public class OIDCProviderMetadata extends Object
Related specifications:
Constructor and Description |
---|
OIDCProviderMetadata(Issuer issuer,
List<SubjectType> subjectTypes,
URI jwkSetURI)
Creates a new OpenID Connect provider metadata instance.
|
Modifier and Type | Method and Description |
---|---|
void |
applyDefaults()
Applies the OpenID Connect provider metadata defaults where no
values have been specified.
|
List<ACR> |
getACRs()
Gets the supported Authentication Context Class References (ACRs).
|
URI |
getAuthorizationEndpointURI()
Gets the authorisation endpoint URI.
|
URI |
getCheckSessionIframeURI()
Gets the cross-origin check session iframe URI.
|
List<String> |
getClaims()
Gets the supported claims names.
|
List<com.nimbusds.langtag.LangTag> |
getClaimsLocales()
Gets the supported claims locales.
|
List<ClaimType> |
getClaimTypes()
Gets the supported claim types.
|
List<CodeChallengeMethod> |
getCodeChallengeMethods()
Gets the supported authorisation code challenge methods for PKCE.
|
Object |
getCustomParameter(String name)
Gets the specified custom (not registered) parameter.
|
net.minidev.json.JSONObject |
getCustomParameters()
Gets the custom (not registered) parameters.
|
URI |
getCustomURIParameter(String name)
Gets the specified custom (not registered) URI parameter.
|
List<Display> |
getDisplays()
Gets the supported displays.
|
URI |
getEndSessionEndpointURI()
Gets the logout endpoint URI.
|
List<GrantType> |
getGrantTypes()
Gets the supported OAuth 2.0 grant types.
|
List<com.nimbusds.jose.JWEAlgorithm> |
getIDTokenJWEAlgs()
Gets the supported JWE algorithms for ID tokens.
|
List<com.nimbusds.jose.EncryptionMethod> |
getIDTokenJWEEncs()
Gets the supported encryption methods for ID tokens.
|
List<com.nimbusds.jose.JWSAlgorithm> |
getIDTokenJWSAlgs()
Gets the supported JWS algorithms for ID tokens.
|
URI |
getIntrospectionEndpointURI()
Gets the token introspection endpoint URI.
|
Issuer |
getIssuer()
Gets the issuer identifier.
|
URI |
getJWKSetURI()
Gets the JSON Web Key (JWK) set URI.
|
URI |
getPolicyURI()
Gets the provider's policy regarding relying party use of data.
|
static Set<String> |
getRegisteredParameterNames()
Gets the registered OpenID Connect provider metadata parameter
names.
|
URI |
getRegistrationEndpointURI()
Gets the client registration endpoint URI.
|
List<com.nimbusds.jose.JWEAlgorithm> |
getRequestObjectJWEAlgs()
Gets the supported JWE algorithms for OpenID Connect request
objects.
|
List<com.nimbusds.jose.EncryptionMethod> |
getRequestObjectJWEEncs()
Gets the supported encryption methods for OpenID Connect request
objects.
|
List<com.nimbusds.jose.JWSAlgorithm> |
getRequestObjectJWSAlgs()
Gets the supported JWS algorithms for OpenID Connect request
objects.
|
List<ResponseMode> |
getResponseModes()
Gets the supported response mode values.
|
List<ResponseType> |
getResponseTypes()
Gets the supported response type values.
|
URI |
getRevocationEndpointURI()
Gets the token revocation endpoint URI.
|
Scope |
getScopes()
Gets the supported scope values.
|
URI |
getServiceDocsURI()
Gets the service documentation URI.
|
List<SubjectType> |
getSubjectTypes()
Gets the supported subject types.
|
URI |
getTermsOfServiceURI()
Gets the provider's terms of service.
|
List<ClientAuthenticationMethod> |
getTokenEndpointAuthMethods()
Gets the supported token endpoint authentication methods.
|
List<com.nimbusds.jose.JWSAlgorithm> |
getTokenEndpointJWSAlgs()
Gets the supported JWS algorithms for the
private_key_jwt
and client_secret_jwt token endpoint authentication methods. |
URI |
getTokenEndpointURI()
Gets the token endpoint URI.
