Class DefaultOAuth2TokenAudienceConfiguration
- java.lang.Object
-
- net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
-
- net.shibboleth.utilities.java.support.component.AbstractIdentifiedInitializableComponent
-
- net.shibboleth.utilities.java.support.component.AbstractIdentifiableInitializableComponent
-
- net.shibboleth.idp.profile.config.AbstractProfileConfiguration
-
- net.shibboleth.idp.profile.config.AbstractConditionalProfileConfiguration
-
- net.shibboleth.oidc.profile.oauth2.config.impl.DefaultOAuth2TokenAudienceConfiguration
-
- All Implemented Interfaces:
net.shibboleth.idp.profile.config.AttributeResolvingProfileConfiguration,net.shibboleth.idp.profile.config.ConditionalProfileConfiguration,net.shibboleth.idp.profile.config.OverriddenIssuerProfileConfiguration,net.shibboleth.idp.profile.config.ProfileConfiguration,OIDCProfileConfiguration,OAuth2AccessTokenProducingProfileConfiguration,OAuth2ProfileConfiguration,OAuth2TokenAudienceConfiguration,OAuth2TokenEncryptionProfileConfiguration,Component,DestructableComponent,IdentifiableComponent,IdentifiedComponent,InitializableComponent
public class DefaultOAuth2TokenAudienceConfiguration extends net.shibboleth.idp.profile.config.AbstractConditionalProfileConfiguration implements OAuth2TokenAudienceConfiguration
Implementation of an OAuth 2.0 token "audience" profile configuration.
-
-
Field Summary
Fields Modifier and Type Field Description private Function<ProfileRequestContext,BiFunction<ProfileRequestContext,Map<String,Object>,Map<String,Object>>>accessTokenClaimsSetManipulationStrategyLookupStrategyLookup function to supply strategy bi-function for manipulating access token claims set.private Function<ProfileRequestContext,Duration>accessTokenLifetimeLookupStrategyLookup function to supply access token lifetime.private Function<ProfileRequestContext,String>accessTokenTypeLookupStrategyLookup functioon to supply access token type.private Predicate<ProfileRequestContext>encryptionOptionalPredicateWhether encryption is optional in the face of no key, etc.private Function<ProfileRequestContext,String>issuerLookupStrategyLookup function to override issuer value.private Predicate<ProfileRequestContext>resolveAttributesPredicateWhether attributes should be resolved in the course of the profile.-
Fields inherited from class net.shibboleth.idp.profile.config.AbstractProfileConfiguration
DEFAULT_DISALLOWED_FEATURES
-
Fields inherited from interface net.shibboleth.oidc.profile.oauth2.config.OAuth2TokenAudienceConfiguration
PROFILE_ID, PROTOCOL_URI
-
-
Constructor Summary
Constructors Constructor Description DefaultOAuth2TokenAudienceConfiguration()Constructor.DefaultOAuth2TokenAudienceConfiguration(String profileId)Creates a new configuration instance.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description BiFunction<ProfileRequestContext,Map<String,Object>,Map<String,Object>>getAccessTokenClaimsSetManipulationStrategy(ProfileRequestContext profileRequestContext)DurationgetAccessTokenLifetime(ProfileRequestContext profileRequestContext)Get access token lifetime.StringgetAccessTokenType(ProfileRequestContext profileRequestContext)Get access token type.StringgetIssuer(ProfileRequestContext profileRequestContext)booleanisEncryptionOptional(ProfileRequestContext profileRequestContext)Get whether encryption is optional in the face of a missing key, etc.booleanisResolveAttributes(ProfileRequestContext profileRequestContext)voidsetAccessTokenClaimsSetManipulationStrategy(BiFunction<ProfileRequestContext,Map<String,Object>,Map<String,Object>> strategy)Set the bi-function for manipulating access token claims set.voidsetAccessTokenClaimsSetManipulationStrategyLookupStrategy(Function<ProfileRequestContext,BiFunction<ProfileRequestContext,Map<String,Object>,Map<String,Object>>> strategy)Set