedAtTimeSeconds()

returns the issued time of Id Token This is required (claim iat)

Returns:

the issued time in seconds

getAuthorizationTimeSeconds

long getAuthorizationTimeSeconds()

returns The authorization time of the Id Token This is not required (key-id auth_time)

Returns:

The authorization time in seconds

getNonce

String getNonce()

returns the value of nonce This value is optional usually. But it's required when the request of a RP Client provides a nonce. In this case, the value of nonce must be the same as the one that the RP Client provides. case sensitive (claim nonce)

Returns:

the value of nonce

getAccessTokenHash

String getAccessTokenHash()

returns the Hash code of access token This is optional (claim at_hash)

Returns:

the Hash code of the access token

getClassReference

String getClassReference()

returns Authentication Context Class Reference This is optional (claim acr)

Returns:

Authentication Context Class Reference

getMethodsReferences

List<String> getMethodsReferences()

returns Authentication Methods References This is optional (claim amr)

Returns:

Authentication Methods References

getAuthorizedParty

String getAuthorizedParty()

Authorized Party This is optional Case sensitive (claim azp)

Returns:

Authorized Party

getClaim

Object getClaim(String key)

Using the key to get its value

Parameters:

key - - the claim or key-id

Returns:

The value

getAllClaims

Map<String,Object> getAllClaims()

get all the claims in the payload of Id Token

Returns:

all the claims in the payload of Id Token

getAccessToken

String getAccessToken()

Get the access token

Returns:

the access token string

getRefreshToken

String getRefreshToken()

Get the refresh token

Returns:

the refresh token string if exists, otherwise return null

getAllClaimsAsJson

String getAllClaimsAsJson()

Returns:

all the claims in Json format

getRawIdToken

String getRawIdToken()
              throws com.ibm.websphere.security.WSSecurityException

Returns the raw ID token string

Returns:

The raw ID token string

Throws:

com.ibm.websphere.security.WSSecurityException - Thrown if there is an error getting the run as identity.