Package org.forgerock.openam.scripting.api.identity

Class ScriptedClient

java.lang.Object
org.forgerock.openam.scripting.api.identity.ScriptedIdentity
org.forgerock.openam.scripting.api.identity.ScriptedClient
@Supported public class ScriptedClient extends ScriptedIdentity
A subclass of ScriptedIdentity which enables the translation of SMS attribute names to LDAP naming convention in a scripted context.

  • Method Details

    • getAttributeValues

      @Supported public String[] getAttributeValues(String attributeName)
      Description copied from class: ScriptedIdentity
      Retrieves a particular attribute's value
      Overrides:
      getAttributeValues in class ScriptedIdentity
      Parameters:
      attributeName - the name of the attribute to be retrieved
      Returns:
      the value of the attribute

    • getAttribute

      @Supported public Set<String> getAttribute(String attributeName)

    • setAttribute

      @Supported public void setAttribute(String attributeName, String[] attributeValues)
      Description copied from class: ScriptedIdentity
      Sets the attribute's values. If the attribute already exists all existing values will be overridden. If it doesn't exist, it will be created.
      Overrides:
      setAttribute in class ScriptedIdentity
      Parameters:
      attributeName - the name of the attribute
      attributeValues - the values of the attribute

    • addAttribute

      @Supported public void addAttribute(String attributeName, String attributeValue)
      Description copied from class: ScriptedIdentity
      Adds a new attribute value to the existing set for the named attribute. If the identity does not have any existing values, this sets the attribute to have the single value provided.
      Overrides:
      addAttribute in class ScriptedIdentity
      Parameters:
      attributeName - the name of the attribute
      attributeValue - the value of the attribute to add

    • setJwksCacheTimeout

      @Supported public ScriptedClient setJwksCacheTimeout(Long jwksCacheTimeout)
      Sets the JWKS URI content cache timeout of the ScriptedClient.
      Parameters:
      jwksCacheTimeout - the JWKS URI content cache timeout

    • setJwksCacheMissCacheTime

      @Supported public ScriptedClient setJwksCacheMissCacheTime(Long jwksCacheMissCacheTime)
      Sets the JWKS URI content cache miss time of the ScriptedClient.
      Parameters:
      jwksCacheMissCacheTime - the JWKS URI content cache miss time

    • setClientSecret

      @Supported public ScriptedClient setClientSecret(String clientSecret)
      Sets the client secret of the ScriptedClient.
      Parameters:
      clientSecret - the client's secret

    • setRegistrationAccessToken

      @Supported public ScriptedClient setRegistrationAccessToken(String accessToken)
      Sets the registration access token of the ScriptedClient.
      Parameters:
      accessToken - the registration access token

    • setScope

      @Supported public ScriptedClient setScope(List<String> allowedGrantScopes)
      Sets the allowed scopes of the ScriptedClient.
      Parameters:
      allowedGrantScopes - the allowed scopes

    • setClientName

      @Supported public ScriptedClient setClientName(List<String> clientName)
      Sets the client name of the ScriptedClient.
      Parameters:
      clientName - the client name to set

    • setClientSessionURI

      @Supported public ScriptedClient setClientSessionURI(String clientSessionURI)
      Sets the client session uri of the ScriptedClient.
      Parameters:
      clientSessionURI - the client session uri

    • setClientType

      @Supported public ScriptedClient setClientType(String clientType)
      Sets the client type of the ScriptedClient.
      Parameters:
      clientType - the client type

    • setDefaultScopes

      @Supported public ScriptedClient setDefaultScopes(List<String> defaultScopes)
      Sets the default scopes of the ScriptedClient.
      Parameters:
      defaultScopes - the default scopes

    • setClientDescription

      @Supported public ScriptedClient setClientDescription(List<String> displayDescription)
      Sets the client description of the ScriptedClient.
      Parameters:
      displayDescription - the client description

    • setDisplayName

      @Supported public ScriptedClient setDisplayName(List<String> displayName)
      Sets the display name of the ScriptedClient.
      Parameters:
      displayName - the display name

    • setClientUri

      @Supported public ScriptedClient setClientUri(List<String> uris)
      Set the client URI (with localisations).
      Parameters:
      uris - the uri(s)