|
List<com.nimbusds.langtag.LangTag> |
getUILocales()
Gets the supported UI locales.
|
URI |
getUserInfoEndpointURI()
Gets the UserInfo endpoint URI.
|
List<com.nimbusds.jose.JWEAlgorithm> |
getUserInfoJWEAlgs()
Gets the supported JWE algorithms for UserInfo JWTs.
|
List<com.nimbusds.jose.EncryptionMethod> |
getUserInfoJWEEncs()
Gets the supported encryption methods for UserInfo JWTs.
|
List<com.nimbusds.jose.JWSAlgorithm> |
getUserInfoJWSAlgs()
Gets the supported JWS algorithms for UserInfo JWTs.
|
static OIDCProviderMetadata |
parse(net.minidev.json.JSONObject jsonObject)
Parses an OpenID Connect provider metadata from the specified JSON
object.
|
static OIDCProviderMetadata |
parse(String s)
Parses an OpenID Connect provider metadata from the specified JSON
object string.
|
boolean |
requiresRequestURIRegistration()
Gets the requirement for the
request_uri parameter
pre-registration. |
static OIDCProviderMetadata |
resolve(Issuer issuer)
Resolves OpenID Provider metadata from the specified issuer
identifier.
|
static OIDCProviderMetadata |
resolve(Issuer issuer,
int connectTimeout,
int readTimeout)
Resolves OpenID Provider metadata from the specified issuer
identifier.
|
void |
setACRs(List<ACR> acrValues)
Sets the supported Authentication Context Class References (ACRs).
|
void |
setAuthorizationEndpointURI(URI authzEndpoint)
Sets the authorisation endpoint URI.
|
void |
setCheckSessionIframeURI(URI checkSessionIframe)
Sets the cross-origin check session iframe URI.
|
void |
setClaimLocales(List<com.nimbusds.langtag.LangTag> claimsLocales)
Sets the supported claims locales.
|
void |
setClaims(List<String> claims)
Sets the supported claims names.
|
void |
setClaimTypes(List<ClaimType> claimTypes)
Sets the supported claim types.
|
void |
setCodeChallengeMethods(List<CodeChallengeMethod> codeChallengeMethods)
Gets the supported authorisation code challenge methods for PKCE.
|
void |
setCustomParameter(String name,
Object value)
Sets the specified custom (not registered) parameter.
|
void |
setDisplays(List<Display> displays)
Sets the supported displays.
|
void |
setEndSessionEndpointURI(URI endSessionEndpoint)
Sets the logout endpoint URI.
|
void |
setGrantTypes(List<GrantType> gts)
Sets the supported OAuth 2.0 grant types.
|
void |
setIDTokenJWEAlgs(List<com.nimbusds.jose.JWEAlgorithm> idTokenJWEAlgs)
Sets the supported JWE algorithms for ID tokens.
|
void |
setIDTokenJWEEncs(List<com.nimbusds.jose.EncryptionMethod> idTokenJWEEncs)
Sets the supported encryption methods for ID tokens.
|
void |
setIDTokenJWSAlgs(List<com.nimbusds.jose.JWSAlgorithm> idTokenJWSAlgs)
Sets the supported JWS algorithms for ID tokens.
|
void |
setIntrospectionEndpointURI(URI introspectionEndpoint)
Sets the token introspection endpoint URI.
|
void |
setPolicyURI(URI policyURI)
Sets the provider's policy regarding relying party use of data.
|
void |
setRegistrationEndpointURI(URI regEndpoint)
Sets the client registration endpoint URI.
|
void |
setRequestObjectJWEAlgs(List<com.nimbusds.jose.JWEAlgorithm> requestObjectJWEAlgs)
Sets the supported JWE algorithms for OpenID Connect request
objects.
|
void |
setRequestObjectJWEEncs(List<com.nimbusds.jose.EncryptionMethod> requestObjectJWEEncs)
Sets the supported encryption methods for OpenID Connect request
objects.
|
void |
setRequestObjectJWSAlgs(List<com.nimbusds.jose.JWSAlgorithm> requestObjectJWSAlgs)
Sets the supported JWS algorithms for OpenID Connect request
objects.
