Package io.micronaut.security.oauth2.client

Class DefaultOpenIdProviderMetadata

java.lang.Object

io.micronaut.security.oauth2.client.DefaultOpenIdProviderMetadata

All Implemented Interfaces:

OpenIdProviderMetadata

public class DefaultOpenIdProviderMetadata
extends Object
implements OpenIdProviderMetadata

Since:

1.2.0

Author:

Sergio del Amo

See Also:

• OpenID connect Discovery Spec

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	DefaultOpenIdProviderMetadata.Builder	Builder.

Constructor Summary

Constructors

Constructor

Description

DefaultOpenIdProviderMetadata(String authorizationEndpoint, List<String> idTokenSigningAlgValuesSupported, String issuer, String jwksUri, List<String> acrValuesSupported, List<String> responseTypesSupported, List<String> responseModesSupported, List<String> scopesSupported, List<String> grantTypesSupported, List<String> subjectTypesSupported, String tokenEndpoint, List<String> tokenEndpointAuthMethodsSupported, String userinfoEndpoint, String registrationEndpoint, List<String> claimsSupported, List<String> codeChallengeMethodsSupported, String introspectionEndpoint, List<String> introspectionEndpointAuthMethodsSupported, String revocationEndpoint, List<String> revocationEndpointAuthMethodsSupported, String endSessionEndpoint, Boolean requestParameterSupported, Boolean requestUriParameterSupported, Boolean requireRequestUriRegistration, List<String> requestObjectSigningAlgValuesSupported, String serviceDocumentation, List<String> idTokenEncryptionEncValuesSupported, List<String> displayValuesSupported, List<String> claimTypesSupported, Boolean claimsParameterSupported, String opTosUri, String opPolicyUri, List<String> uriLocalesSupported, List<String> claimsLocalesSupported, List<String> userinfoEncryptionAlgValuesSupported, List<String> userinfoEncryptionEncValuesSupported, List<String> tokenEndpointAuthSigningAlgValuesSupported, List<String> requestObjectEncryptionAlgValuesSupported, List<String> requestObjectEncryptionEncValuesSupported, String checkSessionIframe)

Method Summary

Modifier and Type	Method	Description
static DefaultOpenIdProviderMetadata.Builder	builder()
List<String>	getAcrValuesSupported()	acr_values_supported.
String	getAuthorizationEndpoint()	authorization_endpoint.
String	getCheckSessionIframe()	check_session_iframe.
List<String>	getClaimsLocalesSupported()	claims_locales_supported OPTIONAL.
Boolean	getClaimsParameterSupported()	claims_parameter_supported OPTIONAL.
List<String>	getClaimsSupported()	claims_supported RECOMMENDED.
List<String>	getClaimTypesSupported()	claim_types_supported OPTIONAL.
List<String>	getCodeChallengeMethodsSupported()	code_challenge_methods_supported.
List<String>	getDefaultGrantTypesSupported()	As specified in Open ID Discovery Spec, if omitted, the default value is ["authorization_code", "implicit"].
Boolean	getDefaultRequestParameterSupported()
Boolean	getDefaultRequestUriParameterSupported()
Boolean	getDefaultRequireRequestUriRegistration()
List<String>	getDefaultResponseTypesSupported()
List<String>	getDisplayValuesSupported()	display_values_supported OPTIONAL.
String	getEndSessionEndpoint()	end_session_endpoint.
List<String>	getGrantTypesSupported()	grant_types_supported.
List<String>	getIdTokenEncryptionEncValuesSupported()	id_token_encryption_enc_values_supported OPTIONAL.
List<String>	getIdTokenSigningAlgValuesSupported()	id_token_signing_alg_values_supported REQUIRED.
String	getIntrospectionEndpoint()
List<String>	getIntrospectionEndpointAuthMethodsSupported()
String	getIssuer()	issuer.
String	getJwksUri()	jwks_uri.
String	getOpPolicyUri()	op_policy_uri OPTIONAL.
String	getOpTosUri()	op_tos_uri.
String	getRegistrationEndpoint()	registration_endpoint.
List<String>	getRequestObjectEncryptionAlgValuesSupported()	request_object_encryption_alg_values_supported OPTIONAL.
List<String>	getRequestObjectEncryptionEncValuesSupported()	request_object_encryption_enc_values_supported OPTIONAL.
List<String>	getRequestObjectSigningAlgValuesSupported()	request_object_signing_alg_values_supported.
Boolean	getRequestParameterSupported()	request_parameter_supported OPTIONAL.
Boolean	getRequestUriParameterSupported()	request_uri_parameter_supported OPTIONAL.
Boolean	getRequireRequestUriRegistration()	require_request_uri_registration OPTIONAL.
List<String>	getResponseModesSupported()	response_modes_supported.
List<String>	getResponseTypesSupported()	As specified in Open ID Discovery Spec, if omitted, the default for Dynamic OpenID Providers is ["query", "fragment"].
String	getRevocationEndpoint()
List<String>	getRevocationEndpointAuthMethodsSupported()
List<String>	getScopesSupported()	scopes_supported.
String	getServiceDocumentation()	service_documentation OPTIONAL.
List<String>	getSubjectTypesSupported()	subject_types_supported.
String	getTokenEndpoint()	token_endpoint.
List<String>	getTokenEndpointAuthMethodsSupported()	token_endpoint_auth_methods_supported OPTIONAL.
List<String>	getTokenEndpointAuthSigningAlgValuesSupported()	token_endpoint_auth_signing_alg_values_supported OPTIONAL.
List<String>	getUriLocalesSupported()	ui_locales_supported OPTIONAL.
List<String>	getUserInfoEncryptionAlgValuesSupported()	userinfo_encryption_alg_values_supported.
List<String>	getUserinfoEncryptionEncValuesSupported()	userinfo_encryption_enc_values_supported OPTIONAL.
String	getUserinfoEndpoint()	userinfo_endpoint.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface io.micronaut.security.oauth2.client.OpenIdProviderMetadata