    • setLogoUri

      @Supported public ScriptedClient setLogoUri(List<String> uris)
      Set the client logo URI (with localisations).
      Parameters:
      uris - the uri(s)

    • setPolicyUri

      @Supported public ScriptedClient setPolicyUri(List<String> uris)
      Set the client policy URI (with localisations).
      Parameters:
      uris - the uri(s)

    • setTosUri

      @Supported public ScriptedClient setTosUri(List<String> uris)
      Set the client Terms of Service (TOS) URI (with localisations).
      Parameters:
      uris - the uri(s)

    • setTokenEndpointAuthMethod

      @Supported public ScriptedClient setTokenEndpointAuthMethod(String tokenEndpointAuthMethod)
      Sets the token endpoint auth method value.
      Parameters:
      tokenEndpointAuthMethod - token endpoint auth method this client uses

    • setTokenEndpointAuthSigningAlg

      @Supported public ScriptedClient setTokenEndpointAuthSigningAlg(String tokenEndpointAuthSigningAlgorithm)
      Sets the algorithm that MUST be used for signing the JWT used to authenticate the Client at the Token Endpoint for the private_key_jwt and client_secret_jwt authentication methods.
      Parameters:
      tokenEndpointAuthSigningAlgorithm - the id token signed request algorithm

    • setJwks

      @Supported public ScriptedClient setJwks(String jwks)
      Sets the JWKs value.
      Parameters:
      jwks - jwks containing valid public keys

    • setJwksUri

      @Supported public ScriptedClient setJwksUri(String jwksUri)
      Sets the JWKs URI value.
      Parameters:
      jwksUri - URL containing JWKs of valid public keys

    • setX509

      @Supported public ScriptedClient setX509(String x509)
      Sets the X509 value.
      Parameters:
      x509 - public key certificate

    • setPublicKeySelector

      @Supported public ScriptedClient setPublicKeySelector(String selector)
      Sets the public key selector.
      Parameters:
      selector - which of the public key types to use

    • setSubjectType

      @Supported public ScriptedClient setSubjectType(String subjectType)
      Sets the subject type of the ScriptedClient.
      Parameters:
      subjectType - the subject type

    • setDefaultMaxAgeEnabled

      @Supported public ScriptedClient setDefaultMaxAgeEnabled(Boolean enforceDefaultMaxAge)
      Sets whether to enforce the default max age.
      Parameters:
      enforceDefaultMaxAge - whether to enforce the default max age

    • setDefaultMaxAge

      @Supported public ScriptedClient setDefaultMaxAge(Long defaultMaxAge)
      Sets the default max age on the ScriptedClient.
      Parameters:
      defaultMaxAge - the default max age, in seconds

    • setSectorIdentifierUri

      @Supported public ScriptedClient setSectorIdentifierUri(String sectorIdentifierUri)
      Sets the sector identifier uri.
      Parameters:
      sectorIdentifierUri - identifier uri to be used when pairwise

    • setAuthorizationResponseSigningAlg

      @Supported public ScriptedClient setAuthorizationResponseSigningAlg(String signedResponseAlg)
      Sets the authorization response JWT signing algorithm.
      Parameters:
      signedResponseAlg - the authorization response JWT signing algorithm

    • setAuthorizationEncryptedResponseAlg

      @Supported public ScriptedClient setAuthorizationEncryptedResponseAlg(String encryptedResponseAlg)
      Sets the authorization response JWT encryption algorithm.
      Parameters:
      encryptedResponseAlg - the authorization response JWT encryption algorithm

    • setAuthorizationEncryptedResponseEnc

      @Supported public ScriptedClient setAuthorizationEncryptedResponseEnc(String encryptedResponseMethod)
      Sets the authorization response JWT encryption method.
      Parameters:
      encryptedResponseMethod - the authorization response JWT encryption method

    • setIdTokenSignedResponseAlg

      @Supported public ScriptedClient setIdTokenSignedResponseAlg(String idTokenSignedResponseAlgorithm)
      Sets the id token signed response algorithm of the ScriptedClient.
      Parameters:
      idTokenSignedResponseAlgorithm - the id token signed response algorithm

    • setIdTokenEncryptedResponseAlg

      @Supported public ScriptedClient setIdTokenEncryptedResponseAlg(String idTokenEncryptedResponseAlgorithm)
      Sets the id token signed response algorithm of the ScriptedClient.
      Parameters:
      idTokenEncryptedResponseAlgorithm - the id token encrypted response algorithm