|
void |
setRequiresRequestURIRegistration(boolean requireRequestURIReg)
Sets the requirement for the
request_uri parameter
pre-registration. |
void |
setResponseModes(List<ResponseMode> rms)
Sets the supported response mode values.
|
void |
setResponseTypes(List<ResponseType> rts)
Sets the supported response type values.
|
void |
setRevocationEndpointURI(URI revocationEndpoint)
Sets the token revocation endpoint URI.
|
void |
setScopes(Scope scope)
Sets the supported scope values.
|
void |
setServiceDocsURI(URI serviceDocsURI)
Sets the service documentation URI.
|
void |
setSupportsBackChannelLogout(boolean backChannelLogoutSupported)
Sets the support for back-channel logout.
|
void |
setSupportsBackChannelLogoutSession(boolean backChannelLogoutSessionSupported)
Sets the support for back-channel logout with a session ID.
|
void |
setSupportsClaimsParams(boolean claimsParamSupported)
Sets the support for the
claims authorisation request
parameter. |
void |
setSupportsFrontChannelLogout(boolean frontChannelLogoutSupported)
Sets the support for front-channel logout.
|
void |
setSupportsFrontChannelLogoutSession(boolean frontChannelLogoutSessionSupported)
Sets the support for front-channel logout with a session ID.
|
void |
setSupportsMutualTLSSenderConstrainedAccessTokens(boolean mutualTLSSenderConstrainedAccessTokens)
Sets the support for mutual TLS sender constrained access tokens.
|
void |
setSupportsRequestParam(boolean requestParamSupported)
Sets the support for the
request authorisation request
parameter. |
void |
setSupportsRequestURIParam(boolean requestURIParamSupported)
Sets the support for the
request_uri authorisation request
parameter. |
void |
setTermsOfServiceURI(URI tosURI)
Sets the provider's terms of service.
|
void |
setTokenEndpointAuthMethods(List<ClientAuthenticationMethod> tokenEndpointAuthMethods)
Sets the supported token endpoint authentication methods.
|
void |
setTokenEndpointJWSAlgs(List<com.nimbusds.jose.JWSAlgorithm> tokenEndpointJWSAlgs)
Sets the supported JWS algorithms for the
private_key_jwt
and client_secret_jwt token endpoint authentication methods. |
void |
setTokenEndpointURI(URI tokenEndpoint)
Sts the token endpoint URI.
|
void |
setUILocales(List<com.nimbusds.langtag.LangTag> uiLocales)
Sets the supported UI locales.
|
void |
setUserInfoEndpointURI(URI userInfoEndpoint)
Sets the UserInfo endpoint URI.
|
void |
setUserInfoJWEAlgs(List<com.nimbusds.jose.JWEAlgorithm> userInfoJWEAlgs)
Sets the supported JWE algorithms for UserInfo JWTs.
|
void |
setUserInfoJWEEncs(List<com.nimbusds.jose.EncryptionMethod> userInfoJWEEncs)
Sets the supported encryption methods for UserInfo JWTs.
|
void |
setUserInfoJWSAlgs(List<com.nimbusds.jose.JWSAlgorithm> userInfoJWSAlgs)
Sets the supported JWS algorithms for UserInfo JWTs.
|
boolean |
supportsBackChannelLogout()
Gets the support for back-channel logout.
|
boolean |
supportsBackChannelLogoutSession()
Gets the support for back-channel logout with a session ID.
|
boolean |
supportsClaimsParam()
Gets the support for the
claims authorisation request
parameter. |
boolean |
supportsFrontChannelLogout()
Gets the support for front-channel logout.
|
boolean |
supportsFrontChannelLogoutSession()
Gets the support for front-channel logout with a session ID.
|
boolean |
supportsMutualTLSSenderConstrainedAccessTokens()
Gets the support for mutual TLS sender constrained access tokens.
|
boolean |
supportsRequestParam()
Gets the support for the
request authorisation request
parameter. |
boolean |
supportsRequestURIParam()
Gets the support for the
request_uri authorisation request
parameter. |
net.minidev.json.JSONObject |
toJSONObject()
Returns the JSON object representation of this OpenID Connect
provider metadata.
