Package io.hawt.web.auth.oidc

Class OidcConfiguration

java.lang.Object
javax.security.auth.login.Configuration
io.hawt.web.auth.oidc.OidcConfiguration
public class OidcConfiguration extends Configuration
Configuration of OpenID Connect.

  • Field Details

    • LOG

      public static final org.slf4j.Logger LOG

    • OIDC_JAAS_CONFIGURATION

      public static final String OIDC_JAAS_CONFIGURATION
      See Also:

  • Constructor Details

  • Method Details

    • getAppConfigurationEntry

      public AppConfigurationEntry[] getAppConfigurationEntry(String name)
      Specified by:
      getAppConfigurationEntry in class Configuration

    • getProviderURL

      public URL getProviderURL()

    • getClientId

      public String getClientId()

    • getResponseMode

      public OidcConfiguration.ResponseMode getResponseMode()

    • getScopes

      public String[] getScopes()

    • getRedirectUri

      public URL getRedirectUri()

    • getCodeChallengeMethod

      public String getCodeChallengeMethod()

    • getPrompt

      public OidcConfiguration.PromptType getPrompt()

    • getRolesPath

      public String[] getRolesPath()

    • getRoleClass

      public Class<?> getRoleClass()

    • getRoleMapping

      public Map<String,String> getRoleMapping()

    • findPublicKey

      public PublicKey findPublicKey(String kid)
      When token arrives, find a PublicKey based on kid field from JWT header.
      Parameters:
      kid -
      Returns:

    • toJSON

      public String toJSON()
      Serialize to be returned by auth endpoint for client-side HawtIO.
      Returns:

    • isEnabled

      public boolean isEnabled()

    • getJwkContext

      public com.nimbusds.jose.proc.JWKSecurityContext getJwkContext()

    • refreshPublicKeysIfNeeded

      public void refreshPublicKeysIfNeeded()

    • cachePublicKeys

      public void cachePublicKeys(org.json.JSONObject config)
      Cache information coming from jwks_uri endpoint
      Parameters:
      config -

    • setRolePrincipalClasses

      public void setRolePrincipalClasses(String rolePrincipalClasses)
      Configure roles available for OIDC. This is not part of the configuration file, as HawtIO takes the roles from hawtio.roles property which defaults to admin,manager,viewer
      Parameters:
      rolePrincipalClasses -

    • getRolePrincipalClasses

      public String[] getRolePrincipalClasses()

    • extractRoles

      public String[] extractRoles(ValidAccessToken parsedToken)
      Extract roles (and maps them if needed) from Access Token according to current configuration
      Parameters:
      parsedToken -
      Returns: