Package net.shibboleth.idp.plugin.oidc.op.profile.impl

Class AddJwksToClientMetadata

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

org.opensaml.profile.action.AbstractProfileAction

org.opensaml.profile.action.AbstractConditionalProfileAction

net.shibboleth.idp.profile.AbstractProfileAction

net.shibboleth.idp.plugin.oidc.op.profile.impl.AbstractOIDCClientMetadataPopulationAction

net.shibboleth.idp.plugin.oidc.op.profile.impl.AddJwksToClientMetadata

All Implemented Interfaces:

Component, DestructableComponent, InitializableComponent, ProfileAction, Aware, MessageSource, MessageSourceAware, Action

public class AddJwksToClientMetadata
extends AbstractOIDCClientMetadataPopulationAction

An action that adds the jwks or jwks_uri to the client metadata, if one of those were defined in the request. Both cannot be defined, as specified in https://openid.net/specs/openid-connect-registration-1_0.html section 2.

Field Summary

Fields

Modifier and Type	Field	Description
private org.apache.http.client.HttpClient	httpClient	The HttpClient to use.
private HttpClientSecurityParameters	httpClientSecurityParameters	HTTP client security parameters.
private org.slf4j.Logger	log	Class logger.
private Predicate<ProfileRequestContext>	validateRemoteJwkSetPredicate	Predicate used to indicate whether contents of remote JWK set should be validated.

Constructor Summary

Constructors

Constructor	Description
AddJwksToClientMetadata()	Constructor.

Method Summary

Modifier and Type	Method	Description
protected boolean	containsKeys(com.nimbusds.jose.jwk.JWKSet jwkSet)	Checks that the given JWK set contains at least one key.
protected void	doExecute(ProfileRequestContext profileRequestContext)
void	doInitialize()
void	setHttpClient(org.apache.http.client.HttpClient client)	Set the HttpClient to use.
void	setHttpClientSecurityParameters(HttpClientSecurityParameters params)	Set the optional client security parameters.
void	setValidateRemoteJwkSetPredicate(Predicate<ProfileRequestContext> predicate)	Set the predicate used to indicate whether contents of remote JWK set should be validated.

Methods inherited from class net.shibboleth.idp.plugin.oidc.op.profile.impl.AbstractOIDCClientMetadataPopulationAction

doPreExecute, getInputMetadata, getOutputMetadata, setOidcInputMetadataLookupStrategy, setOidcOutputMetadataLookupStrategy

Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction

doExecute, execute, getMessage, getMessage, getMessage, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategy

Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction

getActivationCondition, setActivationCondition

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, doDestroy, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent

initialize, isInitialized

Field Detail

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

httpClient

@NonnullAfterInit
private org.apache.http.client.HttpClient httpClient

The HttpClient to use.

httpClientSecurityParameters

@Nullable
private HttpClientSecurityParameters httpClientSecurityParameters

HTTP client security parameters.

validateRemoteJwkSetPredicate

@Nonnull
private Predicate<ProfileRequestContext> validateRemoteJwkSetPredicate

Predicate used to indicate whether contents of remote JWK set should be validated.

Constructor Detail

AddJwksToClientMetadata

public AddJwksToClientMetadata()

Constructor.

Method Detail

setHttpClient

public void setHttpClient(@Nonnull
                          org.apache.http.client.HttpClient client)

Set the HttpClient to use.

Parameters:

client - client to use

setHttpClientSecurityParameters

public void setHttpClientSecurityParameters(@Nullable
                                            HttpClientSecurityParameters params)

Set the optional client security parameters.

Parameters:

params - the new client security parameters

setValidateRemoteJwkSetPredicate

public void setValidateRemoteJwkSetPredicate(@Nonnull
                                             Predicate<ProfileRequestContext> predicate)

Set the predicate used to indicate whether contents of remote JWK set should be validated.

Parameters:

predicate - the predicate used to indicate whether contents of remote JWK set should be validated.

doInitialize

public void doInitialize()
                  throws ComponentInitializationException

Overrides:

doInitialize in class AbstractInitializableComponent

Throws:

ComponentInitializationException

doExecute

protected void doExecute(@Nonnull
                         ProfileRequestContext profileRequestContext)

Overrides:

doExecute in class AbstractProfileAction

containsKeys

protected boolean containsKeys(com.nimbusds.jose.jwk.JWKSet jwkSet)

Checks that the given JWK set contains at least one key.

Parameters:

jwkSet - The set of JWKs.

Returns:

True if the set contains at least one key, false otherwise.