Package io.jans.as.model.jwt

Class JwtClaimName

java.lang.Object
io.jans.as.model.jwt.JwtClaimName
public final class JwtClaimName extends Object
Version:
September 30, 2021
Author:
Javier Rojas Blum

  • Field Details

    • EXPIRATION_TIME

      public static final String EXPIRATION_TIME
      Expiration time on or after which the ID Token must not be accepted for processing. The processing of this parameter requires that the current date/time must be before the expiration date/time listed in the value.
      See Also:

    • NOT_BEFORE

      public static final String NOT_BEFORE
      See Also:

    • ISSUED_AT

      public static final String ISSUED_AT
      Time at which the JWT was issued. Its value is a JSON number representing the number of seconds from 1970-01-01T0:0:0Z as measured in UTC until the date/time.
      See Also:

    • ISSUER

      public static final String ISSUER
      Issuer Identifier for the Issuer of the response. The iss value is a case sensitive URL using the https scheme that contains scheme, host, and optionally, port number and path components and no query or fragment components.
      See Also:

    • AUDIENCE

      public static final String AUDIENCE
      Audience(s) that this ID Token is intended for. It must contain the OAuth 2.0 client_id of the Relying Party as an audience value. It may also contain identifiers for other audiences. In the general case, the aud value is an array of case sensitive strings. In the common special case when there is one audience, the aud value may be a single case sensitive string.
      See Also:

    • PRINCIPAL

      public static final String PRINCIPAL
      See Also:

    • JWT_ID

      public static final String JWT_ID
      See Also:

    • TYPE

      public static final String TYPE
      See Also:

    • AUTHENTICATION_METHOD_REFERENCES

      public static final String AUTHENTICATION_METHOD_REFERENCES
      Authentication Methods References.

      JSON array of strings that are identifiers for authentication methods used in the authentication. For instance, values might indicate that both password and OTP authentication methods were used. The definition of particular values to be used in the amr Claim is beyond the scope of this specification. Parties using this claim will need to agree upon the meanings of the values used, which may be context-specific. The amr value is an array of case sensitive strings.

      See Also:

    • SUBJECT_IDENTIFIER

      public static final String SUBJECT_IDENTIFIER
      A locally unique and never reassigned identifier within the Issuer for the End-User, which is intended to be consumed by the Client.
      See Also:

    • TOKEN_BINDING_HASH

      public static final String TOKEN_BINDING_HASH
      See Also:

    • CNF

      public static final String CNF
      See Also:

    • JKT

      public static final String JKT
      See Also:

    • AUTHORIZED_PARTY

      public static final String AUTHORIZED_PARTY
      Authorized party - the party to which the ID Token was issued. If present, it must contain the OAuth 2.0 Client ID of this party. This Claim is only needed when the ID Token has a single audience value and that audience is different than the authorized party. It may be included even when the authorized party is the same as the sole audience.
      See Also:

    • AUTHENTICATION_CONTEXT_CLASS_REFERENCE

      public static final String AUTHENTICATION_CONTEXT_CLASS_REFERENCE
      Authentication Context Class Reference. String specifying an Authentication Context Class Reference value that identifies the Authentication Context Class that the authentication performed satisfied.
      See Also:

    • NONCE

      public static final String NONCE
      String value used to associate a Client session with an ID Token, and to mitigate replay attacks. The value is passed through unmodified from the Authentication Request to the ID Token. If present in the ID Token, Clients must verify that the nonce Claim Value is equal to the value of the nonce parameter sent in the Authentication Request. If present in the Authentication Request, Authorization Servers must include a nonce Claim in the ID Token with the Claim Value being the nonce value sent in the Authentication Request. Authorization Servers should perform no other processing on nonce values used. The nonce value is a case sensitive string.
      See Also:

    • AUTHENTICATION_TIME

      public static final String AUTHENTICATION_TIME
      Time when the End-User authentication occurred. Its value is a JSON number representing the number of seconds from 1970-01-01T0:0:0Z as measured in UTC until the date/time. When a max_age request is made or when auth_time is requested as an Essential Claim, then this Claim is required; otherwise, its inclusion is optional.
      See Also:

    • ACCESS_TOKEN_HASH

      public static final String ACCESS_TOKEN_HASH
      See Also:

    • CODE_HASH

      public static final String CODE_HASH
      See Also:

    • STATE_HASH

      public static final String STATE_HASH
      See Also:

    • NAME

      public static final String NAME
      End-User's full name in displayable form including all name parts.
      See Also:

