Package io.quarkus.oidc
Class OidcTenantConfig
- java.lang.Object
-
- io.quarkus.oidc.common.runtime.OidcCommonConfig
-
- io.quarkus.oidc.OidcTenantConfig
-
public class OidcTenantConfig extends OidcCommonConfig
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classOidcTenantConfig.ApplicationTypestatic classOidcTenantConfig.AuthenticationDefines the authorization request properties when authenticating users using the Authorization Code Grant Type.static classOidcTenantConfig.Logoutstatic classOidcTenantConfig.Rolesstatic classOidcTenantConfig.Tokenstatic classOidcTenantConfig.TokenStateManagerDefault Authorization Code token state manager configuration-
Nested classes/interfaces inherited from class io.quarkus.oidc.common.runtime.OidcCommonConfig
OidcCommonConfig.Credentials, OidcCommonConfig.Proxy, OidcCommonConfig.Tls
-
-
Field Summary
Fields Modifier and Type Field Description booleanallowTokenIntrospectionCacheAllow caching the token introspection data.booleanallowUserInfoCacheAllow caching the user info data.OidcTenantConfig.ApplicationTypeapplicationTypeThe application type, which can be one of the following values from enumOidcTenantConfig.ApplicationType.OidcTenantConfig.AuthenticationauthenticationDifferent options to configure authorization requestsOptional<String>authorizationPathRelative path of the OIDC authorization endpoint which authenticates the users.Optional<String>endSessionPathRelative path of the OIDC end_session_endpoint.Optional<String>introspectionPathRelative path of the OIDC RFC7662 introspection endpoint which can introspect both opaque and JWT tokens.Optional<String>jwksPathRelative path of the OIDC JWKS endpoint which returns a JSON Web Key Verification Set.OidcTenantConfig.LogoutlogoutLogout configurationOptional<String>publicKeyPublic key for the local JWT token verification.OidcTenantConfig.RolesrolesConfiguration to find and parse a custom claim containing the roles information.booleantenantEnabledIf this tenant configuration is enabled.Optional<String>tenantIdA unique tenant identifier.OidcTenantConfig.TokentokenConfiguration how to validate the token claims.OidcTenantConfig.TokenStateManagertokenStateManagerDefault token state manager configurationOptional<String>userInfoPathRelative path of the OIDC userinfo endpoint.-
Fields inherited from class io.quarkus.oidc.common.runtime.OidcCommonConfig
authServerUrl, clientId, connectionDelay, connectionRetryCount, connectionTimeout, credentials, discoveryEnabled, maxPoolSize, proxy, tls, tokenPath
-
-
Constructor Summary
Constructors Constructor Description OidcTenantConfig()
-
Method Summary
-
Methods inherited from class io.quarkus.oidc.common.runtime.OidcCommonConfig
getAuthServerUrl, getClientId, getConnectionDelay, getConnectionTimeout, getCredentials, getMaxPoolSize, getProxy, getTokenPath, isDiscoveryEnabled, setAuthServerUrl, setClientId, setConnectionDelay, setConnectionTimeout, setCredentials, setDiscoveryEnabled, setMaxPoolSize, setProxy, setTokenPath
-
-
-
-
Field Detail
-
tenantId
@ConfigItem public Optional<String> tenantId
A unique tenant identifier. It must be set byTenantConfigResolverproviders which resolve the tenant configuration dynamically and is optional in all other cases.
-
tenantEnabled
@ConfigItem(defaultValue="true") public boolean tenantEnabled
If this tenant configuration is enabled.
-
applicationType
@ConfigItem(defaultValue="service") public OidcTenantConfig.ApplicationType applicationType
The application type, which can be one of the following values from enumOidcTenantConfig.ApplicationType.
-
authorizationPath
@ConfigItem public Optional<String> authorizationPath
Relative path of the OIDC authorization endpoint which authenticates the users. This property must be set for the 'web-app' applications if OIDC discovery is disabled. This property will be ignored if the discovery is enabled.
-
userInfoPath
@ConfigItem public Optional<String> userInfoPath
Relative path of the OIDC userinfo endpoint. This property must only be set for the 'web-app' applications if OIDC discovery is disabled and 'authentication.user-info-required' property is enabled. This property will be ignored if the discovery is enabled.
