Package org.apereo.cas.support.oauth
Interface OAuth20Constants
public interface OAuth20Constants
This class has the main constants for the OAuth implementation.
- Since:
- 3.5.0
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final StringAccess denied error.static final StringThe access token.static final StringThe access token url.static final StringAuthentication context reference values.static final StringAuthz pending error.static final StringAuthz state.static final StringThe authorize url.static final StringBase OAuth 2.0 url.static final StringThe approval prompt.static final StringThe callback authorize url.static final StringThe callback authorize url definition.static final StringThe claims.static final StringAuthz state claims submitted.static final Stringuserinfoclaims found as claims request parameter.static final StringThe client assertion jwt.static final StringThe client assertion type.static final StringClient assertion type as jwt bearer.static final StringThe client id.static final StringThe client secret.static final StringThe code.static final StringPKCE code challenge.static final StringPKCE code challenge method.static final StringPKCE code verifier.static final StringThe confirm view.static final Stringdevice authorization url.static final StringDevice code flow device code.static final StringThe device code approval view.static final StringThe device code approved view.static final StringDevice code flow refresh interval.static final StringDevice code flow user code.static final StringDevice code flow verification uri.static final StringDPoP header.static final StringDPoP confirmation that is put inside access token as an attribute.static final StringThe error.static final StringThe error description.static final Stringerror details.static final StringThe error with callback.static final StringThe expired access token.static final StringThe remaining time in seconds before expiration.static final StringThe grant type.static final StringHeader value to signal JWT responses for token introspection payloads.static final StringThe introspection url.static final StringThe invalid client.static final StringThe invalid dpop.static final StringThe invalid grant.static final StringThe invalid request.static final StringThe invalid scope.static final StringThe missing access token.static final Stringneed information.static final StringThe nonce parameter.static final StringThe profile url.static final StringThe prompt parameter.static final StringThe redirect uri.static final StringThe refresh token.static final StringThe request passed as a jwt.static final StringInternal attribute to indicate whether the incoming request is an access token request.static final Stringrequesting party claim.static final StringThe response mode.static final StringThe response type.static final StringThe revocation url.static final StringThe scope request.static final StringThe oauthSessionStaleMismatchErrorView view.static final Stringslow down error for when approval requests are too quick.static final StringThe state.static final StringThe access token.static final StringThe token type parameter.static final StringThe bearer type.static final StringThe DPOP Token.static final StringThe token url.static final Stringauthorization registration endpoint URL.static final StringUMA authz scope.static final Stringclaims collection endpoint URL.static final StringURL endpoint that exposes JWKS for token signing.static final Stringpermission registration endpoint URL.static final Stringpolicy registration endpoint URL.static final StringUMA protection scope.static final StringRegistration endpoint URL.static final Stringresource set registration endpoint URL.static final StringThe unauthorized client.static final StringThe Authorization Server is unable to meet the requirements of the Relying Party for the authentication of the End-User.static final StringUnsupported response_type error.static final StringX509 certificate hash used and collected during TLS authentication.
-
Field Details
-
REQUEST_ATTRIBUTE_ACCESS_TOKEN_REQUEST
Internal attribute to indicate whether the incoming request is an access token request.- See Also:
-
PROMPT
The prompt parameter.- See Also:
-
DEVICE_VERIFICATION_URI
Device code flow verification uri.- See Also:
-
DEVICE_USER_CODE
Device code flow user code.- See Also:
-
DEVICE_CODE
Device code flow device code.- See Also:
-
DEVICE_INTERVAL