a lookup strategy for the bi-function for manipulating access token claims set.voidsetAccessTokenLifetime(Duration lifetime)Set the lifetime of an access token.voidsetAccessTokenLifetimeLookupStrategy(Function<ProfileRequestContext,Duration> strategy)Set a lookup strategy for the access token lifetime.voidsetAccessTokenType(String type)Set access token type.voidsetAccessTokenTypeLookupStrategy(Function<ProfileRequestContext,String> strategy)Set lookup strategy for access token type.voidsetEncryptionOptional(boolean flag)Set whether encryption is optional in the face of a missing key, etc.voidsetEncryptionOptionalPredicate(Predicate<ProfileRequestContext> condition)Set a condition to determine whether encryption is optional in the face of a missing key, etc.voidsetIssuer(String issuer)Set overridden issuer value.voidsetIssuerLookupStrategy(Function<ProfileRequestContext,String> strategy)Sets lookup strategy for overridden issuer value.voidsetResolveAttributes(boolean flag)Set whether attributes should be resolved during the profile.voidsetResolveAttributesPredicate(Predicate<ProfileRequestContext> condition)Set a condition to determine whether attributes should be resolved during the profile.-
Methods inherited from class net.shibboleth.idp.profile.config.AbstractConditionalProfileConfiguration
getActivationCondition, setActivationCondition
-
Methods inherited from class net.shibboleth.idp.profile.config.AbstractProfileConfiguration
equals, getDisallowedFeatures, getInboundInterceptorFlows, getOutboundInterceptorFlows, getSecurityConfiguration, hashCode, isFeatureDisallowed, setDisallowedFeatures, setDisallowedFeaturesLookupStrategy, setInboundFlowsLookupStrategy, setInboundInterceptorFlows, setInboundInterceptorFlowsLookupStrategy, setOutboundFlowsLookupStrategy, setOutboundInterceptorFlows, setOutboundInterceptorFlowsLookupStrategy, setSecurityConfiguration, setSecurityConfigurationLookupStrategy
-
Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractIdentifiableInitializableComponent
setId
-
Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractIdentifiedInitializableComponent
doInitialize, getId
-
Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, initialize, isDestroyed, isInitialized
-
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface net.shibboleth.idp.profile.config.ConditionalProfileConfiguration
getActivationCondition
-
Methods inherited from interface net.shibboleth.utilities.java.support.component.IdentifiedComponent
getId
-
-
-
-
Field Detail
-
issuerLookupStrategy
@Nonnull private Function<ProfileRequestContext,String> issuerLookupStrategy
Lookup function to override issuer value.
-
resolveAttributesPredicate
@Nonnull private Predicate<ProfileRequestContext> resolveAttributesPredicate
Whether attributes should be resolved in the course of the profile.
-
encryptionOptionalPredicate
@Nonnull private Predicate<ProfileRequestContext> encryptionOptionalPredicate
Whether encryption is optional in the face of no key, etc.
-
accessTokenTypeLookupStrategy
@Nonnull private Function<ProfileRequestContext,String> accessTokenTypeLookupStrategy
Lookup functioon to supply access token type.
-
accessTokenLifetimeLookupStrategy
@Nonnull private Function<ProfileRequestContext,Duration> accessTokenLifetimeLookupStrategy
Lookup function to supply access token lifetime.
-
accessTokenClaimsSetManipulationStrategyLookupStrategy
@Nonnull private Function<ProfileRequestContext,BiFunction<ProfileRequestContext,Map<String,Object>,Map<String,Object>>> accessTokenClaimsSetManipulationStrategyLookupStrategy
Lookup function to supply strategy bi-function for manipulating access token claims set.