getTokenEndpointAuthMethods

Constructor Details

DefaultOpenIdProviderMetadata

public DefaultOpenIdProviderMetadata(@Nullable
 String authorizationEndpoint,
 @NonNull
 List<String> idTokenSigningAlgValuesSupported,
 @NonNull
 String issuer,
 @NonNull
 String jwksUri,
 @Nullable
 List<String> acrValuesSupported,
 @Nullable
 List<String> responseTypesSupported,
 @Nullable
 List<String> responseModesSupported,
 @Nullable
 List<String> scopesSupported,
 @Nullable
 List<String> grantTypesSupported,
 @NonNull
 List<String> subjectTypesSupported,
 @NonNull
 String tokenEndpoint,
 @Nullable
 List<String> tokenEndpointAuthMethodsSupported,
 @Nullable
 String userinfoEndpoint,
 @Nullable
 String registrationEndpoint,
 @Nullable
 List<String> claimsSupported,
 @Nullable
 List<String> codeChallengeMethodsSupported,
 @Nullable
 String introspectionEndpoint,
 @Nullable
 List<String> introspectionEndpointAuthMethodsSupported,
 @Nullable
 String revocationEndpoint,
 @Nullable
 List<String> revocationEndpointAuthMethodsSupported,
 @Nullable
 String endSessionEndpoint,
 @Nullable
 Boolean requestParameterSupported,
 @Nullable
 Boolean requestUriParameterSupported,
 @Nullable
 Boolean requireRequestUriRegistration,
 @Nullable
 List<String> requestObjectSigningAlgValuesSupported,
 @Nullable
 String serviceDocumentation,
 @Nullable
 List<String> idTokenEncryptionEncValuesSupported,
 @Nullable
 List<String> displayValuesSupported,
 @Nullable
 List<String> claimTypesSupported,
 @Nullable
 Boolean claimsParameterSupported,
 @Nullable
 String opTosUri,
 @Nullable
 String opPolicyUri,
 @Nullable
 List<String> uriLocalesSupported,
 @Nullable
 List<String> claimsLocalesSupported,
 @Nullable
 List<String> userinfoEncryptionAlgValuesSupported,
 @Nullable
 List<String> userinfoEncryptionEncValuesSupported,
 @Nullable
 List<String> tokenEndpointAuthSigningAlgValuesSupported,
 @Nullable
 List<String> requestObjectEncryptionAlgValuesSupported,
 @Nullable
 List<String> requestObjectEncryptionEncValuesSupported,
 @Nullable
 String checkSessionIframe)

Method Details

getRequireRequestUriRegistration

@Nullable
public Boolean getRequireRequestUriRegistration()

Description copied from interface: OpenIdProviderMetadata

require_request_uri_registration OPTIONAL.

