ClaimsOpenID

public class ClaimsOpenID : Claims

A class representing OpenID related claims as decsribed in OpenID specs.


                    
                    
                    init(iss:sub:aud:exp:iat:auth_time:nonce:acr:amr:azp:name:given_name:family_name:middle_name:nickname:preferred_username:profile:picture:website:email:email_verified:gender:birthdate:zoneinfo:locale:phone_number:phone_number_verified:address:updated_at:)

Initalise the ClaimsOpenID

Declaration

Swift

public init(
    iss: String,
    sub: String,
    aud: [String],
    exp: Date,
    iat: Date,
    auth_time: Date? = nil,
    nonce: String? = nil,
    acr: String? = nil,
    amr: [String]? = nil,
    azp: String? = nil,
    name: String? = nil,
    given_name: String? = nil,
    family_name: String? = nil,
    middle_name: String? = nil,
    nickname: String? = nil,
    preferred_username: String? = nil,
    profile: String? = nil,
    picture: String? = nil,
    website: String? = nil,
    email: String? = nil,
    email_verified: Bool? = nil,
    gender: String? = nil,
    birthdate: String? = nil,
    zoneinfo: String? = nil,
    locale: String? = nil,
    phone_number: String? = nil,
    phone_number_verified: Bool? = nil,
    address: AddressClaim? = nil,
    updated_at: Date? = nil
)

ID Token

iss
Issuer Identifier for the Issuer of the response. The iss value is a case sensitive URL using the https scheme that contains scheme, host, and optionally, port number and path components and no query or fragment components.
Declaration
Swift

public var iss: String
sub
Subject Identifier. A locally unique and never reassigned identifier within the Issuer for the End-User, which is intended to be consumed by the Client, e.g., 24400320 or AItOawmwtWwcT0k51BayewNvutrJUqsvl6qs7A4. It MUST NOT exceed 255 ASCII characters in length. The sub value is case sensitive.
Declaration
Swift

public var sub: String
aud
Audience(s) that this ID Token is intended for. It MUST contain the OAuth 2.0 client_id of the Relying Party as an audience value. It MAY also contain identifiers for other audiences.
Declaration
Swift

public var aud: [String]
exp
Expiration time on or after which the ID Token MUST NOT be accepted for processing. The processing of this parameter requires that the current date/time MUST be before the expiration date/time listed in the value. Implementers MAY provide for some small leeway, usually no more than a few minutes, to account for clock skew.
Declaration
Swift

public var exp: Date
iat
Time at which the JWT was issued.
Declaration
Swift

public var iat: Date
auth_time
Time when the End-User authentication occurred.
Declaration
Swift

public var auth_time: Date?
nonce
String value used to associate a Client session with an ID Token, and to mitigate replay attacks. The value is passed through unmodified from the Authentication Request to the ID Token. If present in the ID Token, Clients MUST verify that the nonce Claim Value is equal to the value of the nonce parameter sent in the Authentication Request. If present in the Authentication Request, Authorization Servers MUST include a nonce Claim in the ID Token with the Claim Value being the nonce value sent in the Authentication Request. Authorization Servers SHOULD perform no other processing on nonce values used.
Declaration
Swift

public var nonce: String?
acr
Authentication Context Class Reference. String specifying an Authentication Context Class Reference value that identifies the Authentication Context Class that the authentication performed satisfied. The value 0 indicates the End-User authentication did not meet the requirements of ISO/IEC 29115 level 1. Authentications with level 0 SHOULD NOT be used to authorize access to any resource of any monetary value. Parties using this claim will need to agree upon the meanings of the values used, which may be context-specific.
Declaration
Swift

public var acr: String?
amr
Authentication Methods References. JSON array of strings that are identifiers for authentication methods used in the authentication. For instance, values might indicate that both password and OTP authentication methods were used. Parties using this claim will need to agree upon the meanings of the values used, which may be context-specific.
Declaration
Swift

public var amr: [String]?
azp
Authorized party - the party to which the ID Token was issued. If present, it MUST contain the OAuth 2.0 Client ID of this party. This Claim is only needed when the ID Token has a single audience value and that audience is different than the authorized party. It MAY be included even when the authorized party is the same as the sole audience.
Declaration
Swift

public var azp: String?

