001/******************************************************************************* 002 * Copyright 2017 The MIT Internet Trust Consortium 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 *******************************************************************************/ 016 017package org.mitre.openid.connect.client; 018 019import java.util.Collection; 020 021import org.mitre.openid.connect.model.UserInfo; 022import org.springframework.security.core.GrantedAuthority; 023 024import com.nimbusds.jwt.JWT; 025 026/** 027 * @author jricher 028 * 029 */ 030public interface OIDCAuthoritiesMapper { 031 032 /** 033 * @param idToken the ID Token (parsed as a JWT, cannot be @null) 034 * @param userInfo userInfo of the current user (could be @null) 035 * @return the set of authorities to map to this user 036 */ 037 Collection<? extends GrantedAuthority> mapAuthorities(JWT idToken, UserInfo userInfo); 038 039}