Package com.aquima.web.boot.security.openid

Interface OpenIdConnectDiscoveryClient

All Known Implementing Classes:

DefaultOpenIdConnectDiscoveryClient

public interface OpenIdConnectDiscoveryClient

An OpenID Connect client used for OpenID Connect Identity Provider Configuration Discovery.

Note for developers

Currently we have 2 OpenID Connect related clients. This client is required in order to create the OpenIdConnectSettings component that will be injected in the other client (OpenIdConnectClient). This way, we avoid circulr dependency. OpenIdConnectDiscoveryClient is used at startup or when the Runtime Settings are reloaded. OpenIDConnectClient is every time a token exchange operation is required.

Since:

11.5

Author:

Voicu Moldovan

Method Summary

Modifier and Type	Method	Description
KeysListResponse	getKeys(String jwksUri)	Requests the JSON Web Keys from the keys endpoint.
MetadataResponse	getWellKnownMetadata(String issuer)	Requests the OpenID Connect Provider Metadata from the discovery end point.

Method Details

getKeys

KeysListResponse getKeys(String jwksUri)

Requests the JSON Web Keys from the keys endpoint.

Parameters:

jwksUri - the URL of the OpenID Provider's JSON Web Key Set [JWK] document. This contains the signing key(s) the Relying Party uses to validate signatures from the OpenID Provider.

Returns:

Response object containing the map of keys

getWellKnownMetadata

MetadataResponse getWellKnownMetadata(String issuer)
                               throws OpenIdConnectException

Requests the OpenID Connect Provider Metadata from the discovery end point.

Parameters:

issuer - the OpenID Connect token issuer.

Returns:

The response object containing the OperID Connect Configuration.

Throws:

OpenIdConnectException