com.authlete.common.dto

Class AuthenticationCallbackRequest

java.lang.Object

com.authlete.common.dto.AuthenticationCallbackRequest

All Implemented Interfaces:

Serializable

public class AuthenticationCallbackRequest
extends Object
implements Serializable

Authentication request from Authlete to a service implementation.

After a client application accesses the authorization endpoint which Authlete provides for the service (/api/auth/authorization/direct/{service-api-key}) and an end-user of the service tries end-user authentication at the UI displayed at the authorization endpoint (by inputting his/her login ID and password to the input fields or by signing in an SNS such as Facebook), Authlete makes an authentication callback request to the authentication callback endpoint of the service. This class represents the format of the request.

When the end-user tried end-user authentication by inputting his/her credentials to the input fields of the form, id and password in this authentication callback request are the values that the end-user has input.

On the other hand, when the end-user tried end-user authentication by signing in an SNS such as Facebook, id represents the subject (unique identifier) of the end-user in the SNS and password has no meaning. In this case, sns and accessToken are not null. accessToken in this request is the value of the access token issued by the SNS which an implementation of an authentication callback endpoint may use as necessary.

Some notes specific to respective SNSes.

Facebook

The value of id is unique to each Facebook application and cannot be used across different applications. If you need the third party ID, make an API call to /me endpoint with fields=third_party_id and access_token={accessToken}. See the API document of Facebook for details.

The value of rawTokenResponse is in the form of application/x-www-form-urlencoded (not application/json). This is a violation against RFC 6749 (OAuth 2.0).

The value of refreshToken is empty.

The value of expiresIn is the value of expires in the response from the token endpoint of Facebook.

Since:

1.1

Author:

Takahiko Kawasaki

See Also:

Serialized Form

Constructor Summary

Constructors

Constructor and Description
AuthenticationCallbackRequest()

Method Summary

Modifier and Type	Method and Description
String	getAccessToken() Get the access token returned by the SNS which the end-user used for social login.
String[]	getClaims() Get the list of claims requested by a client application.
String[]	getClaimsLocales() Get the list of locales for claims.
long	getClientId() Get the ID of the client application that triggered this authentication request.
long	getExpiresIn() Get the lifetime of the access token in seconds.
String	getId() Get the ID of the end-user to authenticate.
String	getPassword() Get the password of the end-user to authenticate.
String	getRawTokenResponse() Get the raw response from the token endpoint of the SNS.
String	getRefreshToken() Get the refresh token returned by the SNS which the end-user used for social login.
long	getServiceApiKey() Get the API key of the target service.
Sns	getSns() Get the SNS that the end-user used for social login.
AuthenticationCallbackRequest	setAccessToken(String accessToken) Set the access token returned by the SNS which the end-user used for social login.
AuthenticationCallbackRequest	setClaims(String[] claims) Set the list of claims requested by a client application.
AuthenticationCallbackRequest	setClaimsLocales(String[] claimsLocales) Set the list of locales for claims.
AuthenticationCallbackRequest	setClientId(long clientId) Set the ID of the client application that triggered this authentication request.
AuthenticationCallbackRequest	setExpiresIn(long expiresIn) Set the lifetime of the access token in seconds.
AuthenticationCallbackRequest	setId(String id) Set the ID of the end-user to authenticate.
AuthenticationCallbackRequest	setPassword(String password) Set the password of the end-user to authenticate.
AuthenticationCallbackRequest	setRawTokenResponse(String response) Set the raw response from the token endpoint of the SNS.
AuthenticationCallbackRequest	setRefreshToken(String refreshToken) Set the refresh token returned by the SNS which the end-user used for social login.
AuthenticationCallbackRequest	setServiceApiKey(long apiKey) Set the API key of the target service.
AuthenticationCallbackRequest	setSns(Sns sns) Set the SNS that the end-user used for social login.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AuthenticationCallbackRequest

public AuthenticationCallbackRequest()

Method Detail

getServiceApiKey

public long getServiceApiKey()

Get the API key of the target service.

This property is always set when Authlete makes a request.

Returns:

The API key of the target service.

setServiceApiKey

public AuthenticationCallbackRequest setServiceApiKey(long apiKey)

Set the API key of the target service.

Parameters:

apiKey - The API key of the target service.

Returns:

this object.

getClientId

public long getClientId()

Get the ID of the client application that triggered this authentication request.

This property is always set when Authlete makes a request.

Returns:

The ID of the client application.

setClientId

public AuthenticationCallbackRequest setClientId(long clientId)

Set the ID of the client application that triggered this authentication request.

Parameters:

clientId - The ID of the client application.

Returns:

this object.

getId

public String getId()

Get the ID of the end-user to authenticate.

When the value of sns property is null, this property holds the value of the login ID that the end-user has entered to the login ID field in the UI of the authorization endpoint (/api/auth/authorization/direct/{service-api-key}), or the value of username request parameter to the token endpoint (/api/auth/token/direct/{service-api-key}) in the case of Resource Owner Password Credentials flow.

