Package org.forgerock.oauth.resolvers

Class OpenIdResolverFactory

java.lang.Object
org.forgerock.oauth.resolvers.OpenIdResolverFactory
public class OpenIdResolverFactory extends Object
For producing OpenId Resolvers.

  • Constructor Details

    • OpenIdResolverFactory

      public OpenIdResolverFactory(Client client)
      For generating an OpenIDResolverFactory with the supplied client which will be used for all HTTP communication originating form this factory. Uses IssuerComparators.DEFAULT for comparing issuer values by exact string comparison.
      Parameters:
      client - The client to use

    • OpenIdResolverFactory

      public OpenIdResolverFactory(Client client, BiPredicate<String,String> issuerComparator)
      For generating an OpenIDResolverFactory with the supplied client which will be used for all HTTP communication originating form this factory.
      Parameters:
      client - The client to use
      issuerComparator - The comparator for comparing the incoming issuer value against the expected value.

    • OpenIdResolverFactory

      @Deprecated public OpenIdResolverFactory(int readTimeout, int connTimeout)
      Deprecated.
      Use org.forgerock.oauth.resolvers.OpenIdResolverFactory#OpenIdResolverFactory (org.forgerock.http.Client) instead
      For generating an OpenIDResolverFactory with the supplied timeouts which will be used for all HTTP communication originating form this factory.
      Parameters:
      readTimeout - HTTP read timeout for produced resolvers
      connTimeout - HTTP connection timeout for produced resolvers

  • Method Details

    • createPublicKeyResolver

      public OpenIdResolver createPublicKeyResolver(String issuer, PublicKey key)
      Creates a public key resolver for the supplied issuer.
      Parameters:
      issuer - The issuer's reference name
      key - Key to use for this issuer
      Returns:
      a configured and usable PublicKeyOpenIdResolverImpl

    • createSharedSecretResolver

      public OpenIdResolver createSharedSecretResolver(String issuer, String sharedSecret)
      Creates a shared secret (HMAC) key resolver for the supplied issuer.
      Parameters:
      issuer - The issuer's reference name
      sharedSecret - SharedSecret for which to use with HMAC
      Returns:
      a configured and usable SharedSecretOpenIdResolverImpl

    • createJWKResolver

      @Deprecated public OpenIdResolver createJWKResolver(String issuer, URL jwkUrl, int readTimeout, int connTimeout) throws FailedToLoadJWKException
      Deprecated.
      Replaced by createJWKResolver(String, URL) ()}
      See createJWKResolver(String, URL) ()}.
      Parameters:
      issuer - The issuer's reference name
      jwkUrl - From which to read the JWK Set
      readTimeout - read timeout setting for HTTP connections
      connTimeout - connection timeout setting for HTTP connections
      Returns:
      a configured and usable JWKOpenIdResolverImpl
      Throws:
      FailedToLoadJWKException - If there were problems reading or configuring data from the URL

    • createJWKResolver

      public OpenIdResolver createJWKResolver(String issuer, URL jwkUrl) throws FailedToLoadJWKException
      Creates a public key resolver for the supplied issuer using keys supplied at the JWK Set URL.
      Parameters:
      issuer - The issuer's reference name
      jwkUrl - From which to read the JWK Set
      Returns:
      a configured and usable JWKOpenIdResolverImpl
      Throws:
      FailedToLoadJWKException - If there were problems reading or configuring data from the URL

    • createSecretsProviderResolver

      public OpenIdResolver createSecretsProviderResolver(String issuer, SecretsProvider provider, Purpose<VerificationKey> purpose)
      Creates a public key based resolver for the supplied issuer using keys available through the given provider.

      The JWT kid attribute is used as secret's stable ID when looking up the secret.

      Parameters:
      issuer - The issuer's reference name
      provider - Secrets provider
      purpose - verification key purpose
      Returns:
      a configured and usable SecretsProviderOpenIdResolver

    • createFromOpenIDConfigUrl

      public OpenIdResolver createFromOpenIDConfigUrl(String issuer, URL configUrl) throws FailedToLoadJWKException
      Creates a public key resolver for the supplied issuer using keys supplied at the .well-known open ID configuration URL.
      Parameters:
      issuer - The issuer's reference name
      configUrl - Location of the .well-known Open ID Connect config
      Returns:
      a configured and usable JWKOpenIdResolverImpl
      Throws:
      FailedToLoadJWKException - If there were problems reading or configuring data from the URL