org.forgerock.oauth.resolvers.service

Class OpenIdResolverServiceImpl

java.lang.Object

org.forgerock.oauth.resolvers.service.OpenIdResolverServiceImpl

All Implemented Interfaces:

OpenIdResolverService

public class OpenIdResolverServiceImpl
extends Object
implements OpenIdResolverService

Holds a copy of the current OpenID Resolvers. As new resolvers are configured, this class loads up the appropriate verification key and stores it along with the other information necessary for it to perform its task. This service stores OpenIdResolvers against their issuer key, so the appropriate OpenIdResolver can be looked up.

Constructor Summary

Constructors

Constructor and Description
OpenIdResolverServiceImpl(int readTimeout, int connTimeout) Constructor for the OpenIdResolverServiceImpl which will use the supplied read and connection timeouts when communicating over HTTP.

Method Summary

Modifier and Type	Method and Description
boolean	configureResolverWithJWK(String issuer, URL jwkUrl) Configures a new Resolver by setting it up to download public keys from the supplied url.
boolean	configureResolverWithKey(String issuer, String keyAlias, String keystoreLocation, String keystoreType, String keystorePassword) Configures a new Resolver by finding the appropriate public key in the supplied keystore, and adds it to the Map of current resolvers.
boolean	configureResolverWithSecret(String issuer, String sharedSecret) Configures a new Resolver by finding the appropriate public key in the supplied keystore, and adds it to the Map of current resolvers.
boolean	configureResolverWithWellKnownOpenIdConfiguration(URL configUrl) Configures a new Resolver by setting it up to download public keys from the supplied well-known Open Id Connect URL.
Optional<OpenIdResolver>	getResolverForIssuer(String issuer) Returns the appropriate resolver for the given issuer - if it exists.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OpenIdResolverServiceImpl

public OpenIdResolverServiceImpl(int readTimeout,
                                 int connTimeout)

Constructor for the OpenIdResolverServiceImpl which will use the supplied read and connection timeouts when communicating over HTTP.

Parameters:

readTimeout - HTTP read timeout for resolvers

connTimeout - HTTP connection timeout for resolvers

Method Detail

getResolverForIssuer

public Optional<OpenIdResolver> getResolverForIssuer(String issuer)

Returns the appropriate resolver for the given issuer - if it exists. Otherwise null.

Specified by:

getResolverForIssuer in interface OpenIdResolverService

Parameters:

issuer - The name of the issuer of the Open Id Connect token to check

Returns:

An Optional resolver which can handle verification of the Open Id Connect token

configureResolverWithKey

public boolean configureResolverWithKey(String issuer,
                                        String keyAlias,
                                        String keystoreLocation,
                                        String keystoreType,
                                        String keystorePassword)

Configures a new Resolver by finding the appropriate public key in the supplied keystore, and adds it to the Map of current resolvers.

Specified by:

configureResolverWithKey in interface OpenIdResolverService

Parameters:

issuer - The issuer which provides the Open ID Connect auth token

keyAlias - The alias under which the public key is stored

keystoreLocation - location of the keystore file

keystoreType - type of the keystore file

keystorePassword - password to enter the keystore

Returns:

true if the resolver was configured successfully, false otherwise

configureResolverWithSecret

public boolean configureResolverWithSecret(String issuer,
                                           String sharedSecret)

Configures a new Resolver by finding the appropriate public key in the supplied keystore, and adds it to the Map of current resolvers.

Specified by:

configureResolverWithSecret in interface OpenIdResolverService

Parameters:

issuer - The issuer which provides the Open ID Connect auth token

sharedSecret - The known-to-both-parties secret String

Returns:

true if the resolver was configured successfully, false otherwise

configureResolverWithJWK

public boolean configureResolverWithJWK(String issuer,
                                        URL jwkUrl)

Configures a new Resolver by setting it up to download public keys from the supplied url.

Specified by:

configureResolverWithJWK in interface OpenIdResolverService

Parameters:

issuer - The issuer which provides the Open ID Connect auth token

jwkUrl - location from which to determine which public key to use

Returns:

true if the resolver was configured successfully, false otherwise

configureResolverWithWellKnownOpenIdConfiguration

public boolean configureResolverWithWellKnownOpenIdConfiguration(URL configUrl)

Configures a new Resolver by setting it up to download public keys from the supplied well-known Open Id Connect URL.

Specified by:

configureResolverWithWellKnownOpenIdConfiguration in interface OpenIdResolverService

Parameters:

configUrl - location from which to determine which public key to use

Returns:

true if the resolver was configured successfully, false otherwise