com.aspc.cms.rest.plugin.oidc

Class OidcApiParams

java.lang.Object

com.aspc.cms.rest.plugin.oidc.OidcApiParams

public final class OidcApiParams
extends java.lang.Object

Centralised constants for all OIDC API parameter names and standard values.

This class provides a single source of truth for parameter names used across the OIDC REST endpoints (callback, token, refresh, logout) and the Cognito token exchange. Using constants instead of hardcoded strings prevents typos, enables IDE navigation, and simplifies refactoring.

Naming conventions

• PARAM_* — request parameter names (query strings, form bodies)
• FIELD_* — JSON response field names
• GRANT_TYPE_* — OAuth2 grant type values
• TOKEN_TYPE_* — token type values
• ERROR_* — application-defined error codes and messages

Author:

Claude

See Also:

OidcCallbackV1, OidcTokenV1, OidcRefreshV1, OidcLogoutV1, OidcTokenExchange

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	ERROR_MISSING_CODE Error code returned when the authorisation code is missing from the callback.
static java.lang.String	ERROR_NOT_AUTHENTICATED Error code returned when no valid authentication is present.
static java.lang.String	ERROR_REFRESH_FAILED Error code returned when a token refresh attempt fails.
static java.lang.String	ERROR_SESSION_EXPIRED_MESSAGE Human-readable message for session expiry errors.
static java.lang.String	FIELD_ACCESS_TOKEN Access token field in token responses.
static java.lang.String	FIELD_COGNITO_LOGOUT_URL Cognito logout URL field in logout responses.
static java.lang.String	FIELD_ERROR Error code field in error responses.
static java.lang.String	FIELD_ERROR_DESCRIPTION Error description field in error responses.
static java.lang.String	FIELD_EXPIRES_IN Token expiry field in token responses (seconds).
static java.lang.String	FIELD_ID_TOKEN ID token field in token responses.
static java.lang.String	FIELD_LOGGED_OUT Logged-out indicator field in logout responses.
static java.lang.String	FIELD_MESSAGE Human-readable message field in error responses.
static java.lang.String	FIELD_REFRESH_TOKEN Refresh token field in Cognito token responses.
static java.lang.String	FIELD_TOKEN_TYPE Token type field in token responses (always "Bearer").
static java.lang.String	GRANT_TYPE_AUTHORIZATION_CODE Grant type value for authorisation code exchange.
static java.lang.String	GRANT_TYPE_REFRESH_TOKEN Grant type value for refresh token exchange.
static java.lang.String	PARAM_CLIENT_ID Client ID parameter for token exchange and logout requests.
static java.lang.String	PARAM_CLIENT_SECRET Client secret parameter for token exchange requests.
static java.lang.String	PARAM_CODE Authorisation code parameter from Cognito callback.
static java.lang.String	PARAM_ERROR Error code parameter from Cognito callback.
static java.lang.String	PARAM_ERROR_DESCRIPTION Error description parameter from Cognito callback.
static java.lang.String	PARAM_GRANT_TYPE Grant type parameter for token exchange requests.
static java.lang.String	PARAM_LOGOUT_URI Logout URI parameter for Cognito logout URL.
static java.lang.String	PARAM_REDIRECT_URI Redirect URI parameter for authorisation code exchange.
static java.lang.String	PARAM_REFRESH_TOKEN Refresh token parameter for token refresh requests.
static java.lang.String	PARAM_STATE State parameter for CSRF/PKCE protection.
static java.lang.String	TOKEN_TYPE_BEARER Bearer token type — the standard OAuth2 token type.

Method Summary

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

PARAM_CODE

public static final java.lang.String PARAM_CODE

Authorisation code parameter from Cognito callback.

See Also:

Constant Field Values

PARAM_ERROR

public static final java.lang.String PARAM_ERROR

Error code parameter from Cognito callback.

See Also:

Constant Field Values

PARAM_ERROR_DESCRIPTION

public static final java.lang.String PARAM_ERROR_DESCRIPTION

Error description parameter from Cognito callback.

See Also:

Constant Field Values

PARAM_STATE

public static final java.lang.String PARAM_STATE

State parameter for CSRF/PKCE protection.

