Package org.wildfly.security.http.oidc

Class OidcClientConfiguration

java.lang.Object
org.wildfly.security.http.oidc.OidcClientConfiguration
Direct Known Subclasses:
OidcClientContext.OidcClientConfigurationDelegate
public class OidcClientConfiguration extends Object
The OpenID Connect (OIDC) configuration for a client application. This class is based on org.keycloak.adapters.KeycloakDeployment.
Author:
Bill Burke, Brad Culley, John D. Ament, Farah Juma

  • Field Details

    • relativeUrls

      protected OidcClientConfiguration.RelativeUrlsUsed relativeUrls

    • realm

      protected String realm

    • publicKeyLocator

      protected PublicKeyLocator publicKeyLocator

    • authServerBaseUrl

      protected String authServerBaseUrl

    • providerUrl

      protected String providerUrl

    • authUrl

      protected String authUrl

    • tokenUrl

      protected String tokenUrl

    • logoutUrl

      protected String logoutUrl

    • accountUrl

      protected String accountUrl

    • registerNodeUrl

      protected String registerNodeUrl

    • unregisterNodeUrl

      protected String unregisterNodeUrl

    • jwksUrl

      protected String jwksUrl

    • issuerUrl

      protected String issuerUrl

    • principalAttribute

      protected String principalAttribute

    • requestObjectSigningAlgValuesSupported

      protected List<String> requestObjectSigningAlgValuesSupported

    • requestObjectEncryptionEncValuesSupported

      protected List<String> requestObjectEncryptionEncValuesSupported

    • requestObjectEncryptionAlgValuesSupported

      protected List<String> requestObjectEncryptionAlgValuesSupported

    • requestParameterSupported

      protected boolean requestParameterSupported

    • requestUriParameterSupported

      protected boolean requestUriParameterSupported

    • resource

      protected String resource

    • clientId

      protected String clientId

    • bearerOnly

      protected boolean bearerOnly

    • autodetectBearerOnly

      protected boolean autodetectBearerOnly

    • enableBasicAuth

      protected boolean enableBasicAuth

    • publicClient

      protected boolean publicClient

    • resourceCredentials

      protected Map<String,Object> resourceCredentials

    • clientAuthenticator

      protected ClientCredentialsProvider clientAuthenticator

    • client

      protected Callable<org.apache.http.client.HttpClient> client

    • scope

      protected String scope

    • sslRequired

      protected Oidc.SSLRequired sslRequired

    • confidentialPort

      protected int confidentialPort

    • tokenStore

      protected Oidc.TokenStore tokenStore

    • oidcStateCookiePath

      protected String oidcStateCookiePath

    • stateCookieName

      protected String stateCookieName

    • useResourceRoleMappings

      protected boolean useResourceRoleMappings

    • useRealmRoleMappings

      protected boolean useRealmRoleMappings

    • cors

      protected boolean cors

    • corsMaxAge

      protected int corsMaxAge

    • corsAllowedHeaders

      protected String corsAllowedHeaders

    • corsAllowedMethods

      protected String corsAllowedMethods

    • corsExposedHeaders

      protected String corsExposedHeaders

    • exposeToken

      protected boolean exposeToken

    • alwaysRefreshToken

      protected boolean alwaysRefreshToken

    • registerNodeAtStartup

      protected boolean registerNodeAtStartup

    • registerNodePeriod

      protected int registerNodePeriod

    • turnOffChangeSessionIdOnLogin

      protected boolean turnOffChangeSessionIdOnLogin

    • notBefore

      protected volatile int notBefore

    • tokenMinimumTimeToLive

      protected int tokenMinimumTimeToLive

    • minTimeBetweenJwksRequests

      protected int minTimeBetweenJwksRequests

    • publicKeyCacheTtl

      protected int publicKeyCacheTtl

    • pkce

      protected boolean pkce

    • ignoreOAuthQueryParameter

      protected boolean ignoreOAuthQueryParameter

    • redirectRewriteRules

      protected Map<String,String> redirectRewriteRules

    • delegateBearerErrorResponseSending

      protected boolean delegateBearerErrorResponseSending

    • verifyTokenAudience

      protected boolean verifyTokenAudience

    • tokenSignatureAlgorithm

      protected String tokenSignatureAlgorithm

    • authenticationRequestFormat

      protected String authenticationRequestFormat

