Package com.aquima.web.boot.security.openid

Class DefaultOpenIdConnectClient

java.lang.Object

com.aquima.web.boot.security.openid.DefaultOpenIdConnectClient

All Implemented Interfaces:

OpenIdConnectClient

public class DefaultOpenIdConnectClient
extends Object
implements OpenIdConnectClient

Constructor Summary

Constructors

Constructor	Description
DefaultOpenIdConnectClient(org.springframework.web.client.RestTemplate restTemplate, OpenIdConnectSettings openIdConnectSettings)

Method Summary

Modifier and Type	Method	Description
TokenResponse	exchangeCodeForToken(String authorizationCode, String redirectUri)	Performs the exchange step in the OpenID Connect Authorization Code flow: exchanges an authorization code for id, access and (optionally) refresh tokens.
TokenResponse	getToken()	Obtains an access token and (optionally) a refresh token using the OpenID Connect Client Credentials flow.
UserInfoResponse	getUserInfo(String encodedAccessToken)	Obtains information about the user for whom the given access token was granted.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

DefaultOpenIdConnectClient

public DefaultOpenIdConnectClient(org.springframework.web.client.RestTemplate restTemplate,
 OpenIdConnectSettings openIdConnectSettings)

Method Details

exchangeCodeForToken

public TokenResponse exchangeCodeForToken(String authorizationCode,
 String redirectUri)
                                   throws OpenIdConnectException,
IOException

Description copied from interface: OpenIdConnectClient

Performs the exchange step in the OpenID Connect Authorization Code flow: exchanges an authorization code for id, access and (optionally) refresh tokens.

Specified by:

exchangeCodeForToken in interface OpenIdConnectClient

Parameters:

authorizationCode - the authorization code to be exchanged for tokens

redirectUri - the redirect_uri parameter that was used to obtain the authorization code

Returns:

the tokens returned by the identity provider

Throws:

OpenIdConnectException - when the identity provider returns an error

IOException - when there is an error communicating with the identity provider

getToken

public TokenResponse getToken()
                       throws OpenIdConnectException,
IOException

Description copied from interface: OpenIdConnectClient

Obtains an access token and (optionally) a refresh token using the OpenID Connect Client Credentials flow.

This method uses the configured client id and client secret to authenticate with the identity provider. The client must be authorized to use the client credentials flow.

Specified by:

getToken in interface OpenIdConnectClient

Returns:

the tokens returned by the identity provider

Throws:

OpenIdConnectException - when the identity provider returns an error

IOException - when there us an error communicating with the identity provider

getUserInfo

public UserInfoResponse getUserInfo(String encodedAccessToken)
                             throws OpenIdConnectException,
IOException

Description copied from interface: OpenIdConnectClient

Obtains information about the user for whom the given access token was granted.

Specified by:

getUserInfo in interface OpenIdConnectClient

Parameters:

encodedAccessToken - an encoded access token

Returns:

information about the user, as provided by the OpenID Connect Identity Provider

Throws:

OpenIdConnectException - when the identity provider returns an error

IOException - when there is an error communicating with the identity provider