Standard Claims

name
End-User’s full name in displayable form including all name parts, possibly including titles and suffixes, ordered according to the End-User’s locale and preferences.
Declaration
Swift

public var name: String?
given_name
Given name(s) or first name(s) of the End-User. Note that in some cultures, people can have multiple given names; all can be present, with the names being separated by space characters.
Declaration
Swift

public var given_name: String?
family_name
Surname(s) or last name(s) of the End-User. Note that in some cultures, people can have multiple family names or no family name; all can be present, with the names being separated by space characters.
Declaration
Swift

public var family_name: String?
middle_name
Middle name(s) of the End-User. Note that in some cultures, people can have multiple middle names; all can be present, with the names being separated by space characters. Also note that in some cultures, middle names are not used.
Declaration
Swift

public var middle_name: String?
nickname
Casual name of the End-User that may or may not be the same as the given_name. For instance, a nickname value of Mike might be returned alongside a given_name value of Michael.
Declaration
Swift

public var nickname: String?
preferred_username
Shorthand name by which the End-User wishes to be referred to at the RP, such as janedoe or j.doe. This value MAY be any valid JSON string including special characters such as @, /, or whitespace.
Declaration
Swift

public var preferred_username: String?
profile
URL of the End-User’s profile page. The contents of this Web page SHOULD be about the End-User.
Declaration
Swift

public var profile: String?
picture
URL of the End-User’s profile picture. This URL MUST refer to an image file (for example, a PNG, JPEG, or GIF image file), rather than to a Web page containing an image. Note that this URL SHOULD specifically reference a profile photo of the End-User suitable for displaying when describing the End-User, rather than an arbitrary photo taken by the End-User.
Declaration
Swift

public var picture: String?
website
URL of the End-User’s Web page or blog. This Web page SHOULD contain information published by the End-User or an organization that the End-User is affiliated with.
Declaration
Swift

public var website: String?
email
End-User’s preferred e-mail address.
Declaration
Swift

public var email: String?
email_verified
True if the End-User’s e-mail address has been verified; otherwise false. When this Claim Value is true, this means that the OP took affirmative steps to ensure that this e-mail address was controlled by the End-User at the time the verification was performed. The means by which an e-mail address is verified is context-specific, and dependent upon the trust framework or contractual agreements within which the parties are operating.
Declaration
Swift

public var email_verified: Bool?
gender
End-User’s gender. Values defined by this specification are female and male. Other values MAY be used when neither of the defined values are applicable.
Declaration
Swift

public var gender: String?
birthdate
End-User’s birthday, represented as an ISO 8601:2004 YYYY-MM-DD format. The year MAY be 0000, indicating that it is omitted. To represent only the year, YYYY format is allowed.
Declaration
Swift

public var birthdate: String?
zoneinfo
String from zoneinfo time zone database representing the End-User’s time zone. For example, Europe/Paris or America/Los_Angeles.
Declaration
Swift

public var zoneinfo: String?
locale
End-User’s locale, represented as a BCP47 language tag. This is typically an ISO 639-1 Alpha-2 language code in lowercase and an ISO 3166-1 Alpha-2 country code in uppercase, separated by a dash. For example, en-US or fr-CA. As a compatibility note, some implementations have used an underscore as the separator rather than a dash, for example, en_US; Relying Parties MAY choose to accept this locale syntax as well.
Declaration
Swift

public var locale: String?
phone_number
End-User’s preferred telephone number. E.164 is RECOMMENDED as the format of this Claim, for example, +1 (425) 555-1212 or +56 (2) 687 2400.
Declaration
Swift

public var phone_number: String?
phone_number_verified
True if the End-User’s phone number has been verified; otherwise false. When this Claim Value is true, this means that the OP took affirmative steps to ensure that this phone number was controlled by the End-User at the time the verification was performed. The means by which a phone number is verified is context-specific, and dependent upon the trust framework or contractual agreements within which the parties are operating. When true, the phone_number Claim MUST be in E.164 format and any extensions MUST be represented in RFC 3966 format.
Declaration
Swift

public var phone_number_verified: Bool?
address
End-User’s preferred postal address.
Declaration
Swift

public var address: AddressClaim?
updated_at
Time the End-User’s information was last updated.
Declaration
Swift

public var updated_at: Date?