Package io.quarkus.oidc

Class OidcTenantConfig.TokenStateManager

java.lang.Object

io.quarkus.oidc.OidcTenantConfig.TokenStateManager

Enclosing class:

OidcTenantConfig

public static class OidcTenantConfig.TokenStateManager
extends Object

Default Authorization Code token state manager configuration

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static enum	OidcTenantConfig.TokenStateManager.Strategy

Field Summary

Fields

Modifier and Type	Field	Description
boolean	encryptionRequired	Mandates that the Default TokenStateManager encrypt the session cookie that stores the tokens.
Optional<String>	encryptionSecret	The secret used by the Default TokenStateManager to encrypt the session cookie storing the tokens when encryptionRequired property is enabled.
boolean	splitTokens	Default TokenStateManager keeps all tokens (ID, access and refresh) returned in the authorization code grant response in a single session cookie by default.
OidcTenantConfig.TokenStateManager.Strategy	strategy	Default TokenStateManager strategy.

Constructor Summary

Constructors

Constructor	Description
TokenStateManager()

Method Summary

Modifier and Type	Method	Description
Optional<String>	getEncryptionSecret()
OidcTenantConfig.TokenStateManager.Strategy	getStrategy()
boolean	isEncryptionRequired()
boolean	isSplitTokens()
void	setEncryptionRequired(boolean encryptionRequired)
void	setEncryptionSecret(String encryptionSecret)
void	setSplitTokens(boolean splitTokens)
void	setStrategy(OidcTenantConfig.TokenStateManager.Strategy strategy)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

strategy

@ConfigItem(defaultValue="keep_all_tokens")
public OidcTenantConfig.TokenStateManager.Strategy strategy

Default TokenStateManager strategy.

splitTokens

@ConfigItem(defaultValue="false")
public boolean splitTokens

Default TokenStateManager keeps all tokens (ID, access and refresh) returned in the authorization code grant response in a single session cookie by default. Enable this property to minimize a session cookie size

encryptionRequired

@ConfigItem(defaultValue="true")
public boolean encryptionRequired

Mandates that the Default TokenStateManager encrypt the session cookie that stores the tokens.

encryptionSecret

@ConfigItem
public Optional<String> encryptionSecret

The secret used by the Default TokenStateManager to encrypt the session cookie storing the tokens when encryptionRequired property is enabled.

If this secret is not set, the client secret configured with either `quarkus.oidc.credentials.secret` or `quarkus.oidc.credentials.client-secret.value` is checked. Finally, `quarkus.oidc.credentials.jwt.secret` which can be used for `client_jwt_secret` authentication is checked. The secret is auto-generated if it remains uninitialized after checking all of these properties.

The length of the secret used to encrypt the tokens should be at least 32 characters long. A warning is logged if the secret length is less than 16 characters.

Constructor Details

TokenStateManager

public TokenStateManager()

Method Details

isEncryptionRequired

public boolean isEncryptionRequired()

setEncryptionRequired

public void setEncryptionRequired(boolean encryptionRequired)

getEncryptionSecret

public Optional<String> getEncryptionSecret()

setEncryptionSecret

public void setEncryptionSecret(String encryptionSecret)

isSplitTokens

public boolean isSplitTokens()

setSplitTokens

public void setSplitTokens(boolean splitTokens)

getStrategy

public OidcTenantConfig.TokenStateManager.Strategy getStrategy()

setStrategy

public void setStrategy(OidcTenantConfig.TokenStateManager.Strategy strategy)