Device code flow refresh interval.- See Also:
-
ACR_VALUES
Authentication context reference values.- See Also:
-
BASE_OAUTH20_URL
Base OAuth 2.0 url.- See Also:
-
REDIRECT_URI
The redirect uri.- See Also:
-
UNMET_AUTHENTICATION_REQUIREMENTS
The Authorization Server is unable to meet the requirements of the Relying Party for the authentication of the End-User.- See Also:
-
RESPONSE_TYPE
The response type.- See Also:
-
RESPONSE_MODE
The response mode.- See Also:
-
CLAIMS
The claims.- See Also:
-
CLAIMS_USERINFO
userinfoclaims found as claims request parameter.- See Also:
-
REQUEST
The request passed as a jwt.- See Also:
-
GRANT_TYPE
The grant type.- See Also:
-
CLIENT_ID
The client id.- See Also:
-
CODE_CHALLENGE
PKCE code challenge.- See Also:
-
CODE_VERIFIER
PKCE code verifier.- See Also:
-
CODE_CHALLENGE_METHOD
PKCE code challenge method.- See Also:
-
CLIENT_SECRET
The client secret.- See Also:
-
BYPASS_APPROVAL_PROMPT
The approval prompt.- See Also:
-
SCOPE
The scope request.- See Also:
-
CODE
The code.- See Also:
-
ERROR
The error.- See Also:
-
ERROR_DESCRIPTION
The error description.- See Also:
-
ERROR_WITH_CALLBACK
The error with callback.- See Also:
-
UNSUPPORTED_RESPONSE_TYPE
Unsupported response_type error.- See Also:
-
STATE
The state.- See Also:
-
TOKEN
The access token.- See Also:
-
ACCESS_TOKEN
The access token.- See Also:
-
REFRESH_TOKEN
The refresh token.- See Also:
-
CLIENT_ASSERTION_TYPE
The client assertion type.- See Also:
-
CLIENT_ASSERTION
The client assertion jwt.- See Also:
-
MISSING_ACCESS_TOKEN
The missing access token.- See Also:
-
EXPIRED_ACCESS_TOKEN
The expired access token.- See Also:
-
CONFIRM_VIEW
The confirm view.- See Also:
-
SESSION_STALE_MISMATCH
The oauthSessionStaleMismatchErrorView view.- See Also:
-
DEVICE_CODE_APPROVAL_VIEW
The device code approval view.- See Also:
-
DEVICE_CODE_APPROVED_VIEW
The device code approved view.- See Also:
-
INVALID_CLIENT
The invalid client.- See Also:
-
INVALID_REQUEST
The invalid request.- See Also:
-
INVALID_GRANT
The invalid grant.- See Also:
-
INVALID_DPOP_PROOF
The invalid dpop.- See Also:
-
INVALID_SCOPE
The invalid scope.- See Also:
-
ACCESS_DENIED
Access denied error.- See Also:
-
AUTHORIZATION_PENDING
Authz pending error.- See Also:
-
AUTHORIZATION_STATE
Authz state.- See Also:
-
CLAIMS_SUBMITTED
Authz state claims submitted.- See Also:
-
SLOW_DOWN
slow down error for when approval requests are too quick.- See Also:
-
AUTHORIZE_URL
The authorize url.- See Also:
-
INTROSPECTION_URL
The introspection url.- See Also:
-
INTROSPECTION_JWT_HEADER_CONTENT_TYPE
Header value to signal JWT responses for token introspection payloads.- See Also:
-
CALLBACK_AUTHORIZE_URL
The callback authorize url.- See Also:
-
CALLBACK_AUTHORIZE_URL_DEFINITION
The callback authorize url definition.- See Also:
-
ACCESS_TOKEN_URL
The access token url.- See Also:
-
DEVICE_AUTHZ_URL
device authorization url.- See Also:
-
TOKEN_URL
The token url.- See Also:
-
PROFILE_URL
The profile url.- See Also:
-
REVOCATION_URL
The revocation url.- See Also:
-
EXPIRES_IN
The remaining time in seconds before expiration.- See Also:
-
NONCE
The nonce parameter.- See Also:
-
TOKEN_TYPE
The token type parameter.- See Also:
-
TOKEN_TYPE_BEARER
The bearer type.- See Also:
-
TOKEN_TYPE_DPOP
The DPOP Token.- See Also:
-
CLIENT_ASSERTION_TYPE_JWT_BEARER
Client assertion type as jwt bearer.- See Also:
-
UMA_REGISTRATION_URL
Registration endpoint URL.- See Also:
-
UMA_RESOURCE_SET_REGISTRATION_URL
resource set registration endpoint URL.- See Also:
-
UMA_PERMISSION_URL
permission registration endpoint URL.- See Also:
-
UMA_POLICY_URL
policy registration endpoint URL.- See Also:
-
UMA_AUTHORIZATION_REQUEST_URL
authorization registration endpoint URL.- See Also:
-
UMA_CLAIMS_COLLECTION_URL
claims collection endpoint URL.- See Also:
-
UMA_JWKS_URL
URL endpoint that exposes JWKS for token signing.- See Also:
-
UMA_PROTECTION_SCOPE
UMA protection scope.- See Also:
-
UMA_AUTHORIZATION_SCOPE
UMA authz scope.- See Also:
-
REQUESTING_PARTY_CLAIMS
requesting party claim.- See Also:
-
ERROR_DETAILS
error details.- See Also:
-
NEED_INFO
need information.- See Also:
-
UNAUTHORIZED_CLIENT
The unauthorized client.- See Also:
-
DPOP
DPoP header.- See Also:
-
DPOP_CONFIRMATION
DPoP confirmation that is put inside access token as an attribute.- See Also:
-
X509_CERTIFICATE_DIGEST
X509 certificate hash used and collected during TLS authentication.- See Also:
-