Package io.quarkus.oidc

Class OidcTenantConfig.TokenStateManager

java.lang.Object

io.quarkus.oidc.OidcTenantConfig.TokenStateManager

Enclosing class:

OidcTenantConfig

public static class OidcTenantConfig.TokenStateManager
extends Object

Default Authorization Code token state manager configuration

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	OidcTenantConfig.TokenStateManager.Strategy

Field Summary

Fields

Modifier and Type	Field	Description
boolean	encryptionRequired	Mandates that the session cookie that stores the tokens is encrypted.
Optional<String>	encryptionSecret	Secret which will be used to encrypt the session cookie storing the tokens when encryptionRequired property is enabled.
boolean	splitTokens	Default TokenStateManager keeps all tokens (ID, access and refresh) returned in the authorization code grant response in a single session cookie by default.
OidcTenantConfig.TokenStateManager.Strategy	strategy	Default TokenStateManager strategy.

Constructor Summary

Constructors

Constructor	Description
TokenStateManager()

Method Summary

Modifier and Type	Method	Description
Optional<String>	getEncryptionSecret()
OidcTenantConfig.TokenStateManager.Strategy	getStrategy()
boolean	isEncryptionRequired()
boolean	isSplitTokens()
void	setEncryptionRequired(boolean encryptionRequired)
void	setEncryptionSecret(String encryptionSecret)
void	setSplitTokens(boolean splitTokens)
void	setStrategy(OidcTenantConfig.TokenStateManager.Strategy strategy)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

strategy

@ConfigItem(defaultValue="keep_all_tokens")
public OidcTenantConfig.TokenStateManager.Strategy strategy

Default TokenStateManager strategy.

splitTokens

@ConfigItem(defaultValue="false")
public boolean splitTokens

Default TokenStateManager keeps all tokens (ID, access and refresh) returned in the authorization code grant response in a single session cookie by default. Enable this property to minimize a session cookie size

encryptionRequired

@ConfigItem(defaultValue="true")
public boolean encryptionRequired

Mandates that the session cookie that stores the tokens is encrypted.

encryptionSecret

@ConfigItem
public Optional<String> encryptionSecret

Secret which will be used to encrypt the session cookie storing the tokens when encryptionRequired property is enabled.

If this secret is not set, the client secret configured with either `quarkus.oidc.credentials.secret` or `quarkus.oidc.credentials.client-secret.value` will be checked. Finally, `quarkus.oidc.credentials.jwt.secret` which can be used for `client_jwt_secret` authentication will be checked. The secret will be auto-generated if it remains uninitialized after checking all of these properties.

The length of the secret which will be used to encrypt the tokens should be at least 32 characters long. Warning will be logged if the secret length is less than 16 characters.

Constructor Detail

TokenStateManager

public TokenStateManager()

Method Detail

isEncryptionRequired

public boolean isEncryptionRequired()

setEncryptionRequired

public void setEncryptionRequired(boolean encryptionRequired)

getEncryptionSecret

public Optional<String> getEncryptionSecret()

setEncryptionSecret

public void setEncryptionSecret(String encryptionSecret)

isSplitTokens

public boolean isSplitTokens()

setSplitTokens

public void setSplitTokens(boolean splitTokens)

getStrategy

public OidcTenantConfig.TokenStateManager.Strategy getStrategy()

setStrategy

public void setStrategy(OidcTenantConfig.TokenStateManager.Strategy strategy)