ClaimsOpenID

public class ClaimsOpenID: Claims

A class representing OpenID related claims as decsribed in OpenID specs.

  • iss

    Issuer Identifier for the Issuer of the response. The iss value is a case sensitive URL using the https scheme that contains scheme, host, and optionally, port number and path components and no query or fragment components.

    Declaration

    Swift

    public var iss: String
  • sub

    Subject Identifier. A locally unique and never reassigned identifier within the Issuer for the End-User, which is intended to be consumed by the Client, e.g., 24400320 or AItOawmwtWwcT0k51BayewNvutrJUqsvl6qs7A4. It MUST NOT exceed 255 ASCII characters in length. The sub value is case sensitive.

    Declaration

    Swift

    public var sub: String
  • aud

    Audience(s) that this ID Token is intended for. It MUST contain the OAuth 2.0 client_id of the Relying Party as an audience value. It MAY also contain identifiers for other audiences.

    Declaration

    Swift

    public var aud: [String]
  • exp

    Expiration time on or after which the ID Token MUST NOT be accepted for processing. The processing of this parameter requires that the current date/time MUST be before the expiration date/time listed in the value. Implementers MAY provide for some small leeway, usually no more than a few minutes, to account for clock skew.

    Declaration

    Swift

    public var exp: Date
  • iat

    Time at which the JWT was issued.

    Declaration

    Swift

    public var iat: Date
  • Time when the End-User authentication occurred.

    Declaration

    Swift

    public var auth_time: Date?
  • String value used to associate a Client session with an ID Token, and to mitigate replay attacks. The value is passed through unmodified from the Authentication Request to the ID Token. If present in the ID Token, Clients MUST verify that the nonce Claim Value is equal to the value of the nonce parameter sent in the Authentication Request. If present in the Authentication Request, Authorization Servers MUST include a nonce Claim in the ID Token with the Claim Value being the nonce value sent in the Authentication Request. Authorization Servers SHOULD perform no other processing on nonce values used.

    Declaration

    Swift

    public var nonce: String?
  • acr

    Authentication Context Class Reference. String specifying an Authentication Context Class Reference value that identifies the Authentication Context Class that the authentication performed satisfied. The value 0 indicates the End-User authentication did not meet the requirements of ISO/IEC 29115 level 1. Authentications with level 0 SHOULD NOT be used to authorize access to any resource of any monetary value. Parties using this claim will need to agree upon the meanings of the values used, which may be context-specific.

    Declaration

    Swift

    public var acr: String?
  • amr

    Authentication Methods References. JSON array of strings that are identifiers for authentication methods used in the authentication. For instance, values might indicate that both password and OTP authentication methods were used. Parties using this claim will need to agree upon the meanings of the values used, which may be context-specific.

    Declaration

    Swift

    public var amr: [String]?
  • azp

    Authorized party - the party to which the ID Token was issued. If present, it MUST contain the OAuth 2.0 Client ID of this party. This Claim is only needed when the ID Token has a single audience value and that audience is different than the authorized party. It MAY be included even when the authorized party is the same as the sole audience.

    Declaration

    Swift

    public var azp: String?
  • End-User’s full name in displayable form including all name parts, possibly including titles and suffixes, ordered according to the End-User’s locale and preferences.

    Declaration

    Swift

    public var name: String?
  • Given name(s) or first name(s) of the End-User. Note that in some cultures, people can have multiple given names; all can be present, with the names being separated by space characters.

    Declaration

    Swift

    public var given_name: String?
  • Surname(s) or last name(s) of the End-User. Note that in some cultures, people can have multiple family names or no family name; all can be present, with the names being separated by space characters.

    Declaration

    Swift

    public var family_name: String?
  • Middle name(s) of the End-User. Note that in some cultures, people can have multiple middle names; all can be present, with the names being separated by space characters. Also note that in some cultures, middle names are not used.

    Declaration

    Swift

    public var middle_name: String?
  • Casual name of the End-User that may or may not be the same as the given_name. For instance, a nickname value of Mike might be returned alongside a given_name value of Michael.

    Declaration

    Swift

    public var nickname: String?
  • Shorthand name by which the End-User wishes to be referred to at the RP, such as janedoe or j.doe. This value MAY be any valid JSON string including special characters such as @, /, or whitespace.

    Declaration

    Swift

    public var preferred_username: String?
  • URL of the End-User’s profile page. The contents of this Web page SHOULD be about the End-User.

    Declaration

    Swift

    public var profile: String?
  • URL of the End-User’s profile picture. This URL MUST refer to an image file (for example, a PNG, JPEG, or GIF image file), rather than to a Web page containing an image. Note that this URL SHOULD specifically reference a profile photo of the End-User suitable for displaying when describing the End-User, rather than an arbitrary photo taken by the End-User.

    Declaration

    Swift

    public var picture: String?
  • URL of the End-User’s Web page or blog. This Web page SHOULD contain information published by the End-User or an organization that the End-User is affiliated with.

    Declaration

    Swift

    public var website: String?
  • End-User’s preferred e-mail address.

    Declaration

    Swift

    public var email: String?
  • True if the End-User’s e-mail address has been verified; otherwise false. When this Claim Value is true, this means that the OP took affirmative steps to ensure that this e-mail address was controlled by the End-User at the time the verification was performed. The means by which an e-mail address is verified is context-specific, and dependent upon the trust framework or contractual agreements within which the parties are operating.

    Declaration

    Swift

    public var email_verified: Bool?
  • End-User’s gender. Values defined by this specification are female and male. Other values MAY be used when neither of the defined values are applicable.

    Declaration

    Swift

    public var gender: String?
  • End-User’s birthday, represented as an ISO 8601:2004 YYYY-MM-DD format. The year MAY be 0000, indicating that it is omitted. To represent only the year, YYYY format is allowed.

    Declaration

    Swift

    public var birthdate: String?
  • String from zoneinfo time zone database representing the End-User’s time zone. For example, Europe/Paris or America/Los_Angeles.

    Declaration

    Swift

    public var zoneinfo: String?
  • End-User’s locale, represented as a BCP47 language tag. This is typically an ISO 639-1 Alpha-2 language code in lowercase and an ISO 3166-1 Alpha-2 country code in uppercase, separated by a dash. For example, en-US or fr-CA. As a compatibility note, some implementations have used an underscore as the separator rather than a dash, for example, en_US; Relying Parties MAY choose to accept this locale syntax as well.

    Declaration

    Swift

    public var locale: String?
  • End-User’s preferred telephone number. E.164 is RECOMMENDED as the format of this Claim, for example, +1 (425) 555-1212 or +56 (2) 687 2400.

    Declaration

    Swift

    public var phone_number: String?
  • True if the End-User’s phone number has been verified; otherwise false. When this Claim Value is true, this means that the OP took affirmative steps to ensure that this phone number was controlled by the End-User at the time the verification was performed. The means by which a phone number is verified is context-specific, and dependent upon the trust framework or contractual agreements within which the parties are operating. When true, the phone_number Claim MUST be in E.164 format and any extensions MUST be represented in RFC 3966 format.

    Declaration

    Swift

    public var phone_number_verified: Bool?
  • End-User’s preferred postal address.

    Declaration

    Swift

    public var address: AddressClaim?
  • Time the End-User’s information was last updated.

    Declaration

    Swift

    public var updated_at: Date?