Package io.quarkus.oidc.runtime
Class OidcUtils
java.lang.Object
io.quarkus.oidc.runtime.OidcUtils
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final Stringstatic final String(package private) static final String(package private) static final String(package private) static final Stringstatic final Stringstatic final Stringstatic final String(package private) static final BlockingTaskRunner<Void>static final Stringstatic final Integerstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final String(package private) static final Stringstatic final String(package private) static final io.smallrye.mutiny.Uni<Void> -
Method Summary
Modifier and TypeMethodDescription(package private) static voidaddTokenScopesAsPermissions(QuarkusSecurityIdentity.Builder builder, Collection<String> scopes) static Stringbase64UrlDecode(String encodedContent) static booleancacheUserInfoInIdToken(DefaultTenantConfigResolver resolver, OidcTenantConfig oidcConfig) static io.vertx.core.http.impl.ServerCookiecreateCookie(io.vertx.ext.web.RoutingContext context, OidcTenantConfig oidcConfig, String name, String value, long maxAge) static SecretKeycreateSecretKeyFromDigest(byte[] secretBytes) static io.vertx.core.json.JsonObjectdecodeJwtContent(String jwt) static Stringstatic io.vertx.core.json.JsonObjectdecodeJwtHeaders(String jwt) static Stringstatic io.vertx.core.json.JsonObjectdecryptJson(String jweString, Key key) static StringdecryptString(String jweString, Key key) static StringdecryptString(String jweString, Key key, io.smallrye.jwt.algorithm.KeyEncryptionAlgorithm algorithm) static StringencodeScopes(OidcTenantConfig oidcConfig) static StringencryptJson(io.vertx.core.json.JsonObject json, SecretKey key) static StringencryptString(String jweString, SecretKey key) static StringencryptString(String jweString, SecretKey key, io.smallrye.jwt.algorithm.KeyEncryptionAlgorithm algorithm) (package private) static StringextractBearerToken(io.vertx.ext.web.RoutingContext context, OidcTenantConfig oidcConfig) findRoles(String clientId, OidcTenantConfig.Roles rolesConfig, io.vertx.core.json.JsonObject json) getAllScopes(OidcTenantConfig oidcConfig) static <T> TgetAttribute(io.quarkus.security.identity.SecurityIdentity identity, String name) static StringgetCookieSuffix(OidcTenantConfig oidcConfig) static io.smallrye.mutiny.Uni<io.vertx.core.MultiMap>getFormUrlEncodedData(io.vertx.ext.web.RoutingContext context) static StringgetJwtContentPart(String jwt) static StringgetSessionCookie(io.vertx.ext.web.RoutingContext context, OidcTenantConfig oidcTenantConfig) static StringgetSessionCookie(Map<String, Object> context, Map<String, io.vertx.core.http.Cookie> cookies, OidcTenantConfig oidcTenantConfig) static StringgetSessionCookieName(OidcTenantConfig oidcConfig) static byte[]getSha256Digest(byte[] value) static StringgetTenantIdFromCookie(String cookiePrefix, String cookieName, boolean sessionCookie) static <T extends io.quarkus.security.credential.TokenCredential>
TgetTokenCredential(io.quarkus.security.identity.SecurityIdentity identity, Class<T> type) static booleanisEncryptedToken(String token) static booleanisFormUrlEncodedRequest(io.vertx.ext.web.RoutingContext context) static booleanisJwtTokenExpired(String token) static booleanisOpaqueToken(String token) static booleanisServiceApp(OidcTenantConfig oidcConfig) static booleanisSessionCookie(String cookieName) static booleanisWebApp(OidcTenantConfig oidcConfig) (package private) static OidcTenantConfigmergeTenantConfig(OidcTenantConfig tenant, OidcTenantConfig provider) Merge the current tenant and well-known OpenId Connect provider configurations.static StringremoveCookie(io.vertx.ext.web.RoutingContext context, OidcTenantConfig oidcConfig, String cookieName) (package private) static voidremoveCookie(io.vertx.ext.web.RoutingContext context, io.vertx.core.http.impl.ServerCookie cookie, OidcTenantConfig oidcConfig) (package private) static io.smallrye.mutiny.Uni<Void>removeSessionCookie(io.vertx.ext.web.RoutingContext context, OidcTenantConfig oidcConfig, TokenStateManager tokenStateManager) (package private) static OidcTenantConfigresolveProviderConfig(OidcTenantConfig oidcTenantConfig) static voidsetBlockingApiAttribute(QuarkusSecurityIdentity.Builder