Class Issuer


  • public final class Issuer
    extends Object
    A configuration for an OpenID Connect Issuer. Two approaches to create the Issuer:

    With an OpenId well-known end-point:

     
     {
       "wellKnownEndpoint"            : uriExpression,   [REQUIRED]
       "issuerHandler"                : handler          [OPTIONAL - by default it uses the 'ForgeRockClientHandler'
                                                                     provided in heap.]
       "supportedDomains"             : [ patterns ]     [OPTIONAL - if this issuer supports other domain names]
     }
     
     
    The 'supportedDomains' are the other domain names supported by this issuer, their format can include use of regular-expression patterns. Nota: Declaring these domains in the configuration should be as simple as possible, without any schemes or end slash i.e.:
    
     GOOD: [ "openam.com", "openam.com:8092", "register.server.com", "allopenamdomains.*" ]
     BAD : [ "http://openam.com", "openam.com:8092/", "http://openam.com/" ]
     
     

    For example, use this kind of configuration if the end-points are not known:

     
     {
         "name": "openam",
         "type": "Issuer",
         "config": {
              "wellKnownEndpoint": "http://openam.example.com:8081/openam/oauth2/.well-known/openid-configuration"
              "supportedDomains" : [ "openam.com", "openam.com:8092", "register.server.com" ]
         }
     }
     
     

    Use this configuration if the end-points are known. The well-known end-point is optional as the value will be saved but no request will be performed on this end-point.

     
     {
       "authorizeEndpoint"            : uriExpression,   [REQUIRED]
       "tokenEndpoint"                : uriExpression,   [REQUIRED]
       "registrationEndpoint"         : uriExpression,   [OPTIONAL - allows dynamic client registration]
       "userInfoEndpoint"             : uriExpression    [OPTIONAL - default is no user info]
       "wellKnownEndpoint"            : uriExpression    [OPTIONAL]
       "supportedDomains"             : [ patterns ]     [OPTIONAL - if this issuer supports other domain names]
     }
     
     
    For example:
     
     {
         "name": "openam",
         "type": "Issuer",
         "config": {
              "authorizeEndpoint": "http://openam.example.com:8081/openam/oauth2/authorize",
              "tokenEndpoint": "http://openam.example.com:8081/openam/oauth2/access_token",
              "userInfoEndpoint": "http://openam.example.com:8081/openam/oauth2/userinfo"
         }
     }
     
     
    • Field Detail

    • Constructor Detail

      • Issuer

        public Issuer​(String name,
                      JsonValue config)
        Creates an issuer with the specified name and configuration.
        Parameters:
        name - The name of this Issuer. When the issuer is created by discovery, the issuer name is given by the metadata "issuer", not null.
        config - The configuration of this issuer, not null.
    • Method Detail

      • getName

        public String getName()
        Returns the name of this issuer.
        Returns:
        the name of this issuer.
      • getAuthorizeEndpoint

        public URI getAuthorizeEndpoint()
        Returns the authorize end-point of this issuer.
        Returns:
        the authorize end-point of this issuer.
      • getTokenEndpoint

        public URI getTokenEndpoint()
        Returns the token end-point of this issuer.
        Returns:
        the token end-point of this issuer.
      • getRegistrationEndpoint

        public URI getRegistrationEndpoint()
        Returns the registration end-point of this issuer.
        Returns:
        the registration end-point of this issuer.
      • getUserInfoEndpoint

        public URI getUserInfoEndpoint()
        Returns the user end-point of this issuer.
        Returns:
        the user end-point of this issuer.
      • getWellKnownEndpoint

        public URI getWellKnownEndpoint()
        Returns the well-known end-point of this issuer.
        Returns:
        the well-known end-point of this issuer.
      • hasUserInfoEndpoint

        public boolean hasUserInfoEndpoint()
        Returns true if this issuer has a user info end-point.
        Returns:
        true if this issuer has a user info end-point.
      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class Object