-
introspectionPath
@ConfigItem public Optional<String> introspectionPath
Relative path of the OIDC RFC7662 introspection endpoint which can introspect both opaque and JWT tokens. This property must be set if OIDC discovery is disabled and 1) the opaque bearer access tokens have to be verified or 2) JWT tokens have to be verified while the cached JWK verification set with no matching JWK is being refreshed. This property will be ignored if the discovery is enabled.
-
jwksPath
@ConfigItem public Optional<String> jwksPath
Relative path of the OIDC JWKS endpoint which returns a JSON Web Key Verification Set. This property should be set if OIDC discovery is disabled and the local JWT verification is required. This property will be ignored if the discovery is enabled.
-
endSessionPath
@ConfigItem public Optional<String> endSessionPath
Relative path of the OIDC end_session_endpoint. This property must be set if OIDC discovery is disabled and RP Initiated Logout support for the 'web-app' applications is required. This property will be ignored if the discovery is enabled.
-
publicKey
@ConfigItem public Optional<String> publicKey
Public key for the local JWT token verification. OIDC server connection will not be created when this property is set.
-
roles
@ConfigItem public OidcTenantConfig.Roles roles
Configuration to find and parse a custom claim containing the roles information.
-
token
@ConfigItem public OidcTenantConfig.Token token
Configuration how to validate the token claims.
-
logout
@ConfigItem public OidcTenantConfig.Logout logout
Logout configuration
-
authentication
public OidcTenantConfig.Authentication authentication
Different options to configure authorization requests
-
tokenStateManager
@ConfigItem public OidcTenantConfig.TokenStateManager tokenStateManager
Default token state manager configuration
-
allowTokenIntrospectionCache
@ConfigItem(defaultValue="true") public boolean allowTokenIntrospectionCache
Allow caching the token introspection data. Note enabling this property does not enable the cache itself but only permits to cache the token introspection for a given tenant. If the default token cache can be used then please seeOidcConfig.TokenCachehow to enable it.
-
allowUserInfoCache
@ConfigItem(defaultValue="true") public boolean allowUserInfoCache
Allow caching the user info data. Note enabling this property does not enable the cache itself but only permits to cache the user info data for a given tenant. If the default token cache can be used then please seeOidcConfig.TokenCachehow to enable it.
-
-
Method Detail
-
setAuthorizationPath
public void setAuthorizationPath(String authorizationPath)
-
setUserInfoPath
public void setUserInfoPath(String userInfoPath)
-
setIntrospectionPath
public void setIntrospectionPath(String introspectionPath)
-
setJwksPath
public void setJwksPath(String jwksPath)
-
setEndSessionPath
public void setEndSessionPath(String endSessionPath)
-
setPublicKey
public void setPublicKey(String publicKey)
-
getRoles
public OidcTenantConfig.Roles getRoles()
-
setRoles
public void setRoles(OidcTenantConfig.Roles roles)
-
getToken
public OidcTenantConfig.Token getToken()
-
setToken
public void setToken(OidcTenantConfig.Token token)
-
getAuthentication
public OidcTenantConfig.Authentication getAuthentication()
-
setAuthentication
public void setAuthentication(OidcTenantConfig.Authentication authentication)
-
setTenantId
public void setTenantId(String tenantId)
-
isTenantEnabled
public boolean isTenantEnabled()
-
setTenantEnabled
public void setTenantEnabled(boolean enabled)
-
setLogout
public void setLogout(OidcTenantConfig.Logout logout)
-
getLogout
public OidcTenantConfig.Logout getLogout()
-
getApplicationType
public OidcTenantConfig.ApplicationType getApplicationType()
-
setApplicationType
public void setApplicationType(OidcTenantConfig.ApplicationType type)
-
isAllowTokenIntrospectionCache
public boolean isAllowTokenIntrospectionCache()
-
setAllowTokenIntrospectionCache
public void setAllowTokenIntrospectionCache(boolean allowTokenIntrospectionCache)
-
isAllowUserInfoCache
public boolean isAllowUserInfoCache()
-
setAllowUserInfoCache
public void setAllowUserInfoCache(boolean allowUserInfoCache)
-
-