builder, io.vertx.ext.web.RoutingContext vertxContext) (package private) static voidsetCookiePath(io.vertx.ext.web.RoutingContext context, OidcTenantConfig.Authentication auth, io.vertx.core.http.impl.ServerCookie cookie) static voidsetRoutingContextAttribute(QuarkusSecurityIdentity.Builder builder, io.vertx.ext.web.RoutingContext routingContext) static voidsetSecurityIdentityConfigMetadata(QuarkusSecurityIdentity.Builder builder, TenantConfigContext resolvedContext) static voidsetSecurityIdentityIntrospection(QuarkusSecurityIdentity.Builder builder, TokenIntrospection introspectionResult) (package private) static voidsetSecurityIdentityPermissions(QuarkusSecurityIdentity.Builder builder, OidcTenantConfig config, io.vertx.core.json.JsonObject permissionsJson) static voidsetSecurityIdentityRoles(QuarkusSecurityIdentity.Builder builder, OidcTenantConfig config, io.vertx.core.json.JsonObject rolesJson) static voidsetSecurityIdentityUserInfo(QuarkusSecurityIdentity.Builder builder, UserInfo userInfo) static voidsetTenantIdAttribute(QuarkusSecurityIdentity.Builder builder, OidcTenantConfig config) (package private) static voidstoreExtractedBearerToken(io.vertx.ext.web.RoutingContext context, String token) (package private) static Permission[]transformScopesToPermissions(Collection<String> scopes) (package private) static QuarkusSecurityIdentityvalidateAndCreateIdentity(Map<String, Object> requestData, io.quarkus.security.credential.TokenCredential credential, TenantConfigContext resolvedContext, io.vertx.core.json.JsonObject tokenJson, io.vertx.core.json.JsonObject rolesJson, UserInfo userInfo, TokenIntrospection introspectionResult, io.quarkus.security.identity.request.TokenAuthenticationRequest request) static voidvalidatePrimaryJwtTokenType(OidcTenantConfig.Token tokenConfig, io.vertx.core.json.JsonObject tokenJson)
-
Field Details
-
STATE_COOKIE_RESTORE_PATH
- See Also:
-
CONFIG_METADATA_ATTRIBUTE
- See Also:
-
USER_INFO_ATTRIBUTE
- See Also:
-
INTROSPECTION_ATTRIBUTE
- See Also:
-
TENANT_ID_ATTRIBUTE
- See Also:
-
TENANT_ID_SET_BY_ANNOTATION
- See Also:
-
TENANT_ID_SET_BY_SESSION_COOKIE
- See Also:
-
TENANT_ID_SET_BY_STATE_COOKIE
- See Also:
-
DEFAULT_TENANT_ID
- See Also:
-
SESSION_COOKIE_NAME
- See Also:
-
SESSION_COOKIE_CHUNK_START
- See Also:
-
SESSION_COOKIE_CHUNK
- See Also:
-
ACCESS_TOKEN_COOKIE_SUFFIX
- See Also:
-
REFRESH_TOKEN_COOKIE_SUFFIX
- See Also:
-
SESSION_AT_COOKIE_NAME
- See Also:
-
SESSION_RT_COOKIE_NAME
- See Also:
-
STATE_COOKIE_NAME
- See Also:
-
MAX_COOKIE_VALUE_LENGTH
-
POST_LOGOUT_COOKIE_NAME
- See Also:
-
DEFAULT_SCOPE_SEPARATOR
- See Also:
-
ANNOTATION_BASED_TENANT_RESOLUTION_ENABLED
- See Also:
-
UNDERSCORE
- See Also:
-
CODE_ACCESS_TOKEN_RESULT
- See Also:
-
CODE_ACCESS_TOKEN_FAILURE
- See Also:
-
COMMA
- See Also:
-
VOID_UNI
-
deleteTokensRequestContext
-
QUARKUS_IDENTITY_EXPIRE_TIME
- See Also:
-
-
Method Details
-
getSessionCookie
public static String getSessionCookie(io.vertx.ext.web.RoutingContext context, OidcTenantConfig oidcTenantConfig) -
getSessionCookie
-
getSessionCookieName
-
getCookieSuffix
-
isServiceApp
-
isWebApp
-
isEncryptedToken
-
isOpaqueToken
-
decodeJwtContent
-
decodeJwtContentAsString
-
getJwtContentPart
-
base64UrlDecode
-
decodeJwtHeaders
-
decodeJwtHeadersAsString
-
findRoles
public static List<String> findRoles(String clientId, OidcTenantConfig.Roles rolesConfig, io.vertx.core.json.JsonObject json) -
validateAndCreateIdentity
static QuarkusSecurityIdentity validateAndCreateIdentity(Map<String, Object> requestData, io.quarkus.security.credential.TokenCredential credential, TenantConfigContext resolvedContext, io.vertx.core.json.JsonObject tokenJson, io.vertx.core.json.JsonObject rolesJson, UserInfo userInfo, TokenIntrospection introspectionResult, io.quarkus.security.identity.request.TokenAuthenticationRequest request) -
setSecurityIdentityPermissions
static void setSecurityIdentityPermissions(QuarkusSecurityIdentity.Builder builder, OidcTenantConfig config, io.vertx.core.json.JsonObject permissionsJson) -
addTokenScopesAsPermissions
static void addTokenScopesAsPermissions(QuarkusSecurityIdentity.Builder builder, Collection<String> scopes) -
transformScopesToPermissions
-
setSecurityIdentityRoles
