Package io.hawt.web.auth.oidc

Class OidcConfiguration

java.lang.Object
javax.security.auth.login.Configuration
io.hawt.web.auth.oidc.OidcConfiguration
public class OidcConfiguration extends Configuration
Configuration of OpenID Connect.

  • Field Details

    • LOG

      public static final org.slf4j.Logger LOG

    • OIDC_JAAS_CONFIGURATION

      public static final String OIDC_JAAS_CONFIGURATION
      See Also:

  • Constructor Details

  • Method Details

    • getAppConfigurationEntry

      public AppConfigurationEntry[] getAppConfigurationEntry(String name)
      Specified by:
      getAppConfigurationEntry in class Configuration

    • getProviderURL

      public URL getProviderURL()

    • getClientId

      public String getClientId()

    • getResponseMode

      public OidcConfiguration.ResponseMode getResponseMode()

    • getScopes

      public String[] getScopes()

    • getRedirectUri

      public URL getRedirectUri()

    • getCodeChallengeMethod

      public String getCodeChallengeMethod()

    • getPrompt

      public OidcConfiguration.PromptType getPrompt()

    • getRolesPath

      public String[] getRolesPath()

    • getRoleClass

      public Class<?> getRoleClass()

    • getRoleMapping

      public Map<String,String> getRoleMapping()

    • findPublicKey

      public PublicKey findPublicKey(String kid)
      When token arrives, find a PublicKey based on kid field from JWT header.
      Parameters:
      kid -
      Returns:

    • toJSON

      public String toJSON()
      Serialize to be returned by auth endpoint for client-side HawtIO.
      Returns:

    • isEnabled

      public boolean isEnabled()

    • getJwkContext

      public com.nimbusds.jose.proc.JWKSecurityContext getJwkContext()

    • refreshPublicKeysIfNeeded

      public void refreshPublicKeysIfNeeded()

    • cachePublicKeys

      public void cachePublicKeys(org.json.JSONObject config)
      Cache information coming from jwks_uri endpoint
      Parameters:
      config -

    • setRolePrincipalClass

      public void setRolePrincipalClass(Class<? extends Principal> rolePrincipalClass)
      Configure roles available for OIDC. This is not part of the configuration file, as HawtIO takes the roles from hawtio.roles property which defaults to admin,manager,viewer
      Parameters:
      rolePrincipalClass -

    • extractRoles

      public String[] extractRoles(ValidAccessToken parsedToken)
      Extract roles (and maps them if needed) from Access Token according to current configuration
      Parameters:
      parsedToken -
      Returns: