Class OpenIdConfiguration
java.lang.Object
org.eclipse.jetty.util.component.AbstractLifeCycle
org.eclipse.jetty.util.component.ContainerLifeCycle
org.eclipse.jetty.security.openid.OpenIdConfiguration
- All Implemented Interfaces:
Container
,Destroyable
,Dumpable
,Dumpable.DumpableContainer
,LifeCycle
Holds the configuration for an OpenID Connect service.
This uses the OpenID Provider URL with the path
CONFIG_PATH
to discover
the required information about the OIDC service.-
Nested Class Summary
Nested classes/interfaces inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle
AbstractLifeCycle.AbstractLifeCycleListener, AbstractLifeCycle.StopException
Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Container
Container.InheritedListener, Container.Listener
Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Dumpable
Dumpable.DumpableContainer
Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.LifeCycle
LifeCycle.Listener
-
Field Summary
-
Constructor Summary
ConstructorDescriptionOpenIdConfiguration
(String provider, String clientId, String clientSecret) Create an OpenID configuration for a specific OIDC provider.OpenIdConfiguration
(String issuer, String authorizationEndpoint, String tokenEndpoint, String endSessionEndpoint, String clientId, String clientSecret, String authenticationMethod, HttpClient httpClient) Create an OpenID configuration for a specific OIDC provider.OpenIdConfiguration
(String issuer, String authorizationEndpoint, String tokenEndpoint, String clientId, String clientSecret, String authenticationMethod, HttpClient httpClient) Create an OpenID configuration for a specific OIDC provider.OpenIdConfiguration
(String issuer, String authorizationEndpoint, String tokenEndpoint, String clientId, String clientSecret, HttpClient httpClient) Create an OpenID configuration for a specific OIDC provider. -
Method Summary
Modifier and TypeMethodDescriptionvoid
protected void
doStart()
Starts the managed lifecycle beans in the order they were added.Obtain the JSON metadata from OpenID Connect Discovery Configuration Endpoint.boolean
boolean
protected void
processMetadata
(Map<String, Object> discoveryDocument) Process the OpenID Connect metadata discovered byfetchOpenIdConnectMetadata()
.void
setAuthenticateNewUsers
(boolean authenticateNewUsers) void
setLogoutWhenIdTokenIsExpired
(boolean logoutWhenIdTokenIsExpired) toString()
Methods inherited from class org.eclipse.jetty.util.component.ContainerLifeCycle
addBean, addBean, addEventListener, addManaged, contains, destroy, doStop, dump, dump, dump, dumpObjects, dumpStdErr, getBean, getBeans, getBeans, getContainedBeans, getContainedBeans, installBean, installBean, isAuto, isManaged, isUnmanaged, manage, removeBean, removeBeans, removeEventListener, setBeans, start, stop, unmanage, updateBean, updateBean, updateBeans, updateBeans
Methods inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle
getEventListeners, getState, getState, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, setEventListeners, start, stop
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
Methods inherited from interface org.eclipse.jetty.util.component.Container
getCachedBeans, getEventListeners
Methods inherited from interface org.eclipse.jetty.util.component.Dumpable.DumpableContainer
isDumpable
-
Constructor Details
-
OpenIdConfiguration
Create an OpenID configuration for a specific OIDC provider.- Parameters:
provider
- The URL of the OpenID provider.clientId
- OAuth 2.0 Client Identifier valid at the Authorization Server.clientSecret
- The client secret known only by the Client and the Authorization Server.
-
OpenIdConfiguration
public OpenIdConfiguration(String issuer, String authorizationEndpoint, String tokenEndpoint, String clientId, String clientSecret, HttpClient httpClient) Create an OpenID configuration for a specific OIDC provider.- Parameters:
issuer
- The URL of the OpenID provider.authorizationEndpoint
- the URL of the OpenID provider's authorization endpoint if configured.tokenEndpoint
- the URL of the OpenID provider's token endpoint if configured.clientId
- OAuth 2.0 Client Identifier valid at the Authorization Server.clientSecret
- The client secret known only by the Client and the Authorization Server.httpClient
- TheHttpClient
instance to use.