Specified by:

getRequireRequestUriRegistration in interface OpenIdProviderMetadata

Returns:

Boolean value specifying whether the OP requires any request_uri values used to be pre-registered using the request_uris registration parameter.

getDefaultRequireRequestUriRegistration

@Nullable
public Boolean getDefaultRequireRequestUriRegistration()

Returns:

If require_request_uri_registration omitted, the default value is false.

getAuthorizationEndpoint

@Nullable
public String getAuthorizationEndpoint()

Description copied from interface: OpenIdProviderMetadata

authorization_endpoint. REQUIRED.

Specified by:

getAuthorizationEndpoint in interface OpenIdProviderMetadata

Returns:

URL of the Open ID Provider's OAuth 2.0 Authorization Endpoint

getIdTokenSigningAlgValuesSupported

@NonNull
public List<String> getIdTokenSigningAlgValuesSupported()

Description copied from interface: OpenIdProviderMetadata

id_token_signing_alg_values_supported REQUIRED.

Specified by:

getIdTokenSigningAlgValuesSupported in interface OpenIdProviderMetadata

Returns:

List of the JWS signing algorithms (alg values) supported by the OP for the ID Token to encode the Claims in a JWT [JWT].

getIdTokenEncryptionEncValuesSupported

@Nullable
public List<String> getIdTokenEncryptionEncValuesSupported()

Description copied from interface: OpenIdProviderMetadata

id_token_encryption_enc_values_supported OPTIONAL.

Specified by:

getIdTokenEncryptionEncValuesSupported in interface OpenIdProviderMetadata

Returns:

List of the JWE encryption algorithms (enc values) supported by the OP for the ID Token to encode the Claims in a JWT [JWT].

getUserInfoEncryptionAlgValuesSupported

@Nullable
public List<String> getUserInfoEncryptionAlgValuesSupported()

Description copied from interface: OpenIdProviderMetadata

userinfo_encryption_alg_values_supported. OPTIONAL.

Specified by:

getUserInfoEncryptionAlgValuesSupported in interface OpenIdProviderMetadata

Returns:

List of the JWE [JWE] encryption algorithms (alg values) [JWA] supported by the UserInfo Endpoint to encode the Claims in a JWT [JWT].

getUserinfoEncryptionEncValuesSupported

@Nullable
public List<String> getUserinfoEncryptionEncValuesSupported()

Description copied from interface: OpenIdProviderMetadata

userinfo_encryption_enc_values_supported OPTIONAL.

Specified by:

getUserinfoEncryptionEncValuesSupported in interface OpenIdProviderMetadata

Returns:

List of the JWE encryption algorithms (enc values) [JWA] supported by the UserInfo Endpoint to encode the Claims in a JWT [JWT].

getIssuer

@NonNull
public String getIssuer()

Description copied from interface: OpenIdProviderMetadata

issuer. REQUIRED.

Specified by:

getIssuer in interface OpenIdProviderMetadata

Returns:

URL using the https scheme with no query or fragment component that the Open ID Provider asserts as its Issuer Identifier.

getJwksUri

@NonNull
public String getJwksUri()

Description copied from interface: OpenIdProviderMetadata

jwks_uri. REQUIRED

Specified by:

getJwksUri in interface OpenIdProviderMetadata

Returns:

URL of the Open ID Provider's JSON Web Key Set

getResponseTypesSupported

@Nullable
public List<String> getResponseTypesSupported()

As specified in Open ID Discovery Spec, if omitted, the default for Dynamic OpenID Providers is ["query", "fragment"].

