Package com.aquima.web.boot.security.openid

Interface OpenIdConnectClient

All Known Implementing Classes:
DefaultOpenIdConnectClient
public interface OpenIdConnectClient
An OpenID Connect client used for back-channel communication with an OpenID Connect Identity Provider.
Since:
11.3
Author:
Petru Galanton

  • Method Summary

    Modifier and Type
    Method
    Description
    TokenResponse
    exchangeCodeForToken(String authorizationCode, String redirectUri)
    Performs the exchange step in the OpenID Connect Authorization Code flow: exchanges an authorization code for id, access and (optionally) refresh tokens.
    TokenResponse
    getToken()
    Obtains an access token and (optionally) a refresh token using the OpenID Connect Client Credentials flow.
    UserInfoResponse
    getUserInfo(String encodedAccessToken)
    Obtains information about the user for whom the given access token was granted.

  • Method Details

    • exchangeCodeForToken

      TokenResponse exchangeCodeForToken(String authorizationCode, String redirectUri) throws OpenIdConnectException, IOException
      Performs the exchange step in the OpenID Connect Authorization Code flow: exchanges an authorization code for id, access and (optionally) refresh tokens.
      Parameters:
      authorizationCode - the authorization code to be exchanged for tokens
      redirectUri - the redirect_uri parameter that was used to obtain the authorization code
      Returns:
      the tokens returned by the identity provider
      Throws:
      OpenIdConnectException - when the identity provider returns an error
      IOException - when there is an error communicating with the identity provider

    • getToken

      TokenResponse getToken() throws OpenIdConnectException, IOException
      Obtains an access token and (optionally) a refresh token using the OpenID Connect Client Credentials flow.

      This method uses the configured client id and client secret to authenticate with the identity provider. The client must be authorized to use the client credentials flow.

      Returns:
      the tokens returned by the identity provider
      Throws:
      OpenIdConnectException - when the identity provider returns an error
      IOException - when there us an error communicating with the identity provider

    • getUserInfo

      UserInfoResponse getUserInfo(String encodedAccessToken) throws OpenIdConnectException, IOException
      Obtains information about the user for whom the given access token was granted.
      Parameters:
      encodedAccessToken - an encoded access token
      Returns:
      information about the user, as provided by the OpenID Connect Identity Provider
      Throws:
      OpenIdConnectException - when the identity provider returns an error
      IOException - when there is an error communicating with the identity provider