    • setIdTokenEncryptedResponseEnc

      @Supported public ScriptedClient setIdTokenEncryptedResponseEnc(String idTokenEncryptedResponseEnc)
      Sets the id token encrypted response algorithm of the ScriptedClient.
      Parameters:
      idTokenEncryptedResponseEnc - the id token encrypted response enc

    • setIdTokenEncryptionEnabled

      @Supported public ScriptedClient setIdTokenEncryptionEnabled(boolean idTokenEncryptionEnabled)
      Sets whether the id token encryption is enabled or not.
      Parameters:
      idTokenEncryptionEnabled - whether id token encryption is enabled

    • setRedirectURIs

      @Supported public ScriptedClient setRedirectURIs(List<String> redirectURIs)
      Sets the redirection uris of the ScriptedClient.
      Parameters:
      redirectURIs - the redirection uris

    • setClaimsRedirectUris

      @Supported public ScriptedClient setClaimsRedirectUris(List<String> claimsRedirectUris)
      Set the claims redirection URIs.
      Parameters:
      claimsRedirectUris - the uris

    • setPostLogoutRedirectUris

      @Supported public ScriptedClient setPostLogoutRedirectUris(List<String> postLogoutRedirectionURIs)
      Sets the post logout redirection URIs of the ScriptedClient.
      Parameters:
      postLogoutRedirectionURIs - the post logout redirection URIs

    • setResponseTypes

      @Supported public ScriptedClient setResponseTypes(List<String> responseTypes)
      Sets the response types of the ScriptedClient.
      Parameters:
      responseTypes - the response types

    • setContacts

      @Supported public ScriptedClient setContacts(List<String> contacts)
      Sets the contacts of the ScriptedClient.
      Parameters:
      contacts - the contact information for the clients

    • setDefaultAcrValues

      @Supported public ScriptedClient setDefaultAcrValues(List<String> defaultAcrValues)
      Sets the default acr values on the ScriptedClient.
      Parameters:
      defaultAcrValues - the default acr values

    • setTreeName

      @Supported public ScriptedClient setTreeName(String treeName)
      Sets the tree name on the ScriptedClient.
      Parameters:
      treeName - the tree name

    • setUserInfoResponseFormat

      @Supported public ScriptedClient setUserInfoResponseFormat(String userInfoResponseFormat)
      Sets the user info response format.
      Parameters:
      userInfoResponseFormat - the user info response format

    • setUserinfoSignedResponseAlg

      @Supported public ScriptedClient setUserinfoSignedResponseAlg(String userinfoSignedResponseAlg)
      Sets the user info signed response algorithm.
      Parameters:
      userinfoSignedResponseAlg - the user info signed response algorithm

    • setUserinfoEncryptedResponseAlg

      @Supported public ScriptedClient setUserinfoEncryptedResponseAlg(String userinfoEncryptedResponseAlg)
      Sets the user info encrypted response algorithm.
      Parameters:
      userinfoEncryptedResponseAlg - the user info encrypted response algorithm

    • setUserinfoEncryptedResponseEnc

      @Supported public ScriptedClient setUserinfoEncryptedResponseEnc(String userinfoEncryptedResponseEnc)
      Sets the user info encrypted response encryption algorithm.
      Parameters:
      userinfoEncryptedResponseEnc - the user info encrypted response encryption algorithm

    • setRequestObjectSigningAlg

      @Supported public ScriptedClient setRequestObjectSigningAlg(String requestObjectSigningAlg)
      Sets the request parameter encrypted algorithm.
      Parameters:
      requestObjectSigningAlg - the request parameter encrypted response algorithm

    • setRequestObjectEncryptionAlg

      @Supported public ScriptedClient setRequestObjectEncryptionAlg(String requestObjectEncryptedAlg)
      Sets the request parameter encrypted encryption algorithm.
      Parameters:
      requestObjectEncryptedAlg - the request parameter encrypted response encryption algorithm

    • setRequestObjectEncryptionEnc

      @Supported public ScriptedClient setRequestObjectEncryptionEnc(String requestParameterEncryptedEnc)
      Sets the request parameter encrypted response encryption algorithm.
      Parameters:
      requestParameterEncryptedEnc - the request parameter encrypted encryption algorithm

