OpenIdResolver (OpenAM Server Only 6.5.5 Documentation)

All Known Implementing Classes:

BaseOpenIdResolver, JWKOpenIdResolverImpl, PublicKeyOpenIdResolverImpl, SharedSecretOpenIdResolverImpl
```
public interface OpenIdResolver
```
Validation of Open ID Connect JWTs via verification of their internals (issuer, audience, signature, etc.). Each Resolver relates to one specific issuer (which can be retrieved via OpenIdResolver.getIssuer()) and performs validation against a supplied SignedJwt, throwing an OpenIdConnectVerificationException if there are any issues which do not conform to the verification spec as per: More details on how the verification should be completed can be found at http://openid.net/specs/openid-authentication-2_0.html OpenIdResolver.validateIdentity(org.forgerock.json.jose.jws.SignedJwt) performs all individual checks.

Field Summary

Fields
Modifier and Type	Field and Description
`static String`	`CLIENT_SECRET_KEY` Lookup key for the client secret.
`static String`	`ISSUER_KEY` Lookup key for the issuer's name.
`static String`	`JWK` Lookup key for JWK configuration.
`static String`	`KEY_ALIAS_KEY` Lookup key for a key stored in a keystore.
`static String`	`KEYSTORE_LOCATION_KEY` Lookup key for the location of a keystore.
`static String`	`KEYSTORE_PASS_KEY` Lookup key for the password to a keystore.
`static String`	`KEYSTORE_TYPE_KEY` Lookup key for the type of a keystore.
`static String`	`WELL_KNOWN_CONFIGURATION` Lookup key for a .well-known Open ID Connect config.

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`String`	`getIssuer()` Returns the issuer (IdP) for which this resolver will resolve identities.
`void`	`validateIdentity(SignedJwt idClaim)` Validates the supplied Jwt against this OpenId Connect Idp.

- Field Detail
  - KEY_ALIAS_KEY
```
static final String KEY_ALIAS_KEY
```
    Lookup key for a key stored in a keystore.
    
    See Also:
    
    Constant Field Values
  - ISSUER_KEY
```
static final String ISSUER_KEY
```
    Lookup key for the issuer's name.
    
    See Also:
    
    Constant Field Values
  - CLIENT_SECRET_KEY
```
static final String CLIENT_SECRET_KEY
```
    Lookup key for the client secret.
    
    See Also:
    
    Constant Field Values
  - JWK
```
static final String JWK
```
    Lookup key for JWK configuration.
    
    See Also:
    
    Constant Field Values
  - WELL_KNOWN_CONFIGURATION
```
static final String WELL_KNOWN_CONFIGURATION
```
    Lookup key for a .well-known Open ID Connect config.
    
    See Also:
    
    Constant Field Values
  - KEYSTORE_LOCATION_KEY
```
static final String KEYSTORE_LOCATION_KEY
```
    Lookup key for the location of a keystore.
    
    See Also:
    
    Constant Field Values
  - KEYSTORE_TYPE_KEY
```
static final String KEYSTORE_TYPE_KEY
```
    Lookup key for the type of a keystore.
    
    See Also:
    
    Constant Field Values
  - KEYSTORE_PASS_KEY
```
static final String KEYSTORE_PASS_KEY
```
    Lookup key for the password to a keystore.
    
    See Also:
    
    Constant Field Values
- Method Detail
  - validateIdentity
```
void validateIdentity(SignedJwt idClaim)
               throws OpenIdConnectVerificationException
```
    Validates the supplied Jwt against this OpenId Connect Idp.
    
    Parameters:
    
    idClaim - The Jwt to test is authenticated from this issuer
    
    Throws:
    
    OpenIdConnectVerificationException - If the Jwt is unable to be verified
  - getIssuer
```
String getIssuer()
```
    Returns the issuer (IdP) for which this resolver will resolve identities.
    
    Returns:
    
    the name of the issuer

Interface OpenIdResolver

Field Summary

Method Summary

Field Detail

KEY_ALIAS_KEY

ISSUER_KEY

CLIENT_SECRET_KEY

JWK

WELL_KNOWN_CONFIGURATION

KEYSTORE_LOCATION_KEY

KEYSTORE_TYPE_KEY

KEYSTORE_PASS_KEY

Method Detail

validateIdentity

getIssuer