org.forgerock.oauth.resolvers

Class OpenIdResolverFactory

java.lang.Object

org.forgerock.oauth.resolvers.OpenIdResolverFactory

public class OpenIdResolverFactory
extends Object

For producing OpenId Resolvers.

Constructor Summary

Constructors

Constructor and Description
OpenIdResolverFactory(int readTimeout, int connTimeout) For generating an OpenIDResolverFactory with the supplied timeouts which will be used for all HTTP communication originating form this factory.

Method Summary

Modifier and Type	Method and Description
OpenIdResolver	createFromOpenIDConfigUrl(URL configUrl) Creates a public key resolver for the supplied issuer using keys supplied at the .well-known open ID configuration URL.
OpenIdResolver	createJWKResolver(String issuer, URL jwkUrl) Creates a public key resolver for the supplied issuer using keys supplied at the JWK Set URL.
OpenIdResolver	createJWKResolver(String issuer, URL jwkUrl, int readTimeout, int connTimeout) Deprecated. Replaced by OpenIdResolverFactory.createJWKResolver(String, URL) ()}
OpenIdResolver	createPublicKeyResolver(String issuer, PublicKey key) Creates a public key resolver for the supplied issuer.
OpenIdResolver	createSecretsProviderResolver(String issuer, SecretsProvider provider, Purpose<VerificationKey> purpose) Creates a public key based resolver for the supplied issuer using keys available through the given provider.
OpenIdResolver	createSharedSecretResolver(String issuer, String sharedSecret) Creates a shared secret (HMAC) key resolver for the supplied issuer.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OpenIdResolverFactory

public OpenIdResolverFactory(int readTimeout,
                             int connTimeout)

For generating an OpenIDResolverFactory with the supplied timeouts which will be used for all HTTP communication originating form this factory.

Parameters:

readTimeout - HTTP read timeout for produced resolvers

connTimeout - HTTP connection timeout for produced resolvers

Method Detail

createPublicKeyResolver

public OpenIdResolver createPublicKeyResolver(String issuer,
                                              PublicKey key)

Creates a public key resolver for the supplied issuer.

Parameters:

issuer - The issuer's reference name

key - Key to use for this issuer

Returns:

a configured and usable PublicKeyOpenIdResolverImpl

createSharedSecretResolver

public OpenIdResolver createSharedSecretResolver(String issuer,
                                                 String sharedSecret)

Creates a shared secret (HMAC) key resolver for the supplied issuer.

Parameters:

issuer - The issuer's reference name

sharedSecret - SharedSecret for which to use with HMAC

Returns:

a configured and usable SharedSecretOpenIdResolverImpl

createJWKResolver

@Deprecated
public OpenIdResolver createJWKResolver(String issuer,
                                                    URL jwkUrl,
                                                    int readTimeout,
                                                    int connTimeout)
                                             throws FailedToLoadJWKException

Deprecated. Replaced by OpenIdResolverFactory.createJWKResolver(String, URL) ()}

See OpenIdResolverFactory.createJWKResolver(String, URL) ()}.

Parameters:

issuer - The issuer's reference name

jwkUrl - From which to read the JWK Set

readTimeout - read timeout setting for HTTP connections

connTimeout - connection timeout setting for HTTP connections

Returns:

a configured and usable JWKOpenIdResolverImpl

Throws:

FailedToLoadJWKException - If there were problems reading or configuring data from the URL

createJWKResolver

public OpenIdResolver createJWKResolver(String issuer,
                                        URL jwkUrl)
                                 throws FailedToLoadJWKException

Creates a public key resolver for the supplied issuer using keys supplied at the JWK Set URL.

Parameters:

issuer - The issuer's reference name

jwkUrl - From which to read the JWK Set

Returns:

a configured and usable JWKOpenIdResolverImpl

Throws:

FailedToLoadJWKException - If there were problems reading or configuring data from the URL

createSecretsProviderResolver

public OpenIdResolver createSecretsProviderResolver(String issuer,
                                                    SecretsProvider provider,
                                                    Purpose<VerificationKey> purpose)

Creates a public key based resolver for the supplied issuer using keys available through the given provider.

The JWT kid attribute is used as secret's stable ID when looking up the secret.

Parameters:

issuer - The issuer's reference name

provider - Secrets provider

purpose - verification key purpose

Returns:

a configured and usable SecretsProviderOpenIdResolver

createFromOpenIDConfigUrl

public OpenIdResolver createFromOpenIDConfigUrl(URL configUrl)
                                         throws FailedToLoadJWKException

Creates a public key resolver for the supplied issuer using keys supplied at the .well-known open ID configuration URL.

Parameters:

configUrl - Location of the .well-known Open ID Connect config

Returns:

a configured and usable JWKOpenIdResolverImpl

Throws:

FailedToLoadJWKException - If there were problems reading or configuring data from the URL