-
OpenIdConfiguration
public OpenIdConfiguration(@Name("issuer") String issuer, @Name("authorizationEndpoint") String authorizationEndpoint, @Name("tokenEndpoint") String tokenEndpoint, @Name("clientId") String clientId, @Name("clientSecret") String clientSecret, @Name("authenticationMethod") String authenticationMethod, @Name("httpClient") HttpClient httpClient) Create an OpenID configuration for a specific OIDC provider.- Parameters:
issuer
- The URL of the OpenID provider.authorizationEndpoint
- the URL of the OpenID provider's authorization endpoint if configured.tokenEndpoint
- the URL of the OpenID provider's token endpoint if configured.clientId
- OAuth 2.0 Client Identifier valid at the Authorization Server.clientSecret
- The client secret known only by the Client and the Authorization Server.authenticationMethod
- Authentication method to use with the Token Endpoint.httpClient
- TheHttpClient
instance to use.
-
OpenIdConfiguration
public OpenIdConfiguration(@Name("issuer") String issuer, @Name("authorizationEndpoint") String authorizationEndpoint, @Name("tokenEndpoint") String tokenEndpoint, @Name("endSessionEndpoint") String endSessionEndpoint, @Name("clientId") String clientId, @Name("clientSecret") String clientSecret, @Name("authenticationMethod") String authenticationMethod, @Name("httpClient") HttpClient httpClient) Create an OpenID configuration for a specific OIDC provider.- Parameters:
issuer
- The URL of the OpenID provider.authorizationEndpoint
- the URL of the OpenID provider's authorization endpoint if configured.tokenEndpoint
- the URL of the OpenID provider's token endpoint if configured.endSessionEndpoint
- the URL of the OpdnID provider's end session endpoint if configured.clientId
- OAuth 2.0 Client Identifier valid at the Authorization Server.clientSecret
- The client secret known only by the Client and the Authorization Server.authenticationMethod
- Authentication method to use with the Token Endpoint.httpClient
- TheHttpClient
instance to use.
-
-
Method Details
-
doStart
Description copied from class:ContainerLifeCycle
Starts the managed lifecycle beans in the order they were added.- Overrides:
doStart
in classContainerLifeCycle
- Throws:
AbstractLifeCycle.StopException
- If thrown, the lifecycle will immediately be stopped.Exception
- If there was a problem starting. Will cause a transition to FAILED state
-
processMetadata
Process the OpenID Connect metadata discovered byfetchOpenIdConnectMetadata()
. By default, only theAUTHORIZATION_ENDPOINT
andTOKEN_ENDPOINT
claims are extracted.- Throws:
IllegalStateException
- if a required field is not present in the metadata.- See Also:
-
fetchOpenIdConnectMetadata
Obtain the JSON metadata from OpenID Connect Discovery Configuration Endpoint.- Returns:
- a set of Claims about the OpenID Provider's configuration in JSON format.
- Throws:
IllegalStateException
- if metadata could not be fetched from the OP.
-
getHttpClient
-
getAuthEndpoint
-
getClientId
-
getClientSecret
-
getIssuer
-
getTokenEndpoint
-
getEndSessionEndpoint
-
getAuthenticationMethod
-
addScopes
-
getScopes
-
isAuthenticateNewUsers
public boolean isAuthenticateNewUsers() -
setAuthenticateNewUsers
public void setAuthenticateNewUsers(boolean authenticateNewUsers) -
isLogoutWhenIdTokenIsExpired
public boolean isLogoutWhenIdTokenIsExpired() -
setLogoutWhenIdTokenIsExpired
public void setLogoutWhenIdTokenIsExpired(boolean logoutWhenIdTokenIsExpired) -
toString
- Overrides:
toString
in classAbstractLifeCycle
-