public static void setSecurityIdentityRoles(QuarkusSecurityIdentity.Builder builder, OidcTenantConfig config, io.vertx.core.json.JsonObject rolesJson) -
setBlockingApiAttribute
public static void setBlockingApiAttribute(QuarkusSecurityIdentity.Builder builder, io.vertx.ext.web.RoutingContext vertxContext) -
setTenantIdAttribute
public static void setTenantIdAttribute(QuarkusSecurityIdentity.Builder builder, OidcTenantConfig config) -
setRoutingContextAttribute
public static void setRoutingContextAttribute(QuarkusSecurityIdentity.Builder builder, io.vertx.ext.web.RoutingContext routingContext) -
setSecurityIdentityUserInfo
public static void setSecurityIdentityUserInfo(QuarkusSecurityIdentity.Builder builder, UserInfo userInfo) -
setSecurityIdentityIntrospection
public static void setSecurityIdentityIntrospection(QuarkusSecurityIdentity.Builder builder, TokenIntrospection introspectionResult) -
setSecurityIdentityConfigMetadata
public static void setSecurityIdentityConfigMetadata(QuarkusSecurityIdentity.Builder builder, TenantConfigContext resolvedContext) -
validatePrimaryJwtTokenType
public static void validatePrimaryJwtTokenType(OidcTenantConfig.Token tokenConfig, io.vertx.core.json.JsonObject tokenJson) -
removeSessionCookie
static io.smallrye.mutiny.Uni<Void> removeSessionCookie(io.vertx.ext.web.RoutingContext context, OidcTenantConfig oidcConfig, TokenStateManager tokenStateManager) -
removeCookie
public static String removeCookie(io.vertx.ext.web.RoutingContext context, OidcTenantConfig oidcConfig, String cookieName) -
removeCookie
static void removeCookie(io.vertx.ext.web.RoutingContext context, io.vertx.core.http.impl.ServerCookie cookie, OidcTenantConfig oidcConfig) -
setCookiePath
static void setCookiePath(io.vertx.ext.web.RoutingContext context, OidcTenantConfig.Authentication auth, io.vertx.core.http.impl.ServerCookie cookie) -
mergeTenantConfig
Merge the current tenant and well-known OpenId Connect provider configurations. Initialized properties take priority over uninitialized properties. Initialized properties in the current tenant configuration take priority over the same initialized properties in the well-known OpenId Connect provider configuration. Tenant id property of the current tenant must be set before the merge operation.- Parameters:
tenant- current tenant configurationprovider- well-known OpenId Connect provider configuration- Returns:
- merged configuration
-
resolveProviderConfig
-
getSha256Digest
- Throws:
NoSuchAlgorithmException
-
encryptJson
public static String encryptJson(io.vertx.core.json.JsonObject json, SecretKey key) throws Exception - Throws:
Exception
-
encryptString
- Throws:
Exception
-
encryptString
public static String encryptString(String jweString, SecretKey key, io.smallrye.jwt.algorithm.KeyEncryptionAlgorithm algorithm) throws Exception - Throws:
Exception
-
decryptJson
- Throws:
Exception
-
decryptString
- Throws:
Exception
-
decryptString
public static String decryptString(String jweString, Key key, io.smallrye.jwt.algorithm.KeyEncryptionAlgorithm algorithm) throws org.jose4j.lang.JoseException - Throws:
org.jose4j.lang.JoseException
-
isFormUrlEncodedRequest
public static boolean isFormUrlEncodedRequest(io.vertx.ext.web.RoutingContext context) -
getFormUrlEncodedData
public static io.smallrye.mutiny.Uni<io.vertx.core.MultiMap> getFormUrlEncodedData(io.vertx.ext.web.RoutingContext context) -
encodeScopes
-
getAllScopes
-
isSessionCookie
-
extractBearerToken
static String extractBearerToken(io.vertx.ext.web.RoutingContext context, OidcTenantConfig oidcConfig) -
storeExtractedBearerToken
-
getTenantIdFromCookie
-
cacheUserInfoInIdToken
public static boolean cacheUserInfoInIdToken(DefaultTenantConfigResolver resolver, OidcTenantConfig oidcConfig) -
createCookie
public static io.vertx.core.http.impl.ServerCookie createCookie(io.vertx.ext.web.RoutingContext context, OidcTenantConfig oidcConfig, String name, String value, long maxAge) -
createSecretKeyFromDigest
-
getTokenCredential
public static <T extends io.quarkus.security.credential.TokenCredential> T getTokenCredential(io.quarkus.security.identity.SecurityIdentity identity, Class<T> type) -
getAttribute
public static <T> T getAttribute(io.quarkus.security.identity.SecurityIdentity identity, String name) -
isJwtTokenExpired
-