    • requestObjectSigningAlgorithm

      protected String requestObjectSigningAlgorithm

    • requestObjectEncryptionAlgValue

      protected String requestObjectEncryptionAlgValue

    • requestObjectEncryptionEncValue

      protected String requestObjectEncryptionEncValue

    • pushedAuthorizationRequestEndpoint

      protected String pushedAuthorizationRequestEndpoint

    • requestObjectSigningKeyStoreFile

      protected String requestObjectSigningKeyStoreFile

    • requestObjectSigningKeyStorePassword

      protected String requestObjectSigningKeyStorePassword

    • requestObjectSigningKeyPassword

      protected String requestObjectSigningKeyPassword

    • requestObjectSigningKeyAlias

      protected String requestObjectSigningKeyAlias

    • requestObjectSigningKeyStoreType

      protected String requestObjectSigningKeyStoreType

    • encryptionPublicKeyLocator

      protected org.wildfly.security.http.oidc.JWKEncPublicKeyLocator encryptionPublicKeyLocator

  • Constructor Details

    • OidcClientConfiguration

      public OidcClientConfiguration()

  • Method Details

    • isConfigured

      public boolean isConfigured()

    • getResourceName

      public String getResourceName()

    • getResource

      public String getResource()

    • getClientId

      public String getClientId()

    • getRealm

      public String getRealm()

    • setRealm

      public void setRealm(String realm)

    • getPublicKeyLocator

      public PublicKeyLocator getPublicKeyLocator()

    • setPublicKeyLocator

      public void setPublicKeyLocator(PublicKeyLocator publicKeyLocator)

    • getAuthServerBaseUrl

      public String getAuthServerBaseUrl()

    • setProviderUrl

      public void setProviderUrl(String providerUrl)

    • setAuthServerBaseUrl

      public void setAuthServerBaseUrl(OidcJsonConfiguration config)

    • resetUrls

      protected void resetUrls()
      Resets all calculated urls to null and sets the relativeUrls field depending the value of the current discovery URL in the configuration. If it is relative is set to ALWAYS and if absolute is set to NEVER.

    • resolveUrls

      protected void resolveUrls()
      URLs are loaded lazily when used.

    • resolveUrls

      protected void resolveUrls(org.wildfly.security.http.oidc.OidcClientUriBuilder authUrlBuilder)

    • getOidcProviderMetadata

      protected OidcProviderMetadata getOidcProviderMetadata(String discoveryUrl) throws Exception
      Throws:
      Exception

    • getRelativeUrls

      public OidcClientConfiguration.RelativeUrlsUsed getRelativeUrls()

    • getProviderUrl

      public String getProviderUrl()

    • getAuthUrl

      public String getAuthUrl()

    • getTokenUrl

      public String getTokenUrl()

    • getLogoutUrl

      public String getLogoutUrl()

    • getAccountUrl

      public String getAccountUrl()

    • getRegisterNodeUrl

      public String getRegisterNodeUrl()

    • getUnregisterNodeUrl

      public String getUnregisterNodeUrl()

    • getJwksUrl

      public String getJwksUrl()

    • getIssuerUrl

      public String getIssuerUrl()

    • getRequestObjectSigningAlgValuesSupported

      public List<String> getRequestObjectSigningAlgValuesSupported()

    • getRequestObjectEncryptionAlgValuesSupported

      public List<String> getRequestObjectEncryptionAlgValuesSupported()

    • getRequestObjectEncryptionEncValuesSupported

      public List<String> getRequestObjectEncryptionEncValuesSupported()

    • getRequestParameterSupported

      public boolean getRequestParameterSupported()

    • getRequestUriParameterSupported

      public boolean getRequestUriParameterSupported()

    • setResource

      public void setResource(String resource)

    • setClientId

      public void setClientId(String clientId)

    • isBearerOnly

      public boolean isBearerOnly()

    • setBearerOnly

      public void setBearerOnly(boolean bearerOnly)

    • isAutodetectBearerOnly

      public boolean isAutodetectBearerOnly()

    • setAutodetectBearerOnly

      public void setAutodetectBearerOnly(boolean autodetectBearerOnly)

    • isEnableBasicAuth

      public boolean isEnableBasicAuth()

    • setEnableBasicAuth

      public void setEnableBasicAuth(boolean enableBasicAuth)

    • isPublicClient

      public boolean isPublicClient()

    • setPublicClient

      public void setPublicClient(boolean publicClient)