-
-
Method Detail
-
getIssuer
@Nullable @NotEmpty public String getIssuer(@Nullable ProfileRequestContext profileRequestContext)
- Specified by:
getIssuerin interfacenet.shibboleth.idp.profile.config.OverriddenIssuerProfileConfiguration
-
setIssuer
public void setIssuer(@Nullable @NotEmpty String issuer)
Set overridden issuer value.- Parameters:
issuer- issuer value
-
setIssuerLookupStrategy
public void setIssuerLookupStrategy(@Nonnull Function<ProfileRequestContext,String> strategy)Sets lookup strategy for overridden issuer value.- Parameters:
strategy- lookup strategy
-
isResolveAttributes
public boolean isResolveAttributes(@Nullable ProfileRequestContext profileRequestContext)- Specified by:
isResolveAttributesin interfacenet.shibboleth.idp.profile.config.AttributeResolvingProfileConfiguration
-
setResolveAttributes
public void setResolveAttributes(boolean flag)
Set whether attributes should be resolved during the profile.- Parameters:
flag- flag to set
-
setResolveAttributesPredicate
public void setResolveAttributesPredicate(@Nonnull Predicate<ProfileRequestContext> condition)Set a condition to determine whether attributes should be resolved during the profile.- Parameters:
condition- condition to set
-
isEncryptionOptional
public boolean isEncryptionOptional(@Nullable ProfileRequestContext profileRequestContext)Get whether encryption is optional in the face of a missing key, etc.- Specified by:
isEncryptionOptionalin interfaceOAuth2TokenEncryptionProfileConfiguration- Parameters:
profileRequestContext- current profile request context- Returns:
- true iff encryption is optional
-
setEncryptionOptional
public void setEncryptionOptional(boolean flag)
Set whether encryption is optional in the face of a missing key, etc.- Parameters:
flag- flag to set
-
setEncryptionOptionalPredicate
public void setEncryptionOptionalPredicate(@Nonnull Predicate<ProfileRequestContext> condition)Set a condition to determine whether encryption is optional in the face of a missing key, etc.- Parameters:
condition- condition to set
-
getAccessTokenType
@Nullable @NotEmpty public String getAccessTokenType(@Nullable ProfileRequestContext profileRequestContext)
Get access token type.- Specified by:
getAccessTokenTypein interfaceOAuth2AccessTokenProducingProfileConfiguration- Parameters:
profileRequestContext- profile request context- Returns:
- access token type, or null for unspecified/opaque
-
setAccessTokenType
public void setAccessTokenType(@Nullable @NotEmpty String type)
Set access token type.- Parameters:
type- token type, or null for unspecified/opaque
-
setAccessTokenTypeLookupStrategy
public void setAccessTokenTypeLookupStrategy(@Nonnull Function<ProfileRequestContext,String> strategy)Set lookup strategy for access token type.- Parameters:
strategy- lookup strategy
-
getAccessTokenLifetime
@Positive @Nonnull public Duration getAccessTokenLifetime(@Nullable ProfileRequestContext profileRequestContext)
Get access token lifetime.Defaults to 10 minutes.
- Specified by:
getAccessTokenLifetimein interfaceOAuth2AccessTokenProducingProfileConfiguration- Parameters:
profileRequestContext- profile request context- Returns:
- access token lifetime
-
setAccessTokenLifetime
public void setAccessTokenLifetime(@Positive @Nonnull Duration lifetime)
Set the lifetime of an access token.- Parameters:
lifetime- lifetime of an access token in milliseconds
-
setAccessTokenLifetimeLookupStrategy
public void setAccessTokenLifetimeLookupStrategy(@Nullable Function<ProfileRequestContext,Duration> strategy)Set a lookup strategy for the access token lifetime.- Parameters:
strategy- lookup strategy
-
getAccessTokenClaimsSetManipulationStrategy
@Nonnull public BiFunction<ProfileRequestContext,Map<String,Object>,Map<String,Object>> getAccessTokenClaimsSetManipulationStrategy(@Nullable ProfileRequestContext profileRequestContext)
- Specified by:
getAccessTokenClaimsSetManipulationStrategyin interfaceOAuth2AccessTokenProducingProfileConfiguration
-
setAccessTokenClaimsSetManipulationStrategy
public void setAccessTokenClaimsSetManipulationStrategy(@Nullable BiFunction<ProfileRequestContext,Map<String,Object>,Map<String,Object>> strategy)Set the bi-function for manipulating access token claims set.- Parameters:
strategy- bi-function for manipulating access token claims set- Since:
- 2.2.0
-
setAccessTokenClaimsSetManipulationStrategyLookupStrategy
public void setAccessTokenClaimsSetManipulationStrategyLookupStrategy(@Nonnull Function<ProfileRequestContext,BiFunction<ProfileRequestContext,Map<String,Object>,Map<String,Object>>> strategy)Set a lookup strategy for the bi-function for manipulating access token claims set.- Parameters:
strategy- lookup strategy- Since:
- 2.2.0
-
-