OpenIdResolverService (OpenAM Server Only 6.5.5 Documentation)

All Known Implementing Classes:

OpenIdResolverServiceImpl
```
public interface OpenIdResolverService
```
Interface through which OpenIdResolvers are obtained, and the service providing them is configured. A resolver can be configured through a number of configurations, each of which results in the generation of a key which can be used to perform cryptographic verification of the JWS which will be provided to the resolver once it is configured inside the service. The service will then provide access to the specific resolver needed at the point of verification by keying on its OpenIdResolver.getIssuer() value. Resolvers can be configured by supplying one of the following configurations: - The issuer's name, along with the specific location of the public key to use when performing verification as drawn from a standard trust store. - The issuer's name, along with a shared secret which can be used to create an HMAC which will verify the signature in the provided JWS. - The issuer's name, along with the URL of a JWK set, which provides keys through a public exposure point. - A .well-known configuration URL, which provides both the issuer name and location of the corresponding JWK set which it should use to configure the resolver.

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`boolean`	`configureResolverWithJWK(String issuer, URL jwkUrl)` Configures a new resolver implementation using the given parameters for this service which is later retrievable.
`boolean`	`configureResolverWithKey(String issuer, String keyAlias, String keystoreLocation, String keystoreType, String keystorePassword)` Configures a new resolver implementation using the given parameters for this service which is later retrievable.
`boolean`	`configureResolverWithSecret(String issuer, String sharedSecret)` Configures a new resolver implementation using the given parameters for this service which is later retrievable.
`boolean`	`configureResolverWithWellKnownOpenIdConfiguration(URL configUrl)` Configures a new resolver implementation using the given configUrl as the location from which to draw all necessary information pertaining to the resolver.
`Optional<OpenIdResolver>`	`getResolverForIssuer(String issuer)` Returns the appropriate OpenId Connect resolver for the issuer.

- Method Detail
  - getResolverForIssuer
```
Optional<OpenIdResolver> getResolverForIssuer(String issuer)
```
    Returns the appropriate OpenId Connect resolver for the issuer. The OpenId Connect JWT's "iss" field MUST be identical to the issuer param.
    
    Parameters:
    
    issuer - Reference to the issuer of the OpenID Connect JWT
    
    Returns:
    
    an Optional containing the OpenIdResolver for the corresponding provider if found
  - configureResolverWithKey
```
boolean configureResolverWithKey(String issuer,
                                 String keyAlias,
                                 String keystoreLocation,
                                 String keystoreType,
                                 String keystorePassword)
```
    Configures a new resolver implementation using the given parameters for this service which is later retrievable.
    
    Parameters:
    
    issuer - issuer's name - the OpenID Connect "iss" field
    
    keyAlias - alias inside the keystore of the public key for this resolver
    
    keystoreLocation - location of the keystore from which to retrieve the key
    
    keystoreType - the type of keystore to connect to
    
    keystorePassword - password for connecting to the keystore
    
    Returns:
    
    true if resolver configured successfully, false otherwise
  - configureResolverWithSecret
```
boolean configureResolverWithSecret(String issuer,
                                    String sharedSecret)
```
    Configures a new resolver implementation using the given parameters for this service which is later retrievable.
    
    Parameters:
    
    issuer - issuer's name - the OpenID Connect "iss" field
    
    sharedSecret - secret shared between client and provider
    
    Returns:
    
    true if resolver configured successfully, false otherwise
  - configureResolverWithJWK
```
boolean configureResolverWithJWK(String issuer,
                                 URL jwkUrl)
```
    Configures a new resolver implementation using the given parameters for this service which is later retrievable.
    
    Parameters:
    
    issuer - issuer's name - the OpenID Connect "iss" field
    
    jwkUrl - location from which to determine which public key to use
    
    Returns:
    
    true if resolver configured successfully, false otherwise
  - configureResolverWithWellKnownOpenIdConfiguration
```
boolean configureResolverWithWellKnownOpenIdConfiguration(URL configUrl)
```
    Configures a new resolver implementation using the given configUrl as the location from which to draw all necessary information pertaining to the resolver. Specifically and minimally this means the issuer value and the location of the JWK url
    
    Parameters:
    
    configUrl - The well-known Open Id Connect configuration url
    
    Returns:
    
    true if resolver configured successfully, false otherwise

Interface OpenIdResolverService

Method Summary

Method Detail

getResolverForIssuer

configureResolverWithKey

configureResolverWithSecret

configureResolverWithJWK

configureResolverWithWellKnownOpenIdConfiguration