    • getResourceCredentials

      public Map<String,Object> getResourceCredentials()

    • setResourceCredentials

      public void setResourceCredentials(Map<String,Object> resourceCredentials)

    • getClientAuthenticator

      public ClientCredentialsProvider getClientAuthenticator()

    • setClientAuthenticator

      public void setClientAuthenticator(ClientCredentialsProvider clientAuthenticator)

    • getClient

      public org.apache.http.client.HttpClient getClient()

    • setClient

      public void setClient(org.apache.http.client.HttpClient client)

    • getScope

      public String getScope()

    • setScope

      public void setScope(String scope)

    • getSSLRequired

      public Oidc.SSLRequired getSSLRequired()

    • setSSLRequired

      public void setSSLRequired(Oidc.SSLRequired sslRequired)

    • isSSLEnabled

      public boolean isSSLEnabled()

    • getConfidentialPort

      public int getConfidentialPort()

    • setConfidentialPort

      public void setConfidentialPort(int confidentialPort)

    • getTokenStore

      public Oidc.TokenStore getTokenStore()

    • setTokenStore

      public void setTokenStore(Oidc.TokenStore tokenStore)

    • getOidcStateCookiePath

      public String getOidcStateCookiePath()

    • setOidcStateCookiePath

      public void setOidcStateCookiePath(String oidcStateCookiePath)

    • getStateCookieName

      public String getStateCookieName()

    • setStateCookieName

      public void setStateCookieName(String stateCookieName)

    • isUseResourceRoleMappings

      public boolean isUseResourceRoleMappings()

    • setUseResourceRoleMappings

      public void setUseResourceRoleMappings(boolean useResourceRoleMappings)

    • isUseRealmRoleMappings

      public boolean isUseRealmRoleMappings()

    • setUseRealmRoleMappings

      public void setUseRealmRoleMappings(boolean useRealmRoleMappings)

    • isCors

      public boolean isCors()

    • setCors

      public void setCors(boolean cors)

    • getCorsMaxAge

      public int getCorsMaxAge()

    • setCorsMaxAge

      public void setCorsMaxAge(int corsMaxAge)

    • getCorsAllowedHeaders

      public String getCorsAllowedHeaders()

    • setCorsAllowedHeaders

      public void setCorsAllowedHeaders(String corsAllowedHeaders)

    • getCorsAllowedMethods

      public String getCorsAllowedMethods()

    • setCorsAllowedMethods

      public void setCorsAllowedMethods(String corsAllowedMethods)

    • getCorsExposedHeaders

      public String getCorsExposedHeaders()

    • setCorsExposedHeaders

      public void setCorsExposedHeaders(String corsExposedHeaders)

    • isExposeToken

      public boolean isExposeToken()

    • setExposeToken

      public void setExposeToken(boolean exposeToken)

    • getNotBefore

      public int getNotBefore()

    • setNotBefore

      public void setNotBefore(int notBefore)

    • updateNotBefore

      public void updateNotBefore(int notBefore)

    • isAlwaysRefreshToken

      public boolean isAlwaysRefreshToken()

    • setAlwaysRefreshToken

      public void setAlwaysRefreshToken(boolean alwaysRefreshToken)

    • isRegisterNodeAtStartup

      public boolean isRegisterNodeAtStartup()

    • setRegisterNodeAtStartup

      public void setRegisterNodeAtStartup(boolean registerNodeAtStartup)

    • getRegisterNodePeriod

      public int getRegisterNodePeriod()

    • setRegisterNodePeriod

      public void setRegisterNodePeriod(int registerNodePeriod)

    • getPrincipalAttribute

      public String getPrincipalAttribute()

    • setPrincipalAttribute

      public void setPrincipalAttribute(String principalAttribute)

    • isTurnOffChangeSessionIdOnLogin

      public boolean isTurnOffChangeSessionIdOnLogin()

    • setTurnOffChangeSessionIdOnLogin

      public void setTurnOffChangeSessionIdOnLogin(boolean turnOffChangeSessionIdOnLogin)

    • getTokenMinimumTimeToLive

      public int getTokenMinimumTimeToLive()

    • setTokenMinimumTimeToLive

      public void setTokenMinimumTimeToLive(int tokenMinimumTimeToLive)

    • getMinTimeBetweenJwksRequests

      public int getMinTimeBetweenJwksRequests()

    • setMinTimeBetweenJwksRequests

      public void setMinTimeBetweenJwksRequests(int minTimeBetweenJwksRequests)