Specified by:

getResponseTypesSupported in interface OpenIdProviderMetadata

Returns:

Supported response types.

getDefaultResponseTypesSupported

@NonNull
public List<String> getDefaultResponseTypesSupported()

Returns:

if Response Types Supported is ommited, default for Dynamic OpenID Providers is ["query", "fragment"].

getScopesSupported

@Nullable
public List<String> getScopesSupported()

Description copied from interface: OpenIdProviderMetadata

scopes_supported. RECOMMENDED.

Specified by:

getScopesSupported in interface OpenIdProviderMetadata

Returns:

List of the OAuth 2.0 [RFC6749] scope values that this server supports.

getSubjectTypesSupported

@NonNull
public List<String> getSubjectTypesSupported()

Description copied from interface: OpenIdProviderMetadata

subject_types_supported. REQUIRED

Specified by:

getSubjectTypesSupported in interface OpenIdProviderMetadata

Returns:

List of the Subject Identifier types that this OP supports.

getTokenEndpoint

@NonNull
public String getTokenEndpoint()

Description copied from interface: OpenIdProviderMetadata

token_endpoint. This is REQUIRED unless only the Implicit Flow is used.

Specified by:

getTokenEndpoint in interface OpenIdProviderMetadata

Returns:

URL of the Open ID Provider's OAuth 2.0 Token Endpoint

getTokenEndpointAuthMethodsSupported

@Nullable
public List<String> getTokenEndpointAuthMethodsSupported()

Description copied from interface: OpenIdProviderMetadata

token_endpoint_auth_methods_supported OPTIONAL.

Specified by:

getTokenEndpointAuthMethodsSupported in interface OpenIdProviderMetadata

Returns:

List of Client Authentication methods supported by this Token Endpoint.

getTokenEndpointAuthSigningAlgValuesSupported

@Nullable
public List<String> getTokenEndpointAuthSigningAlgValuesSupported()

Description copied from interface: OpenIdProviderMetadata

token_endpoint_auth_signing_alg_values_supported OPTIONAL.

Specified by:

getTokenEndpointAuthSigningAlgValuesSupported in interface OpenIdProviderMetadata

Returns:

List of the JWS signing algorithms (alg values) supported by the Token Endpoint.

getDisplayValuesSupported

@Nullable
public List<String> getDisplayValuesSupported()

Description copied from interface: OpenIdProviderMetadata

display_values_supported OPTIONAL.

Specified by:

getDisplayValuesSupported in interface OpenIdProviderMetadata

Returns:

List of the display parameter values that the OpenID Provider supports.

getClaimTypesSupported

@Nullable
public List<String> getClaimTypesSupported()

Description copied from interface: OpenIdProviderMetadata

claim_types_supported OPTIONAL.

Specified by:

getClaimTypesSupported in interface OpenIdProviderMetadata

Returns:

List of the Claim Types that the OpenID Provider supports.

getUserinfoEndpoint

@Nullable
public String getUserinfoEndpoint()

Description copied from interface: OpenIdProviderMetadata

userinfo_endpoint. RECOMMENDED. This URL MUST use the https scheme and MAY contain port, path, and query parameter components.

Specified by:

getUserinfoEndpoint in interface OpenIdProviderMetadata

Returns:

URL of the Open ID Provider's UserInfo Endpoint

getResponseModesSupported

@Nullable
public List<String> getResponseModesSupported()

Description copied from interface: OpenIdProviderMetadata

response_modes_supported. OPTIONAL

Specified by:

getResponseModesSupported in interface OpenIdProviderMetadata

Returns:

List of the OAuth 2.0 response_mode values that this Open ID Provider supports.

getGrantTypesSupported

@Nullable
public List<String> getGrantTypesSupported()

Description copied from interface: OpenIdProviderMetadata

grant_types_supported. OPTIONAL

Specified by:

getGrantTypesSupported in interface OpenIdProviderMetadata

Returns:

List of the OAuth 2.0 Grant Type values that this Open ID Provider supports.

getDefaultGrantTypesSupported

@NonNull
public List<String> getDefaultGrantTypesSupported()

As specified in Open ID Discovery Spec, if omitted, the default value is ["authorization_code", "implicit"].

