Interface OpenIdProviderMetadata
- All Superinterfaces:
io.micronaut.core.naming.Named
- All Known Implementing Classes:
DefaultOpenIdProviderMetadata
public interface OpenIdProviderMetadata
extends io.micronaut.core.naming.Named
Metadata describing the configuration of OpenID Providers.
- Since:
- 1.2.0
- Author:
- Sergio del Amo
- See Also:
-
Method Summary
Modifier and TypeMethodDescriptionacr_values_supported.@NonNull String
authorization_endpoint.@Nullable String
check_session_iframe.claims_locales_supported OPTIONAL.@Nullable Boolean
claims_parameter_supported OPTIONAL.claims_supported RECOMMENDED.claim_types_supported OPTIONAL.code_challenge_methods_supported.display_values_supported OPTIONAL.@Nullable String
end_session_endpoint.grant_types_supported.id_token_encryption_enc_values_supported OPTIONAL.id_token_signing_alg_values_supported REQUIRED.@Nullable String
@NonNull String
issuer.@NonNull String
jwks_uri.@Nullable String
op_policy_uri OPTIONAL.@Nullable String
op_tos_uri.@Nullable String
registration_endpoint.request_object_encryption_alg_values_supported OPTIONAL.request_object_encryption_enc_values_supported OPTIONAL.request_object_signing_alg_values_supported.@Nullable Boolean
request_parameter_supported OPTIONAL.@Nullable Boolean
request_uri_parameter_supported OPTIONAL.@Nullable Boolean
require_request_uri_registration OPTIONAL.response_modes_supported.response_types_supported.@Nullable String
scopes_supported.@Nullable String
service_documentation OPTIONAL.subject_types_supported.@NonNull String
token_endpoint.default @NonNull Optional<List<AuthenticationMethod>>
Deprecated, for removal: This API element is subject to removal in a future version.token_endpoint_auth_methods_supported OPTIONAL.token_endpoint_auth_signing_alg_values_supported OPTIONAL.ui_locales_supported OPTIONAL.userinfo_encryption_alg_values_supported.Deprecated, for removal: This API element is subject to removal in a future version.UsegetUserinfoEncryptionAlgValuesSupported()
instead.userinfo_encryption_enc_values_supported OPTIONAL.@Nullable String
userinfo_endpoint.default SecureEndpoint
Methods inherited from interface io.micronaut.core.naming.Named
getName
-
Method Details
-
getIssuer
issuer. REQUIRED.- Returns:
- URL using the https scheme with no query or fragment component that the Open ID Provider asserts as its Issuer Identifier.
-
getAuthorizationEndpoint
authorization_endpoint. REQUIRED.- Returns:
- URL of the Open ID Provider's OAuth 2.0 Authorization Endpoint
-
getTokenEndpoint
token_endpoint. This is REQUIRED unless only the Implicit Flow is used.- Returns:
- URL of the Open ID Provider's OAuth 2.0 Token Endpoint
-
getUserinfoEndpoint
userinfo_endpoint. RECOMMENDED. This URL MUST use the https scheme and MAY contain port, path, and query parameter components.- Returns:
- URL of the Open ID Provider's UserInfo Endpoint
-
getJwksUri
jwks_uri. REQUIRED- Returns:
- URL of the Open ID Provider's JSON Web Key Set
-
getRegistrationEndpoint
registration_endpoint. RECOMMENDED- Returns:
- URL of the Open ID Provider's Dynamic Client Registration Endpoint
-
getScopesSupported
scopes_supported. RECOMMENDED.- Returns:
- List of the OAuth 2.0 [RFC6749] scope values that this server supports.
-
getResponseTypesSupported
response_types_supported. REQUIRED- Returns:
- List of the OAuth 2.0 response_type values that this Open ID Provider supports.
-
getResponseModesSupported
response_modes_supported. OPTIONAL- Returns:
- List of the OAuth 2.0 response_mode values that this Open ID Provider supports.
-
getGrantTypesSupported
grant_types_supported. OPTIONAL- Returns:
- List of the OAuth 2.0 Grant Type values that this Open ID Provider supports.
-
getAcrValuesSupported
acr_values_supported. OPTIONAL.- Returns:
- List of the Authentication Context Class References that this OP supports.
-
getSubjectTypesSupported
subject_types_supported. REQUIRED- Returns:
- List of the Subject Identifier types that this OP supports.
-
getIdTokenSigningAlgValuesSupported
id_token_signing_alg_values_supported REQUIRED.- Returns:
- List of the JWS signing algorithms (alg values) supported by the OP for the ID Token to encode the Claims in a JWT [JWT].
-
getIdTokenEncryptionEncValuesSupported
id_token_encryption_enc_values_supported OPTIONAL.- Returns:
- List of the JWE encryption algorithms (enc values) supported by the OP for the ID Token to encode the Claims in a JWT [JWT].
-
getUserInfoEncryptionAlgValuesSupported
@Deprecated(forRemoval=true) @Nullable @Nullable List<String> getUserInfoEncryptionAlgValuesSupported()Deprecated, for removal: This API element is subject to removal in a future version.UsegetUserinfoEncryptionAlgValuesSupported()
instead.userinfo_encryption_alg_values_supported. OPTIONAL.- Returns:
- List of the JWE [JWE] encryption algorithms (alg values) [JWA] supported by the UserInfo Endpoint to encode the Claims in a JWT [JWT].