    • setRequestUris

      @Supported public ScriptedClient setRequestUris(List<String> requestUris)
      Sets the request uris.
      Parameters:
      requestUris - the request uris

    • setGrantTypes

      @Supported public ScriptedClient setGrantTypes(List<String> grantTypes)
      Set the Grant Types.
      Parameters:
      grantTypes - the grantTypes

    • setAuthorizationCodeLifeTime

      @Supported public ScriptedClient setAuthorizationCodeLifeTime(Long authorizationCodeLifeTime)
      Sets the authorization code lifetime.
      Parameters:
      authorizationCodeLifeTime - the authorization code lifetime

    • setAccessTokenLifeTime

      @Supported public ScriptedClient setAccessTokenLifeTime(Long accessTokenLifeTime)
      Sets the Access token lifetime.
      Parameters:
      accessTokenLifeTime - the access token lifetime

    • setRefreshTokenLifeTime

      @Supported public ScriptedClient setRefreshTokenLifeTime(Long refreshTokenLifeTime)
      Sets the Refresh token lifetime.
      Parameters:
      refreshTokenLifeTime - the refresh token lifetime

    • setJwtTokenLifeTime

      @Supported public ScriptedClient setJwtTokenLifeTime(Long jwtTokenLifeTime)
      Sets the JWT token lifetime.
      Parameters:
      jwtTokenLifeTime - JWT token lifetime

    • setTlsCertificateBoundAccessTokens

      @Supported public ScriptedClient setTlsCertificateBoundAccessTokens(boolean useCertificateBoundAccessTokens)
      Sets whether to use certificate-bound access tokens.
      Parameters:
      useCertificateBoundAccessTokens - whether to use certificate-bound access tokens

    • setTlsClientAuthSubjectDn

      @Supported public ScriptedClient setTlsClientAuthSubjectDn(String subjectDn)
      Sets the Subject DN to use for mutual TLS client authentication.
      Parameters:
      subjectDn - the subject DN to use

    • setTlsClientAuthX509Cert

      @Supported public ScriptedClient setTlsClientAuthX509Cert(String x509Cert)
      Sets the self-signed X.509 certificate to use for this client. This is a Ping proprietary extension.
      Parameters:
      x509Cert - the X.509 cert to use for client authentication

    • setTokenIntroResponseFormatSelector

      @Supported public ScriptedClient setTokenIntroResponseFormatSelector(String tokenIntrospectionResponseFormat)
      Sets the token introspection response format.
      Parameters:
      tokenIntrospectionResponseFormat - the token introspection response format

    • setIntrospectionSignedResponseAlg

      @Supported public ScriptedClient setIntrospectionSignedResponseAlg(String tokenIntrospectionSignedResponseAlg)
      Sets the token introspection signed response algorithm.
      Parameters:
      tokenIntrospectionSignedResponseAlg - the token introspection signed response algorithm

    • setIntrospectionEncryptedResponseAlg

      @Supported public ScriptedClient setIntrospectionEncryptedResponseAlg(String tokenIntrospectionEncryptedResponseAlg)
      Sets the token introspection encrypted response algorithm.
      Parameters:
      tokenIntrospectionEncryptedResponseAlg - the token introspection encrypted response algorithm

    • setIntrospectionEncryptedResponseEnc

      @Supported public ScriptedClient setIntrospectionEncryptedResponseEnc(String tokenIntrospectionEncryptedResponseEnc)
      Sets the token introspection encrypted response encryption algorithm.
      Parameters:
      tokenIntrospectionEncryptedResponseEnc - the token introspection encrypted response encryption algorithm

    • setSoftwareId

      @Supported public ScriptedClient setSoftwareId(String softwareIdentity)
      Sets the software identity to be associated with the client.
      Parameters:
      softwareIdentity - the software identity

    • setSoftwareVersion

      @Supported public ScriptedClient setSoftwareVersion(String softwareVersion)
      Sets the software version for the client.
      Parameters:
      softwareVersion - the software version

    • setBackChannelLogoutUri

      @Supported public ScriptedClient setBackChannelLogoutUri(String uri)
      Set the URI for back-channel logout.
      Parameters:
      uri - the back-channel logout URI