Returns:

Default Grant Types if grantTypesSupported is ommited.

getAcrValuesSupported

@Nullable
public List<String> getAcrValuesSupported()

Description copied from interface: OpenIdProviderMetadata

acr_values_supported. OPTIONAL.

Specified by:

getAcrValuesSupported in interface OpenIdProviderMetadata

Returns:

List of the Authentication Context Class References that this OP supports.

getRegistrationEndpoint

@Nullable
public String getRegistrationEndpoint()

Description copied from interface: OpenIdProviderMetadata

registration_endpoint. RECOMMENDED

Specified by:

getRegistrationEndpoint in interface OpenIdProviderMetadata

Returns:

URL of the Open ID Provider's Dynamic Client Registration Endpoint

getClaimsSupported

@Nullable
public List<String> getClaimsSupported()

Description copied from interface: OpenIdProviderMetadata

claims_supported RECOMMENDED.

Specified by:

getClaimsSupported in interface OpenIdProviderMetadata

Returns:

List of the Claim Names of the Claims that the OpenID Provider MAY be able to supply values for.

getServiceDocumentation

@Nullable
public String getServiceDocumentation()

Description copied from interface: OpenIdProviderMetadata

service_documentation OPTIONAL.

Specified by:

getServiceDocumentation in interface OpenIdProviderMetadata

Returns:

URL of a page containing human-readable information that developers might want or need to know when using the OpenID Provider.

getClaimsLocalesSupported

@Nullable
public List<String> getClaimsLocalesSupported()

Description copied from interface: OpenIdProviderMetadata

claims_locales_supported OPTIONAL.

Specified by:

getClaimsLocalesSupported in interface OpenIdProviderMetadata

Returns:

Languages and scripts supported for values in Claims

getUriLocalesSupported

@Nullable
public List<String> getUriLocalesSupported()

Description copied from interface: OpenIdProviderMetadata

ui_locales_supported OPTIONAL.

Specified by:

getUriLocalesSupported in interface OpenIdProviderMetadata

Returns:

Languages and scripts supported for the user interface

getClaimsParameterSupported

@Nullable
public Boolean getClaimsParameterSupported()

Description copied from interface: OpenIdProviderMetadata

claims_parameter_supported OPTIONAL.

Specified by:

getClaimsParameterSupported in interface OpenIdProviderMetadata

Returns:

Boolean value specifying whether the OP supports use of the claims parameter.

getCodeChallengeMethodsSupported

@Nullable
public List<String> getCodeChallengeMethodsSupported()

Description copied from interface: OpenIdProviderMetadata

code_challenge_methods_supported.

Specified by:

getCodeChallengeMethodsSupported in interface OpenIdProviderMetadata

Returns:

List of the supported transformation methods by the authorisation code verifier for Proof Key for Code Exchange (PKCE).

getIntrospectionEndpoint

@Nullable
public String getIntrospectionEndpoint()

Specified by:

getIntrospectionEndpoint in interface OpenIdProviderMetadata

Returns:

The fully qualified URL of the server's introspection endpoint defined by OAuth Token Introspection [RFC7662]

See Also:

• OAuth 2.0 Token Introspection

getIntrospectionEndpointAuthMethodsSupported

@Nullable
public List<String> getIntrospectionEndpointAuthMethodsSupported()

Specified by:

getIntrospectionEndpointAuthMethodsSupported in interface OpenIdProviderMetadata

Returns:

List of Client Authentication methods supported by Introspection Endpoint

getRevocationEndpoint

@Nullable
public String getRevocationEndpoint()

Specified by:

getRevocationEndpoint in interface OpenIdProviderMetadata

Returns:

The fully qualified URL of the server's revocation endpoint defined by Oauth Token Revocation.