|
public OIDCProviderMetadata(Issuer issuer, List<SubjectType> subjectTypes, URI jwkSetURI)
issuer
- The issuer identifier. Must be an URI using the
https scheme with no query or fragment
component. Must not be null
.subjectTypes
- The supported subject types. At least one must
be specified. Must not be null
.public static Set<String> getRegisteredParameterNames()
public Issuer getIssuer()
issuer
metadata field.public URI getAuthorizationEndpointURI()
authorization_endpoint
metadata field.null
if not
specified.public void setAuthorizationEndpointURI(URI authzEndpoint)
authorization_endpoint
metadata field.authzEndpoint
- The authorisation endpoint URI, null
if
not specified.public URI getTokenEndpointURI()
token_endpoint
metadata field.null
if not specified.public void setTokenEndpointURI(URI tokenEndpoint)
token_endpoint
metadata field.tokenEndpoint
- The token endpoint URI, null
if not
specified.public URI getUserInfoEndpointURI()
userinfo_endpoint
metadata field.null
if not specified.public void setUserInfoEndpointURI(URI userInfoEndpoint)
userinfo_endpoint
metadata field.userInfoEndpoint
- The UserInfo endpoint URI, null
if
not specified.public URI getRegistrationEndpointURI()
registration_endpoint
metadata field.null
if not
specified.public void setRegistrationEndpointURI(URI regEndpoint)
registration_endpoint
metadata field.regEndpoint
- The client registration endpoint URI,
null
if not specified.public URI getIntrospectionEndpointURI()
introspection_endpoint
metadata field.null
if not
specified.public void setIntrospectionEndpointURI(URI introspectionEndpoint)
introspection_endpoint
metadata field.introspectionEndpoint
- The token introspection endpoint URI,
null
if not specified.public URI getRevocationEndpointURI()
revocation_endpoint
metadata field.null
if not
specified.public void setRevocationEndpointURI(URI revocationEndpoint)
revocation_endpoint
metadata field.revocationEndpoint
- The token revocation endpoint URI,
null
if not specified.public URI getCheckSessionIframeURI()
check_session_iframe
metadata field.null
if not specified.public void setCheckSessionIframeURI(URI checkSessionIframe)
check_session_iframe
metadata field.checkSessionIframe
- The check session iframe URI, null
if not specified.public URI getEndSessionEndpointURI()
end_session_endpoint
metadata field.null
if not specified.public void setEndSessionEndpointURI(URI endSessionEndpoint)
end_session_endpoint
metadata field.endSessionEndpoint
- The logoout endpoint URI, null
if
not specified.public URI getJWKSetURI()
jwks_uri
metadata field.public Scope getScopes()
scopes_supported
metadata field.null
if not specified.public void setScopes(Scope scope)
scopes_supported
metadata field.scope
- The supported scope values, null
if not
specified.public List<ResponseType> getResponseTypes()
response_types_supported
metadata field.null
if not
specified.public void setResponseTypes(List<ResponseType> rts)
response_types_supported
metadata field.rts
- The supported response type values, null
if not
specified.public List<ResponseMode> getResponseModes()
response_modes_supported
.null
if not
specified.public void setResponseModes(List<ResponseMode> rms)
response_modes_supported
.rms
- The supported response mode values, null
if not
specified.public List<GrantType> getGrantTypes()
grant_types_supported
metadata field.null
if not specified.public void setGrantTypes(List<GrantType> gts)
grant_types_supported
metadata field.gts
- The supported grant types, null
if not specified.public List<CodeChallengeMethod> getCodeChallengeMethods()
code_challenge_methods_supported
metadata
field.null
if not
specified.public void setCodeChallengeMethods(List<CodeChallengeMethod> codeChallengeMethods)
code_challenge_methods_supported
metadata
field.codeChallengeMethods
- The supported code challenge methods,
null
if not specified.public List<ACR> getACRs()
acr_values_supported
metadata field.null
if not specified.public void setACRs(List<ACR> acrValues)
acr_values_supported
metadata field.acrValues
- The supported ACRs, null
if not specified.public List<SubjectType> getSubjectTypes()
subject_types_supported
metadata field.public List<ClientAuthenticationMethod> getTokenEndpointAuthMethods()
token_endpoint_auth_methods_supported
metadata field.null
if not specified.public void setTokenEndpointAuthMethods(List<ClientAuthenticationMethod> tokenEndpointAuthMethods)
token_endpoint_auth_methods_supported
metadata field.tokenEndpointAuthMethods
- The supported token endpoint
authentication methods, null
if not specified.public List<com.nimbusds.jose.JWSAlgorithm> getTokenEndpointJWSAlgs()
private_key_jwt
and client_secret_jwt
token endpoint authentication methods.
