Package io.quarkus.oidc.runtime
Interface OidcTenantConfig.Jwks
- All Known Implementing Classes:
OidcTenantConfig.Jwks
- Enclosing interface:
- OidcTenantConfig
public static interface OidcTenantConfig.Jwks
-
Method Summary
Modifier and TypeMethodDescriptionintMaximum number of JWK keys that can be cached.Number of minutes a JWK key can be cached for.Cache timer interval.booleanIf JWK verification keys should be fetched at the moment a connection to the OIDC provider is initialized.booleantryAll()In case there is no key identifier ('kid') or certificate thumbprints ('x5t', 'x5t#S256') specified in the JOSE header and no key could be determined, check all available keys matching the token algorithm ('alg') header value.
-
Method Details
-
resolveEarly
@WithDefault("true") boolean resolveEarly()If JWK verification keys should be fetched at the moment a connection to the OIDC provider is initialized. Disabling this property delays the key acquisition until the moment the current token has to be verified. Typically it can only be necessary if the token or other telated request properties provide an additional context which is required to resolve the keys correctly. -
cacheSize
@WithDefault("10") int cacheSize()Maximum number of JWK keys that can be cached. This property is ignored if theresolveEarly()property is set to true. -
cacheTimeToLive
Number of minutes a JWK key can be cached for. This property is ignored if theresolveEarly()property is set to true. -
cleanUpTimerInterval
Cache timer interval. If this property is set, a timer checks and removes the stale entries periodically. This property is ignored if theresolveEarly()property is set to true. -
tryAll
@WithDefault("false") boolean tryAll()In case there is no key identifier ('kid') or certificate thumbprints ('x5t', 'x5t#S256') specified in the JOSE header and no key could be determined, check all available keys matching the token algorithm ('alg') header value.
-