-
getUserinfoEncryptionAlgValuesSupported
userinfo_encryption_alg_values_supported. OPTIONAL.- Returns:
- List of the JWE [JWE] encryption algorithms (alg values) [JWA] supported by the UserInfo Endpoint to encode the Claims in a JWT [JWT].
- Since:
- 4.0.2
-
getUserinfoEncryptionEncValuesSupported
userinfo_encryption_enc_values_supported OPTIONAL.- Returns:
- List of the JWE encryption algorithms (enc values) [JWA] supported by the UserInfo Endpoint to encode the Claims in a JWT [JWT].
-
getRequestObjectSigningAlgValuesSupported
request_object_signing_alg_values_supported. OPTIONAL- Returns:
- List of the JWS signing algorithms (alg values) supported by the OP for Request Objects.
-
getRequestObjectEncryptionAlgValuesSupported
request_object_encryption_alg_values_supported OPTIONAL.- Returns:
- list of the JWE encryption algorithms (alg values) supported by the OP for Request Objects.
-
getRequestObjectEncryptionEncValuesSupported
request_object_encryption_enc_values_supported OPTIONAL.- Returns:
- List of the JWE encryption algorithms (enc values) supported by the OP for Request Objects.
-
getTokenEndpointAuthMethodsSupported
token_endpoint_auth_methods_supported OPTIONAL.- Returns:
- List of Client Authentication methods supported by this Token Endpoint.
-
getTokenEndpointAuthSigningAlgValuesSupported
token_endpoint_auth_signing_alg_values_supported OPTIONAL.- Returns:
- List of the JWS signing algorithms (alg values) supported by the Token Endpoint.
-
getDisplayValuesSupported
display_values_supported OPTIONAL.- Returns:
- List of the display parameter values that the OpenID Provider supports.
-
getClaimTypesSupported
claim_types_supported OPTIONAL.- Returns:
- List of the Claim Types that the OpenID Provider supports.
-
getClaimsSupported
claims_supported RECOMMENDED.- Returns:
- List of the Claim Names of the Claims that the OpenID Provider MAY be able to supply values for.
-
getServiceDocumentation
service_documentation OPTIONAL.- Returns:
- URL of a page containing human-readable information that developers might want or need to know when using the OpenID Provider.
-
getClaimsLocalesSupported
claims_locales_supported OPTIONAL.- Returns:
- Languages and scripts supported for values in Claims
-
getUriLocalesSupported
ui_locales_supported OPTIONAL.- Returns:
- Languages and scripts supported for the user interface
-
getClaimsParameterSupported
claims_parameter_supported OPTIONAL.- Returns:
- Boolean value specifying whether the OP supports use of the claims parameter.
-
getRequestParameterSupported
request_parameter_supported OPTIONAL.- Returns:
- Boolean value specifying whether the OP supports use of the request parameter, with true indicating support.
-
getRequestUriParameterSupported
request_uri_parameter_supported OPTIONAL.- Returns:
- Boolean value specifying whether the OP supports use of the request_uri parameter, with true indicating support.
-
getRequireRequestUriRegistration
require_request_uri_registration OPTIONAL.- Returns:
- Boolean value specifying whether the OP requires any request_uri values used to be pre-registered using the request_uris registration parameter. Pre-registration is REQUIRED when the value is true. If omitted, the default value is false.
-
getOpPolicyUri
op_policy_uri OPTIONAL.- Returns:
- URL that the OpenID Provider provides to the person registering the Client to read about the OP's requirements on how the Relying Party can use the data provided by the OP.
-
getOpTosUri
op_tos_uri. OPTIONAL.- Returns:
- URL that the OpenID Provider provides to the person registering the Client to read about OpenID Provider's terms of service.
-
getCodeChallengeMethodsSupported
code_challenge_methods_supported.- Returns:
- List of the supported transformation methods by the authorisation code verifier for Proof Key for Code Exchange (PKCE).
-
getIntrospectionEndpointAuthMethodsSupported
- Returns:
- List of Client Authentication methods supported by Introspection Endpoint
-
getRevocationEndpointAuthMethodsSupported
- Returns:
- List of Client Authentication methods supported by Revocation Endpoint
-
getIntrospectionEndpoint
- Returns:
- The fully qualified URL of the server's introspection endpoint defined by OAuth Token Introspection [RFC7662]
- See Also:
-
getRevocationEndpoint
- Returns:
- The fully qualified URL of the server's revocation endpoint defined by Oauth Token Revocation.
- See Also:
-
getCheckSessionIframe
check_session_iframe. REQUIRED- Returns:
- URL of an OP iframe that supports cross-origin communications for session state information with the RP Client, using the HTML5 postMessage API.
-
getEndSessionEndpoint
end_session_endpoint. REQUIRED- Returns:
- URL at the OP to which an RP can perform a redirect to request that the End-User be logged out at the OP.
-
getTokenEndpointAuthMethods
@NonNull @Deprecated(forRemoval=true) default @NonNull Optional<List<AuthenticationMethod>> getTokenEndpointAuthMethods()Deprecated, for removal: This API element is subject to removal in a future version.UsegetTokenEndpointAuthMethodsSupported()
instead.- Returns:
- the token endpoint authentication methods.
-
tokenEndpoint
default SecureEndpoint tokenEndpoint() throws io.micronaut.context.exceptions.ConfigurationException- Returns:
- The Token endpoint
- Throws:
io.micronaut.context.exceptions.ConfigurationException
- if token endpoint url is not set in configuration- Since:
- 4.10.1
-
getTokenEndpointAuthMethodsSupported()
instead.