    • GIVEN_NAME

      public static final String GIVEN_NAME
      Given name or first name of the End-User.
      See Also:

    • FAMILY_NAME

      public static final String FAMILY_NAME
      Surname or last name of the End-User.
      See Also:

    • MIDDLE_NAME

      public static final String MIDDLE_NAME
      Middle name of the End-User.
      See Also:

    • NICKNAME

      public static final String NICKNAME
      Casual name of the End-User. For instance, a nickname value of Mike might be returned alongside a given_name value of Michael.
      See Also:

    • PREFERRED_USERNAME

      public static final String PREFERRED_USERNAME
      Shorthand name that the End-User wishes to be referred to at the RP, such as janedoe or j.doe.
      See Also:

    • PROFILE

      public static final String PROFILE
      URL of the End-User's profile page.
      See Also:

    • PICTURE

      public static final String PICTURE
      URL of the End-User's profile picture.
      See Also:

    • WEBSITE

      public static final String WEBSITE
      URL of the End-User's web page or blog.
      See Also:

    • EMAIL

      public static final String EMAIL
      The End-User's preferred e-mail address.
      See Also:

    • USER_NAME

      public static final String USER_NAME
      The End-User's preferred userName.
      See Also:

    • EMAIL_VERIFIED

      public static final String EMAIL_VERIFIED
      True if the End-User's e-mail address has been verified; otherwise false.
      See Also:

    • GENDER

      public static final String GENDER
      The End-User's gender: Values defined by this specification are female and male. Other values MAY be used when neither of the defined values are applicable.
      See Also:

    • BIRTHDATE

      public static final String BIRTHDATE
      The End-User's birthday.
      See Also:

    • ZONEINFO

      public static final String ZONEINFO
      String from zoneinfo time zone database. For example, Europe/Paris or America/Los_Angeles.
      See Also:

    • LOCALE

      public static final String LOCALE
      The End-User's locale, represented as a BCP47 (RFC5646) language tag. This is typically an ISO 639-1 Alpha-2 (ISO639‑1) language code in lowercase and an ISO 3166-1 Alpha-2 (ISO3166‑1) country code in uppercase, separated by a dash. For example, en-US or fr-CA.
      See Also:

    • PHONE_NUMBER

      public static final String PHONE_NUMBER
      The End-User's preferred telephone number. E.164 is RECOMMENDED as the format of this Claim. For example, +1 (425) 555-1212 or +56 (2) 687 2400.
      See Also:

    • PHONE_NUMBER_VERIFIED

      public static final String PHONE_NUMBER_VERIFIED
      True if the End-User's phone number has been verified; otherwise false. When this Claim Value is true, this means that the OP took affirmative steps to ensure that this phone number was controlled by the End-User at the time the verification was performed. The means by which a phone number is verified is context-specific, and dependent upon the trust framework or contractual agreements within which the parties are operating. When true, the phone_number Claim MUST be in E.164 format and any extensions MUST be represented in RFC 3966 format.
      See Also:

    • ADDRESS

      public static final String ADDRESS
      The End-User's preferred address.
      See Also:

    • UPDATED_AT

      public static final String UPDATED_AT
      Time the End-User's information was last updated.
      See Also:

    • ADDRESS_FORMATTED

      public static final String ADDRESS_FORMATTED
      The full mailing address, formatted for display or use with a mailing label.
      See Also:

    • ADDRESS_STREET_ADDRESS

      public static final String ADDRESS_STREET_ADDRESS
      The full street address component, which may include house number, street name, PO BOX, and multi-line extended street address information.
      See Also:

    • ADDRESS_LOCALITY

      public static final String ADDRESS_LOCALITY
      The city or locality component.
      See Also:

    • ADDRESS_REGION

      public static final String ADDRESS_REGION
      The state, province, prefecture or region component.
      See Also:

    • ADDRESS_POSTAL_CODE

      public static final String ADDRESS_POSTAL_CODE
      The zip code or postal code component.
      See Also:

    • ADDRESS_COUNTRY

      public static final String ADDRESS_COUNTRY
      The country name component.
      See Also:

    • JANS_OPENID_CONNECT_VERSION

      public static final String JANS_OPENID_CONNECT_VERSION
      See Also:

    • REFRESH_TOKEN_HASH

      public static final String REFRESH_TOKEN_HASH
      See Also:

    • AUTH_REQ_ID

      public static final String AUTH_REQ_ID
      See Also: