Package org.forgerock.oauth.resolvers.service

Class OpenIdResolverServiceImpl

  • All Implemented Interfaces:
    OpenIdResolverService
    public class OpenIdResolverServiceImpl
extends Object
implements OpenIdResolverService
    Holds a copy of the current OpenID Resolvers. As new resolvers are configured, this class loads up the appropriate verification key and stores it along with the other information necessary for it to perform its task. This service stores OpenIdResolvers against their issuer key, so the appropriate OpenIdResolver can be looked up.

    • Constructor Detail

      • OpenIdResolverServiceImpl

        @Deprecated
public OpenIdResolverServiceImpl​(int readTimeout,
                                 int connTimeout)
        Deprecated.
        Use org.forgerock.oauth.resolvers.service.OpenIdResolverServiceImpl#OpenIdResolverServiceImpl (org.forgerock.http.Client) instead.
        Constructor for the OpenIdResolverServiceImpl which will use the supplied read and connection timeouts when communicating over HTTP.
        Parameters:
        readTimeout - HTTP read timeout for resolvers
        connTimeout - HTTP connection timeout for resolvers

      • OpenIdResolverServiceImpl

        public OpenIdResolverServiceImpl​(Client client)
        Constructor for the OpenIdResolverServiceImpl which will use the supplied read and connection timeouts when communicating over HTTP.
        Parameters:
        client - HTTP client for resolvers

    • Method Detail

      • getResolverForIssuer

        public Optional<OpenIdResolver> getResolverForIssuer​(String issuer)
        Returns the appropriate resolver for the given issuer - if it exists. Otherwise null.
        Specified by:
        getResolverForIssuer in interface OpenIdResolverService
        Parameters:
        issuer - The name of the issuer of the Open Id Connect token to check
        Returns:
        An Optional resolver which can handle verification of the Open Id Connect token

      • configureResolverWithKey

        public boolean configureResolverWithKey​(String issuer,
                                        String keyAlias,
                                        String keystoreLocation,
                                        String keystoreType,
                                        String keystorePassword)
        Configures a new Resolver by finding the appropriate public key in the supplied keystore, and adds it to the Map of current resolvers.
        Specified by:
        configureResolverWithKey in interface OpenIdResolverService
        Parameters:
        issuer - The issuer which provides the Open ID Connect auth token
        keyAlias - The alias under which the public key is stored
        keystoreLocation - location of the keystore file
        keystoreType - type of the keystore file
        keystorePassword - password to enter the keystore
        Returns:
        true if the resolver was configured successfully, false otherwise

      • configureResolverWithSecret

        public boolean configureResolverWithSecret​(String issuer,
                                           String sharedSecret)
        Configures a new Resolver by finding the appropriate public key in the supplied keystore, and adds it to the Map of current resolvers.
        Specified by:
        configureResolverWithSecret in interface OpenIdResolverService
        Parameters:
        issuer - The issuer which provides the Open ID Connect auth token
        sharedSecret - The known-to-both-parties secret String
        Returns:
        true if the resolver was configured successfully, false otherwise

      • configureResolverWithJWK

        public boolean configureResolverWithJWK​(String issuer,
                                        URL jwkUrl)
        Configures a new Resolver by setting it up to download public keys from the supplied url.
        Specified by:
        configureResolverWithJWK in interface OpenIdResolverService
        Parameters:
        issuer - The issuer which provides the Open ID Connect auth token
        jwkUrl - location from which to determine which public key to use
        Returns:
        true if the resolver was configured successfully, false otherwise

      • configureResolverWithWellKnownOpenIdConfiguration

        public boolean configureResolverWithWellKnownOpenIdConfiguration​(URL configUrl)
        Configures a new Resolver by setting it up to download public keys from the supplied well-known Open Id Connect URL.
        Specified by:
        configureResolverWithWellKnownOpenIdConfiguration in interface OpenIdResolverService
        Parameters:
        configUrl - location from which to determine which public key to use
        Returns:
        true if the resolver was configured successfully, false otherwise