UserinfoClientState
Introduction and overview
Given an access token and the provider configuration, the AuthState UserinfoClientState requests claims from a Userinfo Endpoint by sending a Userinfo Request.
Description
The following table describes the characteristics of the AuthState.
| Topic | Description |
|---|---|
| Class | ch.nevis.esauth.auth.states.oauth2.openid.rp.UserinfoClientState |
| Logging | OIDCRelyingParty |
| Auditing | none |
| Marker | none |
| Properties | providerConfiguration (string)A string containing provider metadata as specified in the RFC or a variable containing a provider metadata document. |
| accessToken (string)Value or variable containing the access token to use in the Userinfo Request being sent to the Userinfo Endpoint. | |
| Methods | process: Issues a userinfo request to the userinfo endpoint configured via the provider configuration. |
| Input | none |
| Transitions | failed: Error when sending the Userinfo Request or Userinfo Error Response received |
| ok: Userinfo Success Response received and parsing was successful | |
| Output | session:[AuthStateName].userinfoResponse The value of fields of the received user info response. |
| Errors | none |
| Notes | none |
| AuthState Config Example |
<AuthState name="UserinfoClient" class="ch.nevis.esauth.auth.states.oauth2.openid.rp.UserinfoClientState"
authLevel="auth.test" final="false">
<ResultCond name="ok" next="AuthDone"/>
<ResultCond name="failed" next="AuthError"/>
<property name="providerConfiguration" value="${session:OIDCProviderMetadataFetcherState.providerMetadata}" />
<property name="accessToken" value="${session:RelyingParty.tokenResponse.access_token}" />
</AuthState>