Package net.shibboleth.oidc.profile.config

Class OIDCDynamicRegistrationConfiguration

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

net.shibboleth.utilities.java.support.component.AbstractIdentifiedInitializableComponent

net.shibboleth.utilities.java.support.component.AbstractIdentifiableInitializableComponent

net.shibboleth.idp.profile.config.AbstractProfileConfiguration

net.shibboleth.idp.profile.config.AbstractConditionalProfileConfiguration

net.shibboleth.oidc.profile.oauth2.config.AbstractOAuth2ClientAuthenticableProfileConfiguration

net.shibboleth.oidc.profile.oauth2.config.AbstractOAuth2FlowAwareProfileConfiguration

net.shibboleth.oidc.profile.config.OIDCDynamicRegistrationConfiguration

All Implemented Interfaces:

net.shibboleth.idp.authn.config.AuthenticationProfileConfiguration, net.shibboleth.idp.profile.config.ConditionalProfileConfiguration, net.shibboleth.idp.profile.config.OverriddenIssuerProfileConfiguration, net.shibboleth.idp.profile.config.ProfileConfiguration, OAuth2ProfileConfiguration, Component, DestructableComponent, IdentifiableComponent, IdentifiedComponent, InitializableComponent

public class OIDCDynamicRegistrationConfiguration
extends AbstractOAuth2FlowAwareProfileConfiguration
implements net.shibboleth.idp.profile.config.OverriddenIssuerProfileConfiguration

Profile configuration for the OpenID Connect dynamic client registration.

Field Summary

Fields

Modifier and Type	Field	Description
private Function<ProfileRequestContext,String>	issuerLookupStrategy	Lookup function to override issuer value.
private Function<ProfileRequestContext,Map<String,MetadataPolicy>>	metadataPolicyLookupStrategy	Lookup function to the default metadata policy.
static String	PROFILE_ID	ID for this profile configuration.
static String	PROTOCOL_URI	OIDC base protocol URI.
private Function<ProfileRequestContext,Duration>	registrationValidityPeriodLookupStrategy	Lookup function to supply registration validity period.
private Function<ProfileRequestContext,Duration>	secretExpirationPeriodLookupStrategy	Lookup function to supply client secret expiration period.

Fields inherited from class net.shibboleth.idp.profile.config.AbstractProfileConfiguration

DEFAULT_DISALLOWED_FEATURES

Constructor Summary

Constructors

Constructor	Description
OIDCDynamicRegistrationConfiguration()	Constructor.
OIDCDynamicRegistrationConfiguration(String profileId)	Creates a new configuration instance.

Method Summary

Modifier and Type	Method	Description
String	getIssuer(ProfileRequestContext profileRequestContext)
Map<String,MetadataPolicy>	getMetadataPolicy(ProfileRequestContext profileRequestContext)	Get the metadata policy.
Duration	getRegistrationValidityPeriod(ProfileRequestContext profileRequestContext)	Get dynamic registration validity period.
Duration	getSecretExpirationPeriod(ProfileRequestContext profileRequestContext)	Get client secret expiration period.
void	setIssuer(String issuer)	Set overridden issuer value.
void	setIssuerLookupStrategy(Function<ProfileRequestContext,String> strategy)	Sets lookup strategy for overridden issuer value.
void	setMetadataPolicy(Map<String,MetadataPolicy> policy)	Sets the metadata policy.
void	setMetadataPolicyLookupStrategy(Function<ProfileRequestContext,Map<String,MetadataPolicy>> strategy)	Set a lookup strategy for the metadata policy.
void	setRegistrationValidityPeriod(Duration period)	Sets the registration validity period.
void	setRegistrationValidityPeriodLookupStrategy(Function<ProfileRequestContext,Duration> strategy)	Set a lookup strategy for the registration validity period.
void	setSecretExpirationPeriod(Duration period)	Sets the client secret expiration period.
void	setSecretExpirationPeriodLookupStrategy(Function<ProfileRequestContext,Duration> strategy)	Set a lookup strategy for the client secret expiration period.

Methods inherited from class net.shibboleth.oidc.profile.oauth2.config.AbstractOAuth2FlowAwareProfileConfiguration

isAuthorizationCodeFlowEnabled, isHybridFlowEnabled, isImplicitFlowEnabled, isRefreshTokensEnabled, setAuthorizationCodeFlowEnabled, setAuthorizationCodeFlowEnabledPredicate, setHybridFlowEnabled, setHybridFlowEnabledPredicate, setImplicitFlowEnabled, setImplicitFlowEnabledPredicate, setRefreshTokensEnabled, setRefreshTokensEnabledPredicate

Methods inherited from class net.shibboleth.oidc.profile.oauth2.config.AbstractOAuth2ClientAuthenticableProfileConfiguration

getAuthenticationFlows, getClaimsValidator, getDefaultAuthenticationMethods, getPostAuthenticationFlows, getProxyCount, getTokenEndpointAuthMethods, isForceAuthn, setAuthenticationFlows, setAuthenticationFlowsLookupStrategy, setClaimsValidator, setClaimsValidatorLookupStrategy, setDefaultAuthenticationMethods, setDefaultAuthenticationMethodsLookupStrategy, setForceAuthn, setForceAuthnPredicate, setPostAuthenticationFlows, setPostAuthenticationFlowsLookupStrategy, setProxyCount, setProxyCountLookupStrategy, setTokenEndpointAuthMethods, setTokenEndpointAuthMethodsLookupStrategy

