Package net.shibboleth.oidc.profile.oauth2.config

Class AbstractOAuth2TokenValidatingConfiguration

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

net.shibboleth.utilities.java.support.component.AbstractIdentifiedInitializableComponent

net.shibboleth.utilities.java.support.component.AbstractIdentifiableInitializableComponent

net.shibboleth.idp.profile.config.AbstractProfileConfiguration

net.shibboleth.idp.profile.config.AbstractConditionalProfileConfiguration

net.shibboleth.oidc.profile.oauth2.config.AbstractOAuth2ClientAuthenticableProfileConfiguration

net.shibboleth.oidc.profile.oauth2.config.AbstractOAuth2TokenValidatingConfiguration

All Implemented Interfaces:

net.shibboleth.idp.authn.config.AuthenticationProfileConfiguration, net.shibboleth.idp.profile.config.ConditionalProfileConfiguration, net.shibboleth.idp.profile.config.OverriddenIssuerProfileConfiguration, net.shibboleth.idp.profile.config.ProfileConfiguration, OAuth2ProfileConfiguration, Component, DestructableComponent, IdentifiableComponent, IdentifiedComponent, InitializableComponent

Direct Known Subclasses:

OAuth2TokenIntrospectionConfiguration, OAuth2TokenRevocationConfiguration, OIDCUserInfoConfiguration

public class AbstractOAuth2TokenValidatingConfiguration
extends AbstractOAuth2ClientAuthenticableProfileConfiguration
implements net.shibboleth.idp.profile.config.OverriddenIssuerProfileConfiguration

Base class for profile configurations that validate previously issued OAuth2 tokens.

Since:

2.0.0

Field Summary

Fields

Modifier and Type	Field	Description
private Function<ProfileRequestContext,ClaimsValidator>	issuedClaimsValidatorLookupStrategy	Validation of JWT claims for issued tokens.
private Function<ProfileRequestContext,String>	issuerLookupStrategy	Lookup function to override issuer value.

Fields inherited from class net.shibboleth.idp.profile.config.AbstractProfileConfiguration

DEFAULT_DISALLOWED_FEATURES

Constructor Summary

Constructors

Constructor	Description
AbstractOAuth2TokenValidatingConfiguration(String profileId)	Creates a new configuration instance.

Method Summary

Modifier and Type	Method	Description
ClaimsValidator	getIssuedClaimsValidator(ProfileRequestContext profileRequestContext)	Get the ClaimsValidator to apply to issued JWT-based tokens being validated by this profile.
String	getIssuer(ProfileRequestContext profileRequestContext)
void	setIssuedClaimsValidator(ClaimsValidator validator)	Set the ClaimsValidator to apply to issued JWT-based tokens being validated by this profile.
void	setIssuedClaimsValidatorLookupStrategy(Function<ProfileRequestContext,ClaimsValidator> strategy)	Set a lookup strategy for the ClaimsValidator to apply to issued JWT-based tokens being validated by this profile.
void	setIssuer(String issuer)	Set overridden issuer value.
void	setIssuerLookupStrategy(Function<ProfileRequestContext,String> strategy)	Sets lookup strategy for overridden issuer value.

Methods inherited from class net.shibboleth.oidc.profile.oauth2.config.AbstractOAuth2ClientAuthenticableProfileConfiguration

getAuthenticationFlows, getClaimsValidator, getDefaultAuthenticationMethods, getPostAuthenticationFlows, getProxyCount, getTokenEndpointAuthMethods, isForceAuthn, setAuthenticationFlows, setAuthenticationFlowsLookupStrategy, setClaimsValidator, setClaimsValidatorLookupStrategy, setDefaultAuthenticationMethods, setDefaultAuthenticationMethodsLookupStrategy, setForceAuthn, setForceAuthnPredicate, setPostAuthenticationFlows, setPostAuthenticationFlowsLookupStrategy, setProxyCount, setProxyCountLookupStrategy, setTokenEndpointAuthMethods, setTokenEndpointAuthMethodsLookupStrategy

Methods inherited from class net.shibboleth.idp.profile.config.AbstractConditionalProfileConfiguration

getActivationCondition, setActivationCondition

Methods inherited from class net.shibboleth.idp.profile.config.AbstractProfileConfiguration

equals, getDisallowedFeatures, getInboundInterceptorFlows, getOutboundInterceptorFlows, getSecurityConfiguration, hashCode, isFeatureDisallowed, setDisallowedFeatures, setDisallowedFeaturesLookupStrategy, setInboundFlowsLookupStrategy, setInboundInterceptorFlows, setInboundInterceptorFlowsLookupStrategy, setOutboundFlowsLookupStrategy, setOutboundInterceptorFlows, setOutboundInterceptorFlowsLookupStrategy, setSecurityConfiguration, setSecurityConfigurationLookupStrategy

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractIdentifiableInitializableComponent

setId

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractIdentifiedInitializableComponent

doInitialize, getId

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, doDestroy, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.idp.authn.config.AuthenticationProfileConfiguration

isLocal

Methods inherited from interface net.shibboleth.utilities.java.support.component.IdentifiedComponent

getId

Methods inherited from interface net.shibboleth.idp.profile.config.ProfileConfiguration

getInboundInterceptorFlows, getOutboundInterceptorFlows, getSecurityConfiguration

Field Detail

issuerLookupStrategy

@Nonnull
private Function<ProfileRequestContext,String> issuerLookupStrategy

Lookup function to override issuer value.

issuedClaimsValidatorLookupStrategy

@Nonnull
private Function<ProfileRequestContext,ClaimsValidator> issuedClaimsValidatorLookupStrategy

Validation of JWT claims for issued tokens.

Constructor Detail

AbstractOAuth2TokenValidatingConfiguration

public AbstractOAuth2TokenValidatingConfiguration(@Nonnull @NotEmpty
                                                  String profileId)

Creates a new configuration instance.

Parameters:

profileId - Unique profile identifier.

Method Detail

getIssuer

@Nullable
@NotEmpty
public String getIssuer(@Nullable
                        ProfileRequestContext profileRequestContext)

Specified by:

getIssuer in interface net.shibboleth.idp.profile.config.OverriddenIssuerProfileConfiguration

setIssuer

public void setIssuer(@Nullable @NotEmpty
                      String issuer)

Set overridden issuer value.

Parameters:

issuer - issuer value

setIssuerLookupStrategy

public void setIssuerLookupStrategy(@Nonnull
                                    Function<ProfileRequestContext,String> strategy)

Sets lookup strategy for overridden issuer value.

Parameters:

strategy - lookup strategy

getIssuedClaimsValidator

@Nullable
public ClaimsValidator getIssuedClaimsValidator(@Nullable
                                                ProfileRequestContext profileRequestContext)

Get the ClaimsValidator to apply to issued JWT-based tokens being validated by this profile.

Parameters:

profileRequestContext - current profile request context

Returns:

the validator to use

setIssuedClaimsValidator

public void setIssuedClaimsValidator(@Nullable
                                     ClaimsValidator validator)

Set the ClaimsValidator to apply to issued JWT-based tokens being validated by this profile.

Parameters:

validator - validator to use

setIssuedClaimsValidatorLookupStrategy

public void setIssuedClaimsValidatorLookupStrategy(@Nonnull
                                                   Function<ProfileRequestContext,ClaimsValidator> strategy)

Set a lookup strategy for the ClaimsValidator to apply to issued JWT-based tokens being validated by this profile.

Parameters:

strategy - lookup strategy