    • getPublicKeyCacheTtl

      public int getPublicKeyCacheTtl()

    • setPublicKeyCacheTtl

      public void setPublicKeyCacheTtl(int publicKeyCacheTtl)

    • isPkce

      public boolean isPkce()

    • setPkce

      public void setPkce(boolean pkce)

    • setIgnoreOAuthQueryParameter

      public void setIgnoreOAuthQueryParameter(boolean ignoreOAuthQueryParameter)

    • isOAuthQueryParameterEnabled

      public boolean isOAuthQueryParameterEnabled()

    • getRedirectRewriteRules

      public Map<String,String> getRedirectRewriteRules()

    • setRewriteRedirectRules

      public void setRewriteRedirectRules(Map<String,String> redirectRewriteRules)

    • isDelegateBearerErrorResponseSending

      public boolean isDelegateBearerErrorResponseSending()

    • setDelegateBearerErrorResponseSending

      public void setDelegateBearerErrorResponseSending(boolean delegateBearerErrorResponseSending)

    • isVerifyTokenAudience

      public boolean isVerifyTokenAudience()

    • setVerifyTokenAudience

      public void setVerifyTokenAudience(boolean verifyTokenAudience)

    • setClient

      public void setClient(Callable<org.apache.http.client.HttpClient> callable)

    • setTokenSignatureAlgorithm

      public void setTokenSignatureAlgorithm(String tokenSignatureAlgorithm)

    • getTokenSignatureAlgorithm

      public String getTokenSignatureAlgorithm()

    • getAuthenticationRequestFormat

      public String getAuthenticationRequestFormat()

    • setAuthenticationRequestFormat

      public void setAuthenticationRequestFormat(String authenticationRequestFormat)

    • getRequestObjectSigningAlgorithm

      public String getRequestObjectSigningAlgorithm()

    • setRequestObjectSigningAlgorithm

      public void setRequestObjectSigningAlgorithm(String requestObjectSigningAlgorithm)

    • getRequestObjectEncryptionAlgValue

      public String getRequestObjectEncryptionAlgValue()

    • setRequestObjectEncryptionAlgValue

      public void setRequestObjectEncryptionAlgValue(String requestObjectEncryptionAlgValue)

    • getRequestObjectEncryptionEncValue

      public String getRequestObjectEncryptionEncValue()

    • setRequestObjectEncryptionEncValue

      public void setRequestObjectEncryptionEncValue(String requestObjectEncryptionEncValue)

    • getRequestObjectSigningKeyStoreFile

      public String getRequestObjectSigningKeyStoreFile()

    • setRequestObjectSigningKeyStoreFile

      public void setRequestObjectSigningKeyStoreFile(String keyStoreFile)

    • getRequestObjectSigningKeyStorePassword

      public String getRequestObjectSigningKeyStorePassword()

    • setRequestObjectSigningKeyStorePassword

      public void setRequestObjectSigningKeyStorePassword(String requestObjectSigningKeyStorePassword)

    • getRequestObjectSigningKeyPassword

      public String getRequestObjectSigningKeyPassword()

    • setRequestObjectSigningKeyPassword

      public void setRequestObjectSigningKeyPassword(String requestObjectSigningKeyPassword)

    • getRequestObjectSigningKeyStoreType

      public String getRequestObjectSigningKeyStoreType()

    • setRequestObjectSigningKeyStoreType

      public void setRequestObjectSigningKeyStoreType(String requestObjectSigningKeyStoreType)

    • getRequestObjectSigningKeyAlias

      public String getRequestObjectSigningKeyAlias()

    • setRequestObjectSigningKeyAlias

      public void setRequestObjectSigningKeyAlias(String requestObjectSigningKeyAlias)

    • getPushedAuthorizationRequestEndpoint

      public String getPushedAuthorizationRequestEndpoint()

    • setPushedAuthorizationRequestEndpoint

      public void setPushedAuthorizationRequestEndpoint(String pushedAuthorizationRequestEndpoint)

    • setEncryptionPublicKeyLocator

      public void setEncryptionPublicKeyLocator(org.wildfly.security.http.oidc.JWKEncPublicKeyLocator publicKeySetExtractor)

    • getEncryptionPublicKeyLocator

      public org.wildfly.security.http.oidc.JWKEncPublicKeyLocator getEncryptionPublicKeyLocator()