Package net.shibboleth.oidc.profile.oauth2.config.impl

Class DefaultOAuth2TokenRevocationConfiguration

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

net.shibboleth.utilities.java.support.component.AbstractIdentifiedInitializableComponent

net.shibboleth.utilities.java.support.component.AbstractIdentifiableInitializableComponent

net.shibboleth.idp.profile.config.AbstractProfileConfiguration

net.shibboleth.idp.profile.config.AbstractConditionalProfileConfiguration

net.shibboleth.oidc.profile.oauth2.config.impl.AbstractOAuth2ClientAuthenticableProfileConfiguration

net.shibboleth.oidc.profile.oauth2.config.impl.AbstractOAuth2TokenValidatingConfiguration

net.shibboleth.oidc.profile.oauth2.config.impl.DefaultOAuth2TokenRevocationConfiguration

All Implemented Interfaces:

net.shibboleth.idp.authn.config.AuthenticationProfileConfiguration, net.shibboleth.idp.profile.config.ConditionalProfileConfiguration, net.shibboleth.idp.profile.config.OverriddenIssuerProfileConfiguration, net.shibboleth.idp.profile.config.ProfileConfiguration, OAuth2ClientAuthenticableClientProfileConfiguration, OAuth2ClientAuthenticableProfileConfiguration, OAuth2ProfileConfiguration, OAuth2TokenRevocationConfiguration, OAuth2TokenValidatingProfileConfiguration, Component, DestructableComponent, IdentifiableComponent, IdentifiedComponent, InitializableComponent

public class DefaultOAuth2TokenRevocationConfiguration
extends AbstractOAuth2TokenValidatingConfiguration
implements OAuth2TokenRevocationConfiguration

Implementation of a profile configuration for OAuth2 Token Revocation.

Nested Class Summary

Nested classes/interfaces inherited from interface net.shibboleth.oidc.profile.oauth2.config.OAuth2TokenRevocationConfiguration

OAuth2TokenRevocationConfiguration.OAuth2TokenRevocationMethod

Field Summary

Fields

Modifier and Type	Field	Description
private Function<ProfileRequestContext,Duration>	revocationLifetimeLookupStrategy	Lookup function to supply revocation lifetime.
private Function<ProfileRequestContext,String>	revocationMethodLookupStrategy	Which revocation method should be used when revoking a token.

Fields inherited from class net.shibboleth.idp.profile.config.AbstractProfileConfiguration

DEFAULT_DISALLOWED_FEATURES

Fields inherited from interface net.shibboleth.oidc.profile.oauth2.config.OAuth2TokenRevocationConfiguration

PROFILE_ID, PROTOCOL_URI

Constructor Summary

Constructors

Constructor	Description
DefaultOAuth2TokenRevocationConfiguration()	Constructor.
DefaultOAuth2TokenRevocationConfiguration(String profileId)	Creates a new configuration instance.

Method Summary

Modifier and Type	Method	Description
Duration	getRevocationLifetime(ProfileRequestContext profileRequestContext)
OAuth2TokenRevocationConfiguration.OAuth2TokenRevocationMethod	getRevocationMethod(ProfileRequestContext profileRequestContext)
void	setRevocationLifetime(Duration lifetime)	Set the lifetime of revocation.
void	setRevocationLifetimeLookupStrategy(Function<ProfileRequestContext,Duration> strategy)	Set a lookup strategy for the revocation lifetime.
void	setRevocationMethod(OAuth2TokenRevocationConfiguration.OAuth2TokenRevocationMethod method)	Set which revocation method should be used when revoking a token.
void	setRevocationMethodLookupStrategy(Function<ProfileRequestContext,String> strategy)	Set strategy for looking up which revocation method should be used when revoking a token.

Methods inherited from class net.shibboleth.oidc.profile.oauth2.config.impl.AbstractOAuth2TokenValidatingConfiguration

getIssuedClaimsValidator, getIssuer, setIssuedClaimsValidator, setIssuedClaimsValidatorLookupStrategy, setIssuer, setIssuerLookupStrategy

Methods inherited from class net.shibboleth.oidc.profile.oauth2.config.impl.AbstractOAuth2ClientAuthenticableProfileConfiguration

getAuthenticationFlows, getClaimsValidator, getClientCredential, getClientId, getDefaultAuthenticationMethods, getPostAuthenticationFlows, getProxyCount, getTokenEndpointAuthMethod, getTokenEndpointAuthMethods, isForceAuthn, setAuthenticationFlows, setAuthenticationFlowsLookupStrategy, setClaimsValidator, setClaimsValidatorLookupStrategy, setClientCredential, setClientCredentialLookupStrategy, setClientId, setClientIdLookupStrategy, setDefaultAuthenticationMethods, setDefaultAuthenticationMethodsLookupStrategy, setForceAuthn, setForceAuthnPredicate, setPostAuthenticationFlows, setPostAuthenticationFlowsLookupStrategy, setProxyCount, setProxyCountLookupStrategy, setTokenEndpointAuthMethod, setTokenEndpointAuthMethodLookupStrategy, setTokenEndpointAuthMethods, setTokenEndpointAuthMethodsLookupStrategy