Methods inherited from class net.shibboleth.idp.profile.config.AbstractConditionalProfileConfiguration

getActivationCondition, setActivationCondition

Methods inherited from class net.shibboleth.idp.profile.config.AbstractProfileConfiguration

equals, getDisallowedFeatures, getInboundInterceptorFlows, getOutboundInterceptorFlows, getSecurityConfiguration, hashCode, isFeatureDisallowed, setDisallowedFeatures, setDisallowedFeaturesLookupStrategy, setInboundFlowsLookupStrategy, setInboundInterceptorFlows, setInboundInterceptorFlowsLookupStrategy, setOutboundFlowsLookupStrategy, setOutboundInterceptorFlows, setOutboundInterceptorFlowsLookupStrategy, setSecurityConfiguration, setSecurityConfigurationLookupStrategy

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractIdentifiableInitializableComponent

setId

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractIdentifiedInitializableComponent

doInitialize, getId

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, doDestroy, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.idp.authn.config.AuthenticationProfileConfiguration

isLocal

Methods inherited from interface net.shibboleth.utilities.java.support.component.IdentifiedComponent

getId

Methods inherited from interface net.shibboleth.idp.profile.config.ProfileConfiguration

getInboundInterceptorFlows, getOutboundInterceptorFlows, getSecurityConfiguration

Field Detail

PROTOCOL_URI

public static final String PROTOCOL_URI

OIDC base protocol URI.

See Also:

Constant Field Values

PROFILE_ID

public static final String PROFILE_ID

ID for this profile configuration.

See Also:

Constant Field Values

issuerLookupStrategy

@Nonnull
private Function<ProfileRequestContext,String> issuerLookupStrategy

Lookup function to override issuer value.

registrationValidityPeriodLookupStrategy

@Nonnull
private Function<ProfileRequestContext,Duration> registrationValidityPeriodLookupStrategy

Lookup function to supply registration validity period.

secretExpirationPeriodLookupStrategy

@Nullable
private Function<ProfileRequestContext,Duration> secretExpirationPeriodLookupStrategy

Lookup function to supply client secret expiration period.

metadataPolicyLookupStrategy

@Nullable
private Function<ProfileRequestContext,Map<String,MetadataPolicy>> metadataPolicyLookupStrategy

Lookup function to the default metadata policy.

Constructor Detail

OIDCDynamicRegistrationConfiguration

public OIDCDynamicRegistrationConfiguration()

Constructor.

OIDCDynamicRegistrationConfiguration

public OIDCDynamicRegistrationConfiguration(@Nonnull @NotEmpty
                                            String profileId)

Creates a new configuration instance.

Parameters:

profileId - Unique profile identifier.

Method Detail

getIssuer

@Nullable
@NotEmpty
public String getIssuer(@Nullable
                        ProfileRequestContext profileRequestContext)

Specified by:

getIssuer in interface net.shibboleth.idp.profile.config.OverriddenIssuerProfileConfiguration

setIssuer

public void setIssuer(@Nullable @NotEmpty
                      String issuer)

Set overridden issuer value.

Parameters:

issuer - issuer value

setIssuerLookupStrategy

public void setIssuerLookupStrategy(@Nonnull
                                    Function<ProfileRequestContext,String> strategy)

Sets lookup strategy for overridden issuer value.

Parameters:

strategy - lookup strategy

getRegistrationValidityPeriod

@Nullable
@NonNegative
public Duration getRegistrationValidityPeriod(@Nullable
                                              ProfileRequestContext profileRequestContext)

Get dynamic registration validity period.

A 0 is interpreted as an unlimited period.

Parameters:

profileRequestContext - profile request context

Returns:

dynamic registration validity period

setRegistrationValidityPeriod

public void setRegistrationValidityPeriod(@Nullable @NonNegative
                                          Duration period)

Sets the registration validity period.

A 0 is interpreted as an unlimited period.

Parameters:

period - registration validity period

setRegistrationValidityPeriodLookupStrategy

public void setRegistrationValidityPeriodLookupStrategy(@Nonnull
                                                        Function<ProfileRequestContext,Duration> strategy)

Set a lookup strategy for the registration validity period.

A null or 0 is interpreted as an unlimited period.

Parameters:

strategy - lookup strategy

getSecretExpirationPeriod

@Nullable
@NonNegative
public Duration getSecretExpirationPeriod(@Nullable
                                          ProfileRequestContext profileRequestContext)

Get client secret expiration period.

A 0 is interpreted as an unlimited period.

Parameters:

profileRequestContext - profile request context

Returns:

client secret expiration period

setSecretExpirationPeriod

public void setSecretExpirationPeriod(@Nullable @NonNegative
                                      Duration period)

Sets the client secret expiration period.

A 0 is interpreted as an unlimited period.

Parameters:

period - registration validity period

setSecretExpirationPeriodLookupStrategy

public void setSecretExpirationPeriodLookupStrategy(@Nonnull
                                                    Function<ProfileRequestContext,Duration> strategy)

Set a lookup strategy for the client secret expiration period.

A null or 0 is interpreted as an unlimited period.

Parameters:

strategy - lookup strategy

getMetadataPolicy

@Nullable
public Map<String,MetadataPolicy> getMetadataPolicy(@Nullable
                                                          ProfileRequestContext profileRequestContext)

Get the metadata policy.

Parameters:

profileRequestContext - profile request context

Returns:

metadata policy

setMetadataPolicy

public void setMetadataPolicy(@Nonnull
                              Map<String,MetadataPolicy> policy)

Sets the metadata policy.

Parameters:

policy - metadata policy

setMetadataPolicyLookupStrategy

public void setMetadataPolicyLookupStrategy(@Nonnull
                                            Function<ProfileRequestContext,Map<String,MetadataPolicy>> strategy)

Set a lookup strategy for the metadata policy.

Parameters:

strategy - lookup strategy