Package net.shibboleth.oidc.profile.oauth2.config

Class AbstractOAuth2ClientAuthenticableProfileConfiguration

    • Constructor Detail

      • AbstractOAuth2ClientAuthenticableProfileConfiguration

        protected AbstractOAuth2ClientAuthenticableProfileConfiguration​(@Nonnull @NotEmpty
                                                                String profileId)
        Constructor.
        Parameters:
        profileId - Unique profile identifier

    • Method Detail

      • getTokenEndpointAuthMethods

        @Nonnull
@NonnullElements
@NotLive
@Unmodifiable
public Set<String> getTokenEndpointAuthMethods​(@Nullable
                                               ProfileRequestContext profileRequestContext)
        Get the enabled token endpoint authentication methods.
        Parameters:
        profileRequestContext - profile request context
        Returns:
        enabled token endpoint authentication methods

      • setTokenEndpointAuthMethods

        public void setTokenEndpointAuthMethods​(@Nonnull @NonnullElements
                                        Collection<String> methods)
        Set the enabled token endpoint authentication methods.
        Parameters:
        methods - What to set.

      • setTokenEndpointAuthMethodsLookupStrategy

        public void setTokenEndpointAuthMethodsLookupStrategy​(@Nonnull
                                                      Function<ProfileRequestContext,​Set<String>> strategy)
        Set a lookup strategy for the enabled token endpoint authentication methods.
        Parameters:
        strategy - lookup strategy

      • getClaimsValidator

        @Nullable
public ClaimsValidator getClaimsValidator​(@Nullable
                                          ProfileRequestContext profileRequestContext)
        Get the ClaimsValidator to apply to JWT-based client authentication.
        Parameters:
        profileRequestContext - current profile request context
        Returns:
        the validator to use
        Since:
        3.1.0

      • setClaimsValidator

        public void setClaimsValidator​(@Nullable
                               ClaimsValidator validator)
        Set the ClaimsValidator to apply to JWT-based client authentication.
        Parameters:
        validator - validator to use
        Since:
        3.1.0

      • setClaimsValidatorLookupStrategy

        public void setClaimsValidatorLookupStrategy​(@Nonnull
                                             Function<ProfileRequestContext,​ClaimsValidator> strategy)
        Set a lookup strategy for the ClaimsValidator to apply to JWT-based client authentication.
        Parameters:
        strategy - lookup strategy
        Since:
        3.1.0

      • isForceAuthn

        public boolean isForceAuthn​(@Nullable
                            ProfileRequestContext profileRequestContext)
        Specified by:
        isForceAuthn in interface net.shibboleth.idp.authn.config.AuthenticationProfileConfiguration

      • setForceAuthn

        public void setForceAuthn​(boolean flag)
        Set whether a fresh user presence proof should be required for this request.
        Parameters:
        flag - flag to set

      • setForceAuthnPredicate

        public void setForceAuthnPredicate​(@Nonnull
                                   Predicate<ProfileRequestContext> condition)
        Set a condition to determine whether a fresh user presence proof should be required for this request.
        Parameters:
        condition - condition to set

      • getProxyCount

        @Nullable
public Integer getProxyCount​(@Nullable
                             ProfileRequestContext profileRequestContext)
        Specified by:
        getProxyCount in interface net.shibboleth.idp.authn.config.AuthenticationProfileConfiguration

      • setProxyCount

        public void setProxyCount​(@Nullable @NonNegative
                          Integer count)
        Sets the maximum number of times an assertion may be proxied outbound and/or the maximum number of hops between the relying party and a proxied authentication authority inbound.
        Parameters:
        count - proxy count

      • setProxyCountLookupStrategy

        public void setProxyCountLookupStrategy​(@Nonnull
                                        Function<ProfileRequestContext,​Integer> strategy)
        Set a lookup strategy for the maximum number of times an assertion may be proxied outbound and/or the maximum number of hops between the relying party and a proxied authentication authority inbound.
        Parameters:
        strategy - lookup strategy

      • setAuthenticationFlows

        public void setAuthenticationFlows​(@Nullable @NonnullElements
                                   Collection<String> flows)
        Set the authentication flows to use.
        Parameters:
        flows - flow identifiers to use

      • setAuthenticationFlowsLookupStrategy

        public void setAuthenticationFlowsLookupStrategy​(@Nonnull
                                                 Function<ProfileRequestContext,​Set<String>> strategy)
        Set a lookup strategy for the authentication flows to use.
        Parameters:
        strategy - lookup strategy

      • setPostAuthenticationFlows

        public void setPostAuthenticationFlows​(@Nullable @NonnullElements
                                       Collection<String> flows)
        Set the ordered collection of post-authentication interceptor flows to enable.
        Parameters:
        flows - flow identifiers to enable

      • setPostAuthenticationFlowsLookupStrategy

        public void setPostAuthenticationFlowsLookupStrategy​(@Nonnull
                                                     Function<ProfileRequestContext,​Collection<String>> strategy)
        Set a lookup strategy for the post-authentication interceptor flows to enable.
        Parameters:
        strategy - lookup strategy