Package org.wildfly.security.http.oidc

Class JWTClientCredentialsProvider

java.lang.Object

org.wildfly.security.http.oidc.JWTClientCredentialsProvider

All Implemented Interfaces:

ClientCredentialsProvider

@MetaInfServices(ClientCredentialsProvider.class)
public class JWTClientCredentialsProvider
extends Object
implements ClientCredentialsProvider

Client authentication based on JWT signed by client private key. See specs for more details.

Author:

Marek Posolda, Farah Juma

Constructor Summary

Constructors

Constructor	Description
JWTClientCredentialsProvider()

Method Summary

Modifier and Type	Method	Description
protected org.jose4j.jwt.JwtClaims	createRequestToken(String clientId, String tokenUrl)
String	createSignedRequestToken(String clientId, String tokenUrl)
String	getId()	Return the ID of the provider.
PublicKey	getPublicKey()
protected int	getTokenTimeout()
void	init(OidcClientConfiguration oidcClientConfiguration, Object credentialsConfig)	Called during deployment of your application.
void	setClientCredentials(OidcClientConfiguration oidcClientConfiguration, Map<String,String> requestHeaders, Map<String,String> formParams)	Called every time a backchannel request is performed.
void	setTokenTimeout(int tokenTimeout)
void	setupKeyPair(KeyPair keyPair)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

JWTClientCredentialsProvider

public JWTClientCredentialsProvider()

Method Detail

getId

public String getId()

Description copied from interface: ClientCredentialsProvider

Return the ID of the provider. Use this ID in the oidc.json configuration as the sub-element of the "credentials" element For example if your provider has ID "some-provider", use the configuration like this in oidc.json "credentials": { "some-provider": { "someAttribute": "someValue" } }

Specified by:

getId in interface ClientCredentialsProvider

Returns:

the ID of the provider

setupKeyPair

public void setupKeyPair(KeyPair keyPair)

setTokenTimeout

public void setTokenTimeout(int tokenTimeout)

getTokenTimeout

protected int getTokenTimeout()

getPublicKey

public PublicKey getPublicKey()

init

public void init(OidcClientConfiguration oidcClientConfiguration,
                 Object credentialsConfig)

Description copied from interface: ClientCredentialsProvider

Called during deployment of your application.

Specified by:

init in interface ClientCredentialsProvider

Parameters:

oidcClientConfiguration - the OIDC client configuration

credentialsConfig - the configuration of your credentials provider read from oidc.json. For the some-provider example above, it will return map with the single key "someAttribute" with value "someValue"

setClientCredentials

public void setClientCredentials(OidcClientConfiguration oidcClientConfiguration,
                                 Map<String,String> requestHeaders,
                                 Map<String,String> formParams)

Description copied from interface: ClientCredentialsProvider

Called every time a backchannel request is performed.

Specified by:

setClientCredentials in interface ClientCredentialsProvider

Parameters:

oidcClientConfiguration - the fully resolved OIDC client configuration

requestHeaders - You should put any HTTP request headers you want to use for authentication of client. These headers will be attached to the HTTP request sent to the OpenID provider

formParams - You should put any request parameters you want to use for authentication of client. These parameters will be attached to the HTTP request sent to the OpenID provider

createSignedRequestToken

public String createSignedRequestToken(String clientId,
                                       String tokenUrl)

createRequestToken

protected org.jose4j.jwt.JwtClaims createRequestToken(String clientId,
                                                      String tokenUrl)