Package io.hawt.web.auth.oidc

Class OidcLoginModule

java.lang.Object

io.hawt.web.auth.oidc.OidcLoginModule

All Implemented Interfaces:

LoginModule

public class OidcLoginModule
extends Object
implements LoginModule

This login module operates on Bearer token which contains OAuth2 Access Token. Roles are taken from the token depending on the flavor of OpenID Connect / OAuth2 used.

For example, Keycloak encodes roles differently depending on use-resource-role-mappings:

• use-resource-role-mappings = true: roles come from resource_access.<client-id>.roles
• use-resource-role-mappings = false: roles come from realm_access.roles

In Azure/Entra ID we expect roles to be directly encoded in roles claim of the access token.

Field Summary

Fields

Modifier and Type	Field	Description
static final org.slf4j.Logger	LOG

Constructor Summary

Constructors

Constructor	Description
OidcLoginModule()

Method Summary

Modifier and Type	Method	Description
boolean	abort()
boolean	commit()
void	initialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, Map<String,?> options)
boolean	login()
boolean	logout()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

LOG

public static final org.slf4j.Logger LOG

Constructor Details

OidcLoginModule

public OidcLoginModule()

Method Details

initialize

public void initialize(Subject subject,
 CallbackHandler callbackHandler,
 Map<String,?> sharedState,
 Map<String,?> options)

Specified by:

initialize in interface LoginModule

login

public boolean login()
              throws LoginException

Specified by:

login in interface LoginModule

Throws:

LoginException

commit

public boolean commit()

Specified by:

commit in interface LoginModule

abort

public boolean abort()

Specified by:

abort in interface LoginModule

logout

public boolean logout()
               throws LoginException

Specified by:

logout in interface LoginModule

Throws:

LoginException