Class AddGrantTypeToClientMetadata
- java.lang.Object
-
- net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
-
- org.opensaml.profile.action.AbstractProfileAction
-
- org.opensaml.profile.action.AbstractConditionalProfileAction
-
- net.shibboleth.idp.profile.AbstractProfileAction
-
- net.shibboleth.idp.plugin.oidc.op.profile.impl.AbstractOIDCClientMetadataPopulationAction
-
- net.shibboleth.idp.plugin.oidc.op.profile.impl.AddGrantTypeToClientMetadata
-
- All Implemented Interfaces:
Component,DestructableComponent,InitializableComponent,ProfileAction,Aware,MessageSource,MessageSourceAware,Action
public class AddGrantTypeToClientMetadata extends AbstractOIDCClientMetadataPopulationAction
An action that adds the grant_type to the client metadata. The possible values defined in https://openid.net/specs/openid-connect-registration-1_0.html are:- authorization_code: The Authorization Code Grant Type described in OAuth 2.0 Section 4.1.
- implicit: The Implicit Grant Type described in OAuth 2.0 Section 4.2.
- refresh_token: The Refresh Token Grant Type described in OAuth 2.0 Section 6.
-
-
Field Summary
Fields Modifier and Type Field Description private Predicate<ProfileRequestContext>authorizationCodeFlowPredicatePredicate used to indicate whether authorization code flow is enabled.private Predicate<ProfileRequestContext>implicitFlowPredicatePredicate used to indicate whether implicit flow is enabled.private org.slf4j.LoggerlogClass logger.private Predicate<ProfileRequestContext>refreshTokensPredicatePredicate used to indicate whether refresh tokens are enabled.private Map<com.nimbusds.oauth2.sdk.GrantType,Predicate<ProfileRequestContext>>supportedGrantTypesMap of supported grant types and their corresponding predicates.
-
Constructor Summary
Constructors Constructor Description AddGrantTypeToClientMetadata()Constructor.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected voidaddGrantTypeIfEnabled(Set<com.nimbusds.oauth2.sdk.GrantType> resultTypes, com.nimbusds.oauth2.sdk.GrantType grantType, Predicate<ProfileRequestContext> predicate, ProfileRequestContext profileRequestContext)Adds a given grant type to the given set of grant types, if the given predicate is true.protected voiddoExecute(ProfileRequestContext profileRequestContext)protected voiddoInitialize()Predicate<ProfileRequestContext>getAuthorizationCodeFlowEnabled()Get predicate used to indicate whether authorization code flow is enabled.Predicate<ProfileRequestContext>getImplicitFlowEnabled()Get predicate used to indicate whether hybrid flow is enabled.Predicate<ProfileRequestContext>getRefreshTokensEnabled()Get predicate used to indicate whether refresh tokens are enabled.voidsetAuthorizationCodeFlowEnabled(Predicate<ProfileRequestContext> predicate)Set predicate used to indicate whether authorization code flow is enabled.voidsetImplicitFlowEnabled(Predicate<ProfileRequestContext> predicate)Set predicate used to indicate whether hybrid flow is enabled.voidsetRefreshTokensEnabled(Predicate<ProfileRequestContext> predicate)Set predicate used to indicate whether refresh tokens are enabled.-
Methods inherited from class net.shibboleth.idp.plugin.oidc.op.profile.impl.AbstractOIDCClientMetadataPopulationAction
doPreExecute, getInputMetadata, getOutputMetadata, setOidcInputMetadataLookupStrategy, setOidcOutputMetadataLookupStrategy
-
Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction
doExecute, execute, getMessage, getMessage, getMessage, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategy
-
Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction
getActivationCondition, setActivationCondition
-
Methods inherited from class org.opensaml.profile.action.AbstractProfileAction
doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse
-
Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, initialize, isDestroyed, isInitialized
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent
initialize, isInitialized
-
-
-
-
Field Detail
-
log
@Nonnull private final org.slf4j.Logger log
Class logger.
-
authorizationCodeFlowPredicate
@Nonnull private Predicate<ProfileRequestContext> authorizationCodeFlowPredicate
Predicate used to indicate whether authorization code flow is enabled.
-
implicitFlowPredicate
@Nonnull private Predicate<ProfileRequestContext> implicitFlowPredicate
Predicate used to indicate whether implicit flow is enabled.
-
refreshTokensPredicate
@Nonnull private Predicate<ProfileRequestContext> refreshTokensPredicate
Predicate used to indicate whether refresh tokens are enabled.
-
supportedGrantTypes
@Nonnull private Map<com.nimbusds.oauth2.sdk.GrantType,Predicate<ProfileRequestContext>> supportedGrantTypes
Map of supported grant types and their corresponding predicates.
-
-
Method Detail
-
doInitialize
protected void doInitialize() throws ComponentInitializationException- Overrides:
doInitializein classAbstractInitializableComponent- Throws:
ComponentInitializationException
-
getAuthorizationCodeFlowEnabled
public Predicate<ProfileRequestContext> getAuthorizationCodeFlowEnabled()
Get predicate used to indicate whether authorization code flow is enabled.- Returns:
- Predicate used to indicate whether authorization code flow is enabled.
-
setAuthorizationCodeFlowEnabled
public void setAuthorizationCodeFlowEnabled(Predicate<ProfileRequestContext> predicate)
Set predicate used to indicate whether authorization code flow is enabled.- Parameters:
predicate- What to set.
-
getImplicitFlowEnabled
public Predicate<ProfileRequestContext> getImplicitFlowEnabled()
Get predicate used to indicate whether hybrid flow is enabled.- Returns:
- Predicate used to indicate whether hybrid flow is enabled.
-
setImplicitFlowEnabled
public void setImplicitFlowEnabled(Predicate<ProfileRequestContext> predicate)
Set predicate used to indicate whether hybrid flow is enabled.- Parameters:
predicate- What to set.
-
getRefreshTokensEnabled
public Predicate<ProfileRequestContext> getRefreshTokensEnabled()
Get predicate used to indicate whether refresh tokens are enabled.- Returns:
- Predicate used to indicate whether refresh tokens are enabled.
-
setRefreshTokensEnabled
public void setRefreshTokensEnabled(Predicate<ProfileRequestContext> predicate)
Set predicate used to indicate whether refresh tokens are enabled.- Parameters:
predicate- What to set.
-
doExecute
protected void doExecute(@Nonnull ProfileRequestContext profileRequestContext)- Overrides:
doExecutein classAbstractProfileAction
-
addGrantTypeIfEnabled
protected void addGrantTypeIfEnabled(Set<com.nimbusds.oauth2.sdk.GrantType> resultTypes, com.nimbusds.oauth2.sdk.GrantType grantType, Predicate<ProfileRequestContext> predicate, ProfileRequestContext profileRequestContext)
Adds a given grant type to the given set of grant types, if the given predicate is true.- Parameters:
resultTypes- The result set where the grant type is potentially added.grantType- The grant type to check.predicate- The predicate used for checking.profileRequestContext- The profile context used as an input for the predicate.
-
-