PublicKeyTLSClientAuthentication (Nimbus OAuth 2.0 SDK with OpenID Connect 1.0 extensions v5.38)

java.lang.Object
- com.nimbusds.oauth2.sdk.auth.ClientAuthentication
- - com.nimbusds.oauth2.sdk.auth.PublicKeyTLSClientAuthentication

```
@Immutable
public class PublicKeyTLSClientAuthentication
extends ClientAuthentication
```
Public key TLS / X.509 certificate client authentication at the Token endpoint. The client certificate is public key bound and typically self-signed, as opposed to tls_client_auth which relies on PKI binding. Implements ClientAuthenticationMethod.PUB_KEY_TLS_CLIENT_AUTH.
Related specifications:
- Mutual TLS Profile for OAuth 2.0 (draft-ietf-oauth-mtls-03), section 2.1.

Constructor Summary

Constructors
Constructor and Description
`PublicKeyTLSClientAuthentication(ClientID clientID, SSLSocketFactory sslSocketFactory)` Creates a new public key TLS / X.509 certificate client authentication.
`PublicKeyTLSClientAuthentication(ClientID clientID, X509Certificate x509Certificate)` Creates a new public key TLS / X.509 certificate client authentication.

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`applyTo(HTTPRequest httpRequest)` Applies the authentication to the specified HTTP request by setting its Authorization header and/or POST entity-body parameters (according to the implemented client authentication method).
`X509Certificate`	`getClientX509Certificate()` Returns the validated client X.509 certificate from the received HTTPS request.
`SSLSocketFactory`	`getSSLSocketFactory()` Returns the SSL socket factory to use for an outgoing HTTPS request and to present the client certificate(s).
`static PublicKeyTLSClientAuthentication`	`parse(HTTPRequest httpRequest)` Parses a public key TLS / X.509 certificate client authentication from the specified HTTP request.

Methods inherited from class com.nimbusds.oauth2.sdk.auth.ClientAuthentication
getClientID, getMethod

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - PublicKeyTLSClientAuthentication
```
public PublicKeyTLSClientAuthentication(ClientID clientID,
                                        SSLSocketFactory sslSocketFactory)
```
    Creates a new public key TLS / X.509 certificate client authentication. This constructor is intended for an outgoing token request.
    
    Parameters:
    
    clientID - The client identifier. Must not be null.
    
    sslSocketFactory - The SSL socket factory to use for the outgoing HTTPS request and to present the client certificate(s), null to use the default one.
  - PublicKeyTLSClientAuthentication
```
public PublicKeyTLSClientAuthentication(ClientID clientID,
                                        X509Certificate x509Certificate)
```
    Creates a new public key TLS / X.509 certificate client authentication. This constructor is intended for a received token request.
    
    Parameters:
    
    clientID - The client identifier. Must not be null.
    
    x509Certificate - The validated client X.509 certificate from the received HTTPS request. Must not be null.
- Method Detail
  - getClientX509Certificate
```
public X509Certificate getClientX509Certificate()
```
    Returns the validated client X.509 certificate from the received HTTPS request.
    
    Returns:
    
    The client X.509 certificate, null for an outgoing HTTPS request.
  - parse
```
public static PublicKeyTLSClientAuthentication parse(HTTPRequest httpRequest)
                                              throws ParseException
```
    Parses a public key TLS / X.509 certificate client authentication from the specified HTTP request.
    
    Parameters:
    
    httpRequest - The HTTP request to parse. Must not be null and must include a validated client X.509 certificate.
    
    Returns:
    
    The public key TLS / X.509 certificate client authentication.
    
    Throws:
    
    ParseException - If the client_id or client X.509 certificate is missing.
  - getSSLSocketFactory
```
public SSLSocketFactory getSSLSocketFactory()
```
    Returns the SSL socket factory to use for an outgoing HTTPS request and to present the client certificate(s).
    
    Returns:
    
    The SSL socket factory, null to use the default one.
  - applyTo
```
public void applyTo(HTTPRequest httpRequest)
```
    Description copied from class: ClientAuthentication
    
    Applies the authentication to the specified HTTP request by setting its Authorization header and/or POST entity-body parameters (according to the implemented client authentication method).
    
    Specified by:
    
    applyTo in class ClientAuthentication
    
    Parameters:
    
    httpRequest - The HTTP request. Must not be null.

Class PublicKeyTLSClientAuthentication

Constructor Summary

Method Summary

Methods inherited from class com.nimbusds.oauth2.sdk.auth.ClientAuthentication

Methods inherited from class java.lang.Object

Constructor Detail

PublicKeyTLSClientAuthentication

PublicKeyTLSClientAuthentication

Method Detail

getClientX509Certificate

parse

getSSLSocketFactory

applyTo