See Also:

• OAuth 2.0 Token Revocation

getRevocationEndpointAuthMethodsSupported

@Nullable
public List<String> getRevocationEndpointAuthMethodsSupported()

Specified by:

getRevocationEndpointAuthMethodsSupported in interface OpenIdProviderMetadata

Returns:

List of Client Authentication methods supported by Revocation Endpoint

getCheckSessionIframe

@Nullable
public String getCheckSessionIframe()

Description copied from interface: OpenIdProviderMetadata

check_session_iframe. REQUIRED

Specified by:

getCheckSessionIframe in interface OpenIdProviderMetadata

Returns:

URL of an OP iframe that supports cross-origin communications for session state information with the RP Client, using the HTML5 postMessage API.

getEndSessionEndpoint

@Nullable
public String getEndSessionEndpoint()

Description copied from interface: OpenIdProviderMetadata

end_session_endpoint. REQUIRED

Specified by:

getEndSessionEndpoint in interface OpenIdProviderMetadata

Returns:

URL at the OP to which an RP can perform a redirect to request that the End-User be logged out at the OP.

getRequestParameterSupported

@Nullable
public Boolean getRequestParameterSupported()

Description copied from interface: OpenIdProviderMetadata

request_parameter_supported OPTIONAL.

Specified by:

getRequestParameterSupported in interface OpenIdProviderMetadata

Returns:

Boolean value specifying whether the OP supports use of the request parameter, with true indicating support.

getDefaultRequestParameterSupported

@NonNull
public Boolean getDefaultRequestParameterSupported()

Returns:

As per spec, If requestParameterSupported omitted, the default value is false.

getRequestUriParameterSupported

@Nullable
public Boolean getRequestUriParameterSupported()

Description copied from interface: OpenIdProviderMetadata

request_uri_parameter_supported OPTIONAL.

Specified by:

getRequestUriParameterSupported in interface OpenIdProviderMetadata

Returns:

Boolean value specifying whether the OP supports use of the request_uri parameter, with true indicating support.

getDefaultRequestUriParameterSupported

@NonNull
public Boolean getDefaultRequestUriParameterSupported()

Returns:

As per spec, If requestUriParameterSupported omitted, the default value is false.

getOpPolicyUri

@Nullable
public String getOpPolicyUri()

Description copied from interface: OpenIdProviderMetadata

op_policy_uri OPTIONAL.

Specified by:

getOpPolicyUri in interface OpenIdProviderMetadata

Returns:

URL that the OpenID Provider provides to the person registering the Client to read about the OP's requirements on how the Relying Party can use the data provided by the OP.

getOpTosUri

@Nullable
public String getOpTosUri()

Description copied from interface: OpenIdProviderMetadata

op_tos_uri. OPTIONAL.

Specified by:

getOpTosUri in interface OpenIdProviderMetadata

Returns:

URL that the OpenID Provider provides to the person registering the Client to read about OpenID Provider's terms of service.

getRequestObjectSigningAlgValuesSupported

@Nullable
public List<String> getRequestObjectSigningAlgValuesSupported()

Description copied from interface: OpenIdProviderMetadata

request_object_signing_alg_values_supported. OPTIONAL

Specified by:

getRequestObjectSigningAlgValuesSupported in interface OpenIdProviderMetadata

Returns:

List of the JWS signing algorithms (alg values) supported by the OP for Request Objects.

getRequestObjectEncryptionAlgValuesSupported

@Nullable
public List<String> getRequestObjectEncryptionAlgValuesSupported()

Description copied from interface: OpenIdProviderMetadata

request_object_encryption_alg_values_supported OPTIONAL.

Specified by:

getRequestObjectEncryptionAlgValuesSupported in interface OpenIdProviderMetadata

Returns:

list of the JWE encryption algorithms (alg values) supported by the OP for Request Objects.

getRequestObjectEncryptionEncValuesSupported

@Nullable
public List<String> getRequestObjectEncryptionEncValuesSupported()

Description copied from interface: OpenIdProviderMetadata

request_object_encryption_enc_values_supported OPTIONAL.

Specified by:

getRequestObjectEncryptionEncValuesSupported in interface OpenIdProviderMetadata

Returns:

List of the JWE encryption algorithms (enc values) supported by the OP for Request Objects.

builder

@NonNull
public static DefaultOpenIdProviderMetadata.Builder builder()

Returns:

Creates a Builder.