Corresponds to the
token_endpoint_auth_signing_alg_values_supported
metadata
field.null
if not specified.public void setTokenEndpointJWSAlgs(List<com.nimbusds.jose.JWSAlgorithm> tokenEndpointJWSAlgs)
private_key_jwt
and client_secret_jwt
token endpoint authentication methods.
Corresponds to the
token_endpoint_auth_signing_alg_values_supported
metadata
field.tokenEndpointJWSAlgs
- The supported JWS algorithms,
null
if not specified. Must not
contain the none
algorithm.public List<com.nimbusds.jose.JWSAlgorithm> getRequestObjectJWSAlgs()
request_object_signing_alg_values_supported
metadata field.null
if not specified.public void setRequestObjectJWSAlgs(List<com.nimbusds.jose.JWSAlgorithm> requestObjectJWSAlgs)
request_object_signing_alg_values_supported
metadata field.requestObjectJWSAlgs
- The supported JWS algorithms,
null
if not specified.public List<com.nimbusds.jose.JWEAlgorithm> getRequestObjectJWEAlgs()
request_object_encryption_alg_values_supported
metadata
field.null
if not specified.public void setRequestObjectJWEAlgs(List<com.nimbusds.jose.JWEAlgorithm> requestObjectJWEAlgs)
request_object_encryption_alg_values_supported
metadata
field.requestObjectJWEAlgs
- The supported JWE algorithms,
null
if not specified.public List<com.nimbusds.jose.EncryptionMethod> getRequestObjectJWEEncs()
request_object_encryption_enc_values_supported
metadata
field.null
if not
specified.public void setRequestObjectJWEEncs(List<com.nimbusds.jose.EncryptionMethod> requestObjectJWEEncs)
request_object_encryption_enc_values_supported
metadata
field.requestObjectJWEEncs
- The supported encryption methods,
null
if not specified.public List<com.nimbusds.jose.JWSAlgorithm> getIDTokenJWSAlgs()
id_token_signing_alg_values_supported
metadata field.null
if not specified.public void setIDTokenJWSAlgs(List<com.nimbusds.jose.JWSAlgorithm> idTokenJWSAlgs)
id_token_signing_alg_values_supported
metadata field.idTokenJWSAlgs
- The supported JWS algorithms, null
if
not specified.public List<com.nimbusds.jose.JWEAlgorithm> getIDTokenJWEAlgs()
id_token_encryption_alg_values_supported
metadata field.null
if not specified.public void setIDTokenJWEAlgs(List<com.nimbusds.jose.JWEAlgorithm> idTokenJWEAlgs)
id_token_encryption_alg_values_supported
metadata field.idTokenJWEAlgs
- The supported JWE algorithms, null
if
not specified.public List<com.nimbusds.jose.EncryptionMethod> getIDTokenJWEEncs()
id_token_encryption_enc_values_supported
metadata field.null
if not
specified.public void setIDTokenJWEEncs(List<com.nimbusds.jose.EncryptionMethod> idTokenJWEEncs)
id_token_encryption_enc_values_supported
metadata field.idTokenJWEEncs
- The supported encryption methods, null
if not specified.public List<com.nimbusds.jose.JWSAlgorithm> getUserInfoJWSAlgs()
userinfo_signing_alg_values_supported
metadata field.null
if not specified.public void setUserInfoJWSAlgs(List<com.nimbusds.jose.JWSAlgorithm> userInfoJWSAlgs)
userinfo_signing_alg_values_supported
metadata field.userInfoJWSAlgs
- The supported JWS algorithms, null
if
not specified.public List<com.nimbusds.jose.JWEAlgorithm> getUserInfoJWEAlgs()
userinfo_encryption_alg_values_supported
metadata field.null
if not specified.public void setUserInfoJWEAlgs(List<com.nimbusds.jose.JWEAlgorithm> userInfoJWEAlgs)
userinfo_encryption_alg_values_supported
metadata field.userInfoJWEAlgs
- The supported JWE algorithms, null
if
not specified.public List<com.nimbusds.jose.EncryptionMethod> getUserInfoJWEEncs()
userinfo_encryption_enc_values_supported
metadata
field.null
if not
specified.public void setUserInfoJWEEncs(List<com.nimbusds.jose.EncryptionMethod> userInfoJWEEncs)
userinfo_encryption_enc_values_supported
metadata
field.userInfoJWEEncs
- The supported encryption methods,
null
if not specified.public List<Display> getDisplays()
display_values_supported
metadata field.null
if not specified.public void setDisplays(List<Display> displays)
display_values_supported