On the other hand, if sns property is not null, this property holds the subject (= unique identifier) of the end-user in the SNS.

This property is always set when Authlete makes a request.

Returns:

The ID of the end-user to authenticate.

setId

public AuthenticationCallbackRequest setId(String id)

Set the ID of the end-user to authenticate.

Parameters:

id - The ID of the end-user to authenticate.

Returns:

this object.

getPassword

public String getPassword()

Get the password of the end-user to authenticate.

This property holds the value of the password that the end-user has entered to the password field in the UI of the authorization endpoint (/api/auth/authorization/direct/{service-api-key}), or the value of password request parameter to the token endpoint (/api/auth/token/direct/{service-api-key}) in the case of Resource Owner Password Credentials flow.

If sns property is null, it is ensured that this property is not null. In such a case, authentication should be performed on the pair of id property and this password property. On the other hand, if sns property is not null, this property has no meaning, because authentication has been performed by the SNS.

Returns:

The password of the end-user to authenticate.

setPassword

public AuthenticationCallbackRequest setPassword(String password)

Set the password of the end-user to authenticate.

Parameters:

password - The password of the end-user to authenticate.

Returns:

this object.

getClaims

public String[] getClaims()

Get the list of claims requested by a client application.

A claim is a piece of information about an end-user. Some standard claim names such as given_name and email are defined in "5.1. Standard Claims" in OpenID Connect Core 1.0. A service implementation should extract data corresponding to the claims from its database and return them to Authlete. The data will be embedded in an ID token.

Note that a claim name may be followed by #locale. For example, family_name#ja. See "5.2. Claims Languages and Scripts" in OpenID Connect Core 1.0 for details.

This property is null when claim data are not necessary (= when an ID token is not necessary to be generated).

Returns:

The list of claims requested by a client application.

setClaims

public AuthenticationCallbackRequest setClaims(String[] claims)

Set the list of claims requested by a client application.

Parameters:

claims - The list of claims requested by a client application.

Returns:

this object.

getClaimsLocales

public String[] getClaimsLocales()

Get the list of locales for claims.

This property holds the value of claims_locales request parameter contained in an authorization request. The values are the end-user's preferred languages and scripts for claims. See "5.2. Claims Languages and Scripts" in OpenID Connect Core 1.0 for details.

This property is null when claim data are not necessary (= when an ID token is not necessary to be generated).

Returns:

The list of locales for claims.

setClaimsLocales

public AuthenticationCallbackRequest setClaimsLocales(String[] claimsLocales)

Set the list of locales for claims.

Parameters:

claimsLocales - The list of locales for claims.

Returns:

this object.

getSns

public Sns getSns()

Get the SNS that the end-user used for social login.

Returns:

The SNS that the end-user used for social login. null is returned if the end-user did not use social login.

Since:

1.3

setSns

public AuthenticationCallbackRequest setSns(Sns sns)

Set the SNS that the end-user used for social login.

Parameters:

sns - The SNS that the end-user used for social login.

Returns:

this object.

Since:

1.3

getAccessToken

public String getAccessToken()

Get the access token returned by the SNS which the end-user used for social login.

Returns:

The access token returned by the SNS. null is returned when social login was not used.

Since:

1.3

setAccessToken

public AuthenticationCallbackRequest setAccessToken(String accessToken)

Set the access token returned by the SNS which the end-user used for social login.

Parameters:

accessToken - The access token returned by the SNS.

Returns:

this object.

Since:

1.3

getRefreshToken

public String getRefreshToken()

Get the refresh token returned by the SNS which the end-user used for social login.

Returns:

The refresh token returned by the SNS. null is returned when social login was not used or if the SNS did not return a refresh token.

Since:

1.3

setRefreshToken

public AuthenticationCallbackRequest setRefreshToken(String refreshToken)

Set the refresh token returned by the SNS which the end-user used for social login.

Parameters:

refreshToken - The refresh token returned by the SNS.

Returns:

this object.

Since:

1.3

getExpiresIn

public long getExpiresIn()

Get the lifetime of the access token in seconds.

Returns:

The lifetime of the access token in seconds. 0 is returned when social login was not used of if the SNS did not return information about lifetime of the access token.

Since:

1.3

setExpiresIn

public AuthenticationCallbackRequest setExpiresIn(long expiresIn)

Set the lifetime of the access token in seconds.

Parameters:

expiresIn - The lifetime of the access token in seconds.

Returns:

this object.

Since:

1.3

getRawTokenResponse

public String getRawTokenResponse()

Get the raw response from the token endpoint of the SNS.

If the SNS complies with RFC 6749, the format is JSON. Note that Facebook returns application/x-www-form-urlencoded.

Returns:

The raw response from the token endpoint of the SNS.

Since:

1.3

setRawTokenResponse

public AuthenticationCallbackRequest setRawTokenResponse(String response)

Set the raw response from the token endpoint of the SNS.

Parameters:

response - The raw response from the token endpoint of the SNS.

Returns:

this object.

Since:

1.3