See Also:

Constant Field Values

PARAM_GRANT_TYPE

public static final java.lang.String PARAM_GRANT_TYPE

Grant type parameter for token exchange requests.

See Also:

Constant Field Values

PARAM_CLIENT_ID

public static final java.lang.String PARAM_CLIENT_ID

Client ID parameter for token exchange and logout requests.

See Also:

Constant Field Values

PARAM_CLIENT_SECRET

public static final java.lang.String PARAM_CLIENT_SECRET

Client secret parameter for token exchange requests.

See Also:

Constant Field Values

PARAM_REDIRECT_URI

public static final java.lang.String PARAM_REDIRECT_URI

Redirect URI parameter for authorisation code exchange.

See Also:

Constant Field Values

PARAM_REFRESH_TOKEN

public static final java.lang.String PARAM_REFRESH_TOKEN

Refresh token parameter for token refresh requests.

See Also:

Constant Field Values

PARAM_LOGOUT_URI

public static final java.lang.String PARAM_LOGOUT_URI

Logout URI parameter for Cognito logout URL.

See Also:

Constant Field Values

FIELD_ACCESS_TOKEN

public static final java.lang.String FIELD_ACCESS_TOKEN

Access token field in token responses.

See Also:

Constant Field Values

FIELD_ID_TOKEN

public static final java.lang.String FIELD_ID_TOKEN

ID token field in token responses.

See Also:

Constant Field Values

FIELD_TOKEN_TYPE

public static final java.lang.String FIELD_TOKEN_TYPE

Token type field in token responses (always "Bearer").

See Also:

Constant Field Values

FIELD_EXPIRES_IN

public static final java.lang.String FIELD_EXPIRES_IN

Token expiry field in token responses (seconds).

See Also:

Constant Field Values

FIELD_REFRESH_TOKEN

public static final java.lang.String FIELD_REFRESH_TOKEN

Refresh token field in Cognito token responses.

See Also:

Constant Field Values

FIELD_ERROR

public static final java.lang.String FIELD_ERROR

Error code field in error responses.

See Also:

Constant Field Values

FIELD_ERROR_DESCRIPTION

public static final java.lang.String FIELD_ERROR_DESCRIPTION

Error description field in error responses.

See Also:

Constant Field Values

FIELD_MESSAGE

public static final java.lang.String FIELD_MESSAGE

Human-readable message field in error responses.

See Also:

Constant Field Values

FIELD_LOGGED_OUT

public static final java.lang.String FIELD_LOGGED_OUT

Logged-out indicator field in logout responses.

See Also:

Constant Field Values

FIELD_COGNITO_LOGOUT_URL

public static final java.lang.String FIELD_COGNITO_LOGOUT_URL

Cognito logout URL field in logout responses.

See Also:

Constant Field Values

GRANT_TYPE_AUTHORIZATION_CODE

public static final java.lang.String GRANT_TYPE_AUTHORIZATION_CODE

Grant type value for authorisation code exchange.

See Also:

Constant Field Values

GRANT_TYPE_REFRESH_TOKEN

public static final java.lang.String GRANT_TYPE_REFRESH_TOKEN

Grant type value for refresh token exchange.

See Also:

Constant Field Values

TOKEN_TYPE_BEARER

public static final java.lang.String TOKEN_TYPE_BEARER

Bearer token type — the standard OAuth2 token type.

See Also:

Constant Field Values

ERROR_NOT_AUTHENTICATED

public static final java.lang.String ERROR_NOT_AUTHENTICATED

Error code returned when no valid authentication is present.

See Also:

Constant Field Values

ERROR_REFRESH_FAILED

public static final java.lang.String ERROR_REFRESH_FAILED

Error code returned when a token refresh attempt fails.

See Also:

Constant Field Values

ERROR_MISSING_CODE

public static final java.lang.String ERROR_MISSING_CODE

Error code returned when the authorisation code is missing from the callback.

See Also:

Constant Field Values

ERROR_SESSION_EXPIRED_MESSAGE

public static final java.lang.String ERROR_SESSION_EXPIRED_MESSAGE

Human-readable message for session expiry errors.

See Also:

Constant Field Values