metadata field.displays
- The supported displays, null
if not
specified.public List<ClaimType> getClaimTypes()
claim_types_supported
metadata field.null
if not specified.public void setClaimTypes(List<ClaimType> claimTypes)
claim_types_supported
metadata field.claimTypes
- The supported claim types, null
if not
specified.public List<String> getClaims()
claims_supported
metadata field.null
if not specified.public void setClaims(List<String> claims)
claims_supported
metadata field.claims
- The supported claims names, null
if not
specified.public List<com.nimbusds.langtag.LangTag> getClaimsLocales()
claims_locales_supported
metadata field.null
if not specified.public void setClaimLocales(List<com.nimbusds.langtag.LangTag> claimsLocales)
claims_locales_supported
metadata field.claimsLocales
- The supported claims locales, null
if
not specified.public List<com.nimbusds.langtag.LangTag> getUILocales()
ui_locales_supported
metadata field.null
if not specified.public void setUILocales(List<com.nimbusds.langtag.LangTag> uiLocales)
ui_locales_supported
metadata field.uiLocales
- The supported UI locales, null
if not
specified.public URI getServiceDocsURI()
service_documentation
metadata field.null
if not
specified.public void setServiceDocsURI(URI serviceDocsURI)
service_documentation
metadata field.serviceDocsURI
- The service documentation URI, null
if
not specified.public URI getPolicyURI()
op_policy_uri
metadata field.null
if not specified.public void setPolicyURI(URI policyURI)
op_policy_uri
metadata field.policyURI
- The policy URI, null
if not specified.public URI getTermsOfServiceURI()
op_tos_uri
metadata field.null
if not specified.public void setTermsOfServiceURI(URI tosURI)
op_tos_uri
metadata field.tosURI
- The terms of service URI, null
if not
specified.public boolean supportsClaimsParam()
claims
authorisation request
parameter. Corresponds to the claims_parameter_supported
metadata field.true
if the claim
parameter is supported,
else false
.public void setSupportsClaimsParams(boolean claimsParamSupported)
claims
authorisation request
parameter. Corresponds to the claims_parameter_supported
metadata field.claimsParamSupported
- true
if the claim
parameter is supported, else
false
.public boolean supportsRequestParam()
request
authorisation request
parameter. Corresponds to the request_parameter_supported
metadata field.true
if the reqeust
parameter is supported,
else false
.public void setSupportsRequestParam(boolean requestParamSupported)
request
authorisation request
parameter. Corresponds to the request_parameter_supported
metadata field.requestParamSupported
- true
if the reqeust
parameter is supported, else
false
.public boolean supportsRequestURIParam()
request_uri
authorisation request
parameter. Corresponds the request_uri_parameter_supported
metadata field.true
if the request_uri
parameter is
supported, else false
.public void setSupportsRequestURIParam(boolean requestURIParamSupported)
request_uri
authorisation request
parameter. Corresponds the request_uri_parameter_supported
metadata field.requestURIParamSupported
- true
if the
request_uri
parameter is
supported, else false
.public boolean requiresRequestURIRegistration()
request_uri
parameter
pre-registration. Corresponds to the
require_request_uri_registration
metadata field.true
if the request_uri
parameter values
must be pre-registered, else false
.public void setRequiresRequestURIRegistration(boolean requireRequestURIReg)
request_uri
parameter
pre-registration. Corresponds to the
require_request_uri_registration
metadata field.requireRequestURIReg
- true
if the request_uri
parameter values must be pre-registered,
else false
.public boolean supportsFrontChannelLogout()
frontchannel_logout_supported
metadata field.true
if front-channel logout is supported, else
false
.public void setSupportsFrontChannelLogout(boolean frontChannelLogoutSupported)
frontchannel_logout_supported
metadata field.frontChannelLogoutSupported
