Package org.forgerock.openig.filter.oauth2.client

Class ClientRegistrationFilter

java.lang.Object

org.forgerock.openig.filter.oauth2.client.ClientRegistrationFilter

All Implemented Interfaces:

Filter

public class ClientRegistrationFilter
extends Object
implements Filter

The client registration filter is the way to dynamically register an OpenID Connect Relying Party with the End-User's OpenID Provider.

All OpenID metadata must be included in the OAuth2ClientFilter configuration, in the "metadata" attribute. Note that for dynamic client registration, only the "redirect_uris" attribute is mandatory. Notably, where private_key_jwt authentication is configured, the "jwks" metadata should be omitted as this will be determined by the ClientRegistrationFilter from the configured discoverySecretId.

The supplied ClientRegistrationStrategy determines the authentication mechanism used.

Note: When using AM, the "scopes" may be specified to this configuration but it must be defined as: "scopes"(array of string), which differs from the OAuth2 metadata "scope" (a string containing a space separated list of scope values).

See Also:

• OpenID Connect Dynamic Client Registration 1.0
• OpenID Connect Dynamic Client Registration 1.0
• OAuth 2.0 Dynamic Client Registration Protocol

Constructor Summary

Constructors

Constructor	Description
ClientRegistrationFilter(org.forgerock.openig.filter.oauth2.client.ClientRegistrationRepository repository, ClientRegistrationStrategy registrationStrategy)	Creates a new dynamic registration filter.

Method Summary

Modifier and Type	Method	Description
Promise<Response,NeverThrowsException>	filter(Context context, Request request, Handler next)	Filters the request and/or response of an exchange.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

ClientRegistrationFilter

public ClientRegistrationFilter(org.forgerock.openig.filter.oauth2.client.ClientRegistrationRepository repository,
 ClientRegistrationStrategy registrationStrategy)

Creates a new dynamic registration filter.

Parameters:

repository - The ClientRegistrationRepository holding the registrations values.

registrationStrategy - The ClientRegistrationStrategy used to conduct client registration.

Method Details

filter

public Promise<Response,NeverThrowsException> filter(Context context,
 Request request,
 Handler next)

Description copied from interface: Filter

Filters the request and/or response of an exchange. To pass the request to the next filter or handler in the chain, the filter calls next.handle(context, request).

This method may elect not to pass the request to the next filter or handler, and instead handle the request itself. It can achieve this by merely avoiding a call to next.handle(context, request) and creating its own response object. The filter is also at liberty to replace a response with another of its own by intercepting the response returned by the next handler.

Specified by:

filter in interface Filter

Parameters:

context - The request context.

request - The request.

next - The next filter or handler in the chain to handle the request.

Returns:

A Promise representing the response to be returned to the client.