Package org.forgerock.oauth.resolvers

Class OpenIdResolverFactory

  • public class OpenIdResolverFactory
extends Object
    For producing OpenId Resolvers.

    • Constructor Detail

      • OpenIdResolverFactory

        public OpenIdResolverFactory​(Client client)
        For generating an OpenIDResolverFactory with the supplied client which will be used for all HTTP communication originating form this factory.
        Parameters:
        client - The client to use

      • OpenIdResolverFactory

        @Deprecated
public OpenIdResolverFactory​(int readTimeout,
                             int connTimeout)
        Deprecated.
        Use org.forgerock.oauth.resolvers.OpenIdResolverFactory#OpenIdResolverFactory (org.forgerock.http.Client) instead
        For generating an OpenIDResolverFactory with the supplied timeouts which will be used for all HTTP communication originating form this factory.
        Parameters:
        readTimeout - HTTP read timeout for produced resolvers
        connTimeout - HTTP connection timeout for produced resolvers

    • Method Detail

      • createPublicKeyResolver

        public OpenIdResolver createPublicKeyResolver​(String issuer,
                                              PublicKey key)
        Creates a public key resolver for the supplied issuer.
        Parameters:
        issuer - The issuer's reference name
        key - Key to use for this issuer
        Returns:
        a configured and usable PublicKeyOpenIdResolverImpl

      • createSharedSecretResolver

        public OpenIdResolver createSharedSecretResolver​(String issuer,
                                                 String sharedSecret)
        Creates a shared secret (HMAC) key resolver for the supplied issuer.
        Parameters:
        issuer - The issuer's reference name
        sharedSecret - SharedSecret for which to use with HMAC
        Returns:
        a configured and usable SharedSecretOpenIdResolverImpl

      • createJWKResolver

        public OpenIdResolver createJWKResolver​(String issuer,
                                        URL jwkUrl)
                                 throws FailedToLoadJWKException
        Creates a public key resolver for the supplied issuer using keys supplied at the JWK Set URL.
        Parameters:
        issuer - The issuer's reference name
        jwkUrl - From which to read the JWK Set
        Returns:
        a configured and usable JWKOpenIdResolverImpl
        Throws:
        FailedToLoadJWKException - If there were problems reading or configuring data from the URL

      • createSecretsProviderResolver

        public OpenIdResolver createSecretsProviderResolver​(String issuer,
                                                    SecretsProvider provider,
                                                    Purpose<VerificationKey> purpose)
        Creates a public key based resolver for the supplied issuer using keys available through the given provider.

        The JWT kid attribute is used as secret's stable ID when looking up the secret.

        Parameters:
        issuer - The issuer's reference name
        provider - Secrets provider
        purpose - verification key purpose
        Returns:
        a configured and usable SecretsProviderOpenIdResolver

      • createFromOpenIDConfigUrl

        public OpenIdResolver createFromOpenIDConfigUrl​(String issuer,
                                                URL configUrl)
                                         throws FailedToLoadJWKException
        Creates a public key resolver for the supplied issuer using keys supplied at the .well-known open ID configuration URL.
        Parameters:
        issuer - The issuer's reference name
        configUrl - Location of the .well-known Open ID Connect config
        Returns:
        a configured and usable JWKOpenIdResolverImpl
        Throws:
        FailedToLoadJWKException - If there were problems reading or configuring data from the URL