Methods inherited from class net.shibboleth.idp.profile.config.AbstractConditionalProfileConfiguration

getActivationCondition, setActivationCondition

Methods inherited from class net.shibboleth.idp.profile.config.AbstractProfileConfiguration

equals, getDisallowedFeatures, getInboundInterceptorFlows, getOutboundInterceptorFlows, getSecurityConfiguration, hashCode, isFeatureDisallowed, setDisallowedFeatures, setDisallowedFeaturesLookupStrategy, setInboundFlowsLookupStrategy, setInboundInterceptorFlows, setInboundInterceptorFlowsLookupStrategy, setOutboundFlowsLookupStrategy, setOutboundInterceptorFlows, setOutboundInterceptorFlowsLookupStrategy, setSecurityConfiguration, setSecurityConfigurationLookupStrategy

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractIdentifiableInitializableComponent

setId

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractIdentifiedInitializableComponent

doInitialize, getId

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, doDestroy, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.idp.authn.config.AuthenticationProfileConfiguration

getAuthenticationFlows, getDefaultAuthenticationMethods, getPostAuthenticationFlows, getProxyCount, isForceAuthn, isLocal

Methods inherited from interface net.shibboleth.idp.profile.config.ConditionalProfileConfiguration

getActivationCondition

Methods inherited from interface net.shibboleth.utilities.java.support.component.IdentifiedComponent

getId

Methods inherited from interface net.shibboleth.oidc.profile.oauth2.config.OAuth2ClientAuthenticableProfileConfiguration

getClaimsValidator, getTokenEndpointAuthMethods

Methods inherited from interface net.shibboleth.oidc.profile.oauth2.config.OAuth2TokenValidatingProfileConfiguration

getIssuedClaimsValidator

Methods inherited from interface net.shibboleth.idp.profile.config.OverriddenIssuerProfileConfiguration

getIssuer

Methods inherited from interface net.shibboleth.idp.profile.config.ProfileConfiguration

getInboundInterceptorFlows, getOutboundInterceptorFlows, getSecurityConfiguration

Field Detail

revocationMethodLookupStrategy

@Nonnull
private Function<ProfileRequestContext,String> revocationMethodLookupStrategy

Which revocation method should be used when revoking a token. Supported values are CHAIN and TOKEN. The default is CHAIN.

revocationLifetimeLookupStrategy

@Nonnull
private Function<ProfileRequestContext,Duration> revocationLifetimeLookupStrategy

Lookup function to supply revocation lifetime.

Constructor Detail

DefaultOAuth2TokenRevocationConfiguration

public DefaultOAuth2TokenRevocationConfiguration()

Constructor.

DefaultOAuth2TokenRevocationConfiguration

public DefaultOAuth2TokenRevocationConfiguration(@Nonnull @NotEmpty
                                                 String profileId)

Creates a new configuration instance.

Parameters:

profileId - Unique profile identifier.

Method Detail

setRevocationMethodLookupStrategy

public void setRevocationMethodLookupStrategy(@Nonnull
                                              Function<ProfileRequestContext,String> strategy)

Set strategy for looking up which revocation method should be used when revoking a token.

Parameters:

strategy - What to set.

Since:

2.1.0

setRevocationMethod

public void setRevocationMethod(@Nonnull @NotEmpty
                                OAuth2TokenRevocationConfiguration.OAuth2TokenRevocationMethod method)

Set which revocation method should be used when revoking a token.

Parameters:

method - What to set.

Since:

2.1.0

getRevocationMethod

public OAuth2TokenRevocationConfiguration.OAuth2TokenRevocationMethod getRevocationMethod(@Nullable
                                                                                          ProfileRequestContext profileRequestContext)

Specified by:

getRevocationMethod in interface OAuth2TokenRevocationConfiguration

setRevocationLifetimeLookupStrategy

public void setRevocationLifetimeLookupStrategy(@Nullable
                                                Function<ProfileRequestContext,Duration> strategy)

Set a lookup strategy for the revocation lifetime.

Parameters:

strategy - What to set.

Since:

2.1.0

getRevocationLifetime

@Positive
@Nonnull
public Duration getRevocationLifetime(@Nullable
                                      ProfileRequestContext profileRequestContext)

Specified by:

getRevocationLifetime in interface OAuth2TokenRevocationConfiguration

setRevocationLifetime

public void setRevocationLifetime(@Positive @Nonnull
                                  Duration lifetime)

Set the lifetime of revocation.

Parameters:

lifetime - What to set.

Since:

2.1.0