- true
if front-channel
logout is supported, else
false
.public boolean supportsFrontChannelLogoutSession()
frontchannel_logout_session_supported
metadata field.true
if front-channel logout with a session ID is
supported, else false
.public void setSupportsFrontChannelLogoutSession(boolean frontChannelLogoutSessionSupported)
frontchannel_logout_session_supported
metadata field.frontChannelLogoutSessionSupported
- true
if
front-channel logout with
a session ID is supported,
else false
.public boolean supportsBackChannelLogout()
backchannel_logout_supported
metadata field.true
if back-channel logout is supported, else
false
.public void setSupportsBackChannelLogout(boolean backChannelLogoutSupported)
backchannel_logout_supported
metadata field.backChannelLogoutSupported
- true
if back-channel
logout is supported, else
false
.public boolean supportsBackChannelLogoutSession()
backchannel_logout_session_supported
metadata field.true
if back-channel logout with a session ID is
supported, else false
.public void setSupportsBackChannelLogoutSession(boolean backChannelLogoutSessionSupported)
backchannel_logout_session_supported
metadata field.backChannelLogoutSessionSupported
- true
if
back-channel logout with a
session ID is supported,
else false
.public boolean supportsMutualTLSSenderConstrainedAccessTokens()
mutual_tls_sender_constrained_access_tokens
metadata field.true
if mutual TLS sender constrained access tokens
are supported, else false
.public void setSupportsMutualTLSSenderConstrainedAccessTokens(boolean mutualTLSSenderConstrainedAccessTokens)
mutual_tls_sender_constrained_access_tokens
metadata field.mutualTLSSenderConstrainedAccessTokens
- true
if mutual
TLS sender constrained
access tokens are
supported, else
false
.public Object getCustomParameter(String name)
name
- The parameter name. Must not be null
.null
if not specified.public URI getCustomURIParameter(String name)
name
- The parameter name. Must not be null
.null
if not specified.public void setCustomParameter(String name, Object value)
name
- The parameter name. Must not be null
.value
- The parameter value, null
if not specified.public net.minidev.json.JSONObject getCustomParameters()
public void applyDefaults()
["query", "fragment"]
.
["authorization_code",
"implicit"]
.
["client_secret_basic"]
.
["normal]
.
public net.minidev.json.JSONObject toJSONObject()
public static OIDCProviderMetadata parse(net.minidev.json.JSONObject jsonObject) throws ParseException
jsonObject
- The JSON object to parse. Must not be
null
.ParseException
- If the JSON object couldn't be parsed to an
OpenID Connect provider metadata.public static OIDCProviderMetadata parse(String s) throws ParseException
s
- The JSON object sting to parse. Must not be null
.ParseException
- If the JSON object string couldn't be parsed
to an OpenID Connect provider metadata.public static OIDCProviderMetadata resolve(Issuer issuer) throws GeneralException, IOException
[issuer-url]/.well-known/openid-configuration
.issuer
- The OpenID Provider issuer identifier. Must represent
a valid HTTPS or HTTP URL. Must not be null
.GeneralException
- If the issuer identifier or the downloaded
metadata are invalid.IOException
- On a HTTP exception.public static OIDCProviderMetadata resolve(Issuer issuer, int connectTimeout, int readTimeout) throws GeneralException, IOException
[issuer-url]/.well-known/openid-configuration
, using the
specified HTTP timeouts.issuer
- The OpenID Provider issuer identifier. Must
represent a valid HTTPS or HTTP URL. Must not
be null
.connectTimeout
- The HTTP connect timeout, in milliseconds.
Zero implies no timeout. Must not be negative.readTimeout
- The HTTP response read timeout, in
milliseconds. Zero implies no timeout. Must
not be negative.GeneralException
- If the issuer identifier or the downloaded
metadata are invalid.IOException
- On a HTTP exception.Copyright © 2017 Connect2id Ltd.. All rights reserved.