Package net.openid.appauth

Class EndSessionRequest

java.lang.Object

net.openid.appauth.EndSessionRequest

All Implemented Interfaces:

AuthorizationManagementRequest

public class EndSessionRequest
extends Object
implements AuthorizationManagementRequest

An OpenID end session request.

See Also:

“OpenID Connect RP-Initiated Logout 1.0 - draft 01 https://openid.net/specs/openid-connect-rpinitiated-1_0.html”

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	EndSessionRequest.Builder	Creates instances of EndSessionRequest.

Field Summary

Fields

Modifier and Type	Field	Description
Map<String,String>	additionalParameters	Additional parameters to be passed as part of the request.
AuthorizationServiceConfiguration	configuration	The service’s configuration.
String	idTokenHint	Previously issued ID Token passed to the end session endpoint as a hint about the End-User’s current authenticated session with the Client
Uri	postLogoutRedirectUri	The client’s redirect URI.
String	state	An opaque value used by the client to maintain state between the request and callback.
String	uiLocales	This is a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference.

Method Summary

Modifier and Type	Method	Description
String	getState()	An opaque value used by the client to maintain state between the request and callback.
Set<String>	getUiLocales()
static EndSessionRequest	jsonDeserialize(String jsonStr)	Reads an authorization request from a JSON string representation produced by jsonSerializeString().
static EndSessionRequest	jsonDeserialize(JSONObject json)	Reads an authorization request from a JSON string representation produced by jsonSerialize().
JSONObject	jsonSerialize()	Produces a JSON representation of the end session request for persistent storage or local transmission (e.g.
String	jsonSerializeString()	Produces a JSON string representation of the request for persistent storage or local transmission (e.g.
Uri	toUri()	Produces a request URI, that can be used to dispatch the request.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

configuration

@NonNull
public final AuthorizationServiceConfiguration configuration

The service’s configuration.

This configuration specifies how to connect to a particular OAuth provider. Configurations may be AuthorizationServiceConfiguration(Uri, Uri, Uri, Uri) created manually}, or AuthorizationServiceConfiguration.fetchFromUrl(Uri, AuthorizationServiceConfiguration.RetrieveConfigurationCallback) via an OpenID Connect Discovery Document}.

idTokenHint

@Nullable
public final String idTokenHint

Previously issued ID Token passed to the end session endpoint as a hint about the End-User’s current authenticated session with the Client

See Also:

“OpenID Connect Session Management 1.0 - draft 28, 5 RP-Initiated Logout https://openid.net/specs/openid-connect-rpinitiated-1_0.html#RPLogout”, “OpenID Connect Core ID Token, Section 2 http://openid.net/specs/openid-connect-core-1_0.html#IDToken”

postLogoutRedirectUri

@Nullable
public final Uri postLogoutRedirectUri

The client’s redirect URI.

See Also:

“OpenID Connect RP-Initiated Logout 1.0 - draft 1, 3. Redirection to RP After Logout https://openid.net/specs/openid-connect-rpinitiated-1_0.html#RedirectionAfterLogout”

state

@Nullable
public final String state

An opaque value used by the client to maintain state between the request and callback.

If this value is not explicitly set, this library will automatically add state and perform appropriate validation of the state in the authorization response. It is recommended that the default implementation of this parameter be used wherever possible. Typically used to prevent CSRF attacks, as recommended in

See Also:

“OpenID Connect RP-Initiated Logout 1.0 - draft 1, 2. RP-Initiated Logout https://openid.net/specs/openid-connect-rpinitiated-1_0.html#RPLogout”, “The OAuth 2.0 Authorization Framework (RFC 6749), Section 5.3.5 https://tools.ietf.org/html/rfc6749#section-5.3.5”

uiLocales

@Nullable
public final String uiLocales

This is a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference.

It represents End-User’s preferred languages and scripts for the user interface.

See Also:

“OpenID Connect RP-Initiated Logout 1.0 - draft 01 https://openid.net/specs/openid-connect-rpinitiated-1_0.html#RPLogout”

additionalParameters

@NonNull
public final Map<String,String> additionalParameters

Additional parameters to be passed as part of the request.

See Also:

“The OAuth 2.0 Authorization Framework (RFC 6749), Section 3.1 https://tools.ietf.org/html/rfc6749#section-3.1”

Method Detail

getState

@Nullable
public String getState()

Description copied from interface: AuthorizationManagementRequest

An opaque value used by the client to maintain state between the request and callback.

Specified by:

getState in interface AuthorizationManagementRequest

getUiLocales

public Set<String> getUiLocales()

toUri

public Uri toUri()

Description copied from interface: AuthorizationManagementRequest

Produces a request URI, that can be used to dispatch the request.

Specified by:

toUri in interface AuthorizationManagementRequest

jsonSerialize

public JSONObject jsonSerialize()

Produces a JSON representation of the end session request for persistent storage or local transmission (e.g.

between activities).

Specified by:

jsonSerialize in interface AuthorizationManagementRequest

jsonSerializeString

public String jsonSerializeString()

Produces a JSON string representation of the request for persistent storage or local transmission (e.g.

between activities). This method is just a convenience wrapper for jsonSerialize(), converting the JSON object to its string form.

Specified by:

jsonSerializeString in interface AuthorizationManagementRequest

jsonDeserialize

public static EndSessionRequest jsonDeserialize(@NonNull
                                                JSONObject json)
                                         throws JSONException

Reads an authorization request from a JSON string representation produced by jsonSerialize().

Throws:

JSONException - if the provided JSON does not match the expected structure.

jsonDeserialize

@NonNull
public static EndSessionRequest jsonDeserialize(@NonNull
                                                String jsonStr)
                                         throws JSONException

Reads an authorization request from a JSON string representation produced by jsonSerializeString().

This method is just a convenience wrapper for jsonDeserialize(JSONObject), converting the JSON string to its JSON object form.

Throws:

JSONException - if the provided JSON does not match the expected structure.