Package net.shibboleth.oidc.profile.oauth2.config.impl

Class AbstractOAuth2ClientAuthenticableProfileConfiguration

    • Constructor Detail

      • AbstractOAuth2ClientAuthenticableProfileConfiguration

        protected AbstractOAuth2ClientAuthenticableProfileConfiguration​(@Nonnull @NotEmpty
                                                                String profileId)
        Constructor.
        Parameters:
        profileId - Unique profile identifier

    • Method Detail

      • setTokenEndpointAuthMethods

        public void setTokenEndpointAuthMethods​(@Nonnull @NonnullElements
                                        Collection<String> methods)
        Set the enabled token endpoint authentication methods.
        Parameters:
        methods - What to set.

      • setTokenEndpointAuthMethodsLookupStrategy

        public void setTokenEndpointAuthMethodsLookupStrategy​(@Nonnull
                                                      Function<ProfileRequestContext,​Set<String>> strategy)
        Set a lookup strategy for the enabled token endpoint authentication methods.
        Parameters:
        strategy - lookup strategy

      • setTokenEndpointAuthMethod

        public void setTokenEndpointAuthMethod​(@Nonnull @NonnullElements
                                       String method)
        Set the enabled token endpoint authentication method to use with an upstream OpenID Provider.
        Parameters:
        method - the token endpoint authentication method to set.
        Since:
        2.2.0

      • setTokenEndpointAuthMethodLookupStrategy

        public void setTokenEndpointAuthMethodLookupStrategy​(@Nonnull
                                                     Function<ProfileRequestContext,​String> strategy)
        Set a lookup strategy to find the enabled token endpoint authentication method to use with an upstream OpenID Provider.
        Parameters:
        strategy - lookup strategy
        Since:
        2.2.0

      • setClaimsValidator

        public void setClaimsValidator​(@Nullable
                               ClaimsValidator validator)
        Set the ClaimsValidator to apply to JWT-based client authentication.
        Parameters:
        validator - validator to use
        Since:
        3.1.0

      • setClaimsValidatorLookupStrategy

        public void setClaimsValidatorLookupStrategy​(@Nonnull
                                             Function<ProfileRequestContext,​ClaimsValidator> strategy)
        Set a lookup strategy for the ClaimsValidator to apply to JWT-based client authentication.
        Parameters:
        strategy - lookup strategy
        Since:
        3.1.0

      • isForceAuthn

        public boolean isForceAuthn​(@Nullable
                            ProfileRequestContext profileRequestContext)
        Specified by:
        isForceAuthn in interface net.shibboleth.idp.authn.config.AuthenticationProfileConfiguration

      • setForceAuthn

        public void setForceAuthn​(boolean flag)
        Set whether a fresh user presence proof should be required for this request.
        Parameters:
        flag - flag to set

      • setForceAuthnPredicate

        public void setForceAuthnPredicate​(@Nonnull
                                   Predicate<ProfileRequestContext> condition)
        Set a condition to determine whether a fresh user presence proof should be required for this request.
        Parameters:
        condition - condition to set

      • getProxyCount

        @Nullable
public Integer getProxyCount​(@Nullable
                             ProfileRequestContext profileRequestContext)
        Specified by:
        getProxyCount in interface net.shibboleth.idp.authn.config.AuthenticationProfileConfiguration

      • setProxyCount

        public void setProxyCount​(@Nullable @NonNegative
                          Integer count)
        Sets the maximum number of times an assertion may be proxied outbound and/or the maximum number of hops between the relying party and a proxied authentication authority inbound.
        Parameters:
        count - proxy count

      • setProxyCountLookupStrategy

        public void setProxyCountLookupStrategy​(@Nonnull
                                        Function<ProfileRequestContext,​Integer> strategy)
        Set a lookup strategy for the maximum number of times an assertion may be proxied outbound and/or the maximum number of hops between the relying party and a proxied authentication authority inbound.
        Parameters:
        strategy - lookup strategy

      • setAuthenticationFlows

        public void setAuthenticationFlows​(@Nullable @NonnullElements
                                   Collection<String> flows)
        Set the authentication flows to use.
        Parameters:
        flows - flow identifiers to use

      • setAuthenticationFlowsLookupStrategy

        public void setAuthenticationFlowsLookupStrategy​(@Nonnull
                                                 Function<ProfileRequestContext,​Set<String>> strategy)
        Set a lookup strategy for the authentication flows to use.
        Parameters:
        strategy - lookup strategy

      • setPostAuthenticationFlows

        public void setPostAuthenticationFlows​(@Nullable @NonnullElements
                                       Collection<String> flows)
        Set the ordered collection of post-authentication interceptor flows to enable.
        Parameters:
        flows - flow identifiers to enable

      • setPostAuthenticationFlowsLookupStrategy

        public void setPostAuthenticationFlowsLookupStrategy​(@Nonnull
                                                     Function<ProfileRequestContext,​Collection<String>> strategy)
        Set a lookup strategy for the post-authentication interceptor flows to enable.
        Parameters:
        strategy - lookup strategy

      • setClientCredentialLookupStrategy

        public void setClientCredentialLookupStrategy​(@Nonnull
                                              Function<ProfileRequestContext,​ClientSecretCredential> strategy)
        Set the client credential lookup strategy.
        Parameters:
        strategy - the strategy to use
        Since:
        2.2.0

      • setClientCredential

        public void setClientCredential​(@Nullable
                                ClientSecretCredential clientCredential)
        Set a fixed client credential to use no matter what the context/request.
        Parameters:
        clientCredential - the static client credential to use
        Since:
        2.2.0

      • setClientIdLookupStrategy

        public void setClientIdLookupStrategy​(@Nonnull
                                      Function<ProfileRequestContext,​String> strategy)
        Set the strategy to locate a client_id.
        Parameters:
        strategy - the strategy to use
        Since:
        2.2.0

      • setClientId

        public void setClientId​(@Nullable
                        String clientId)
        Set a fixed client_id to use no matter what the context/request.
        Parameters:
        clientId - the static clientId to use
        Since:
        2.2.0