Package org.forgerock.opendj.server.config.client

Interface HttpOauth2TokenIntrospectionAuthorizationMechanismCfgClient

    • Method Detail

      • getClientId

        @MandatoryProperty
ValueOrExpression<String> getClientId()
        Gets the "client-id" property.

        Client's ID to use during the HTTP basic authentication against the authorization server.

        Returns:
        Returns the value of the "client-id" property.

      • getClientSecret

        @MandatoryProperty
ValueOrExpression<String> getClientSecret()
        Gets the "client-secret" property.

        Client's secret to use during the HTTP basic authentication against the authorization server.

        Returns:
        Returns the value of the "client-secret" property.

      • getJavaClass

        @MandatoryProperty
ValueOrExpression<String> getJavaClass()
        Gets the "java-class" property.

        Specifies the fully-qualified name of the Java class that provides the HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism implementation.

        Default value: org.opends.server.protocols.http.authz.HttpOAuth2TokenIntrospectionAuthorizationMechanism

        Specified by:
        getJavaClass in interface HttpAuthorizationMechanismCfgClient
        Returns:
        Returns the value of the "java-class" property.

      • getKeyManagerProvider

        ValueOrExpression<String> getKeyManagerProvider()
        Gets the "key-manager-provider" property.

        Specifies the name of the key manager that should be used with this HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism .

        Default value is undefined

        Returns:
        Returns the value of the "key-manager-provider" property.

      • setKeyManagerProvider

        void setKeyManagerProvider​(ValueOrExpression<String> value)
                    throws PropertyException
        Sets the "key-manager-provider" property.

        Specifies the name of the key manager that should be used with this HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism .

        Parameters:
        value - The value of the "key-manager-provider" property.
        Throws:
        PropertyException - If the new value is invalid.

      • getSslCertNickname

        SortedSet<ValueOrExpression<String>> getSslCertNickname()
        Gets the "ssl-cert-nickname" property.

        Specifies the nicknames (also called the aliases) of the keys or key pairs that the HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism should use when performing SSL communication.

        The property can be used multiple times (referencing different nicknames) when server certificates with different public key algorithms are used in parallel (for example, RSA, DSA, and ECC-based algorithms). When a nickname refers to an asymmetric (public/private) key pair, the nickname for the public key certificate and associated private key entry must match exactly. A single nickname is used to retrieve both the public key and the private key. This is only applicable when the HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism is configured to use SSL.

        Returns:
        Returns the values of the "ssl-cert-nickname" property.

      • setSslCertNickname

        void setSslCertNickname​(Collection<ValueOrExpression<String>> values)
                 throws PropertyException
        Sets the "ssl-cert-nickname" property.

        Specifies the nicknames (also called the aliases) of the keys or key pairs that the HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism should use when performing SSL communication.

        The property can be used multiple times (referencing different nicknames) when server certificates with different public key algorithms are used in parallel (for example, RSA, DSA, and ECC-based algorithms). When a nickname refers to an asymmetric (public/private) key pair, the nickname for the public key certificate and associated private key entry must match exactly. A single nickname is used to retrieve both the public key and the private key. This is only applicable when the HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism is configured to use SSL.

        Parameters:
        values - The values of the "ssl-cert-nickname" property.
        Throws:
        PropertyException - If one or more of the new values are invalid.

      • getSslCipherSuite

        SortedSet<ValueOrExpression<String>> getSslCipherSuite()
        Gets the "ssl-cipher-suite" property.

        Specifies the names of the SSL cipher suites that are allowed for use in SSL or TLS communication.

        Returns:
        Returns the values of the "ssl-cipher-suite" property.

      • setSslCipherSuite

        void setSslCipherSuite​(Collection<ValueOrExpression<String>> values)
                throws PropertyException
        Sets the "ssl-cipher-suite" property.

        Specifies the names of the SSL cipher suites that are allowed for use in SSL or TLS communication.

        Parameters:
        values - The values of the "ssl-cipher-suite" property.
        Throws:
        PropertyException - If one or more of the new values are invalid.

      • getSslProtocol

        SortedSet<ValueOrExpression<String>> getSslProtocol()
        Gets the "ssl-protocol" property.

        Specifies the names of the SSL protocols that are allowed for use in SSL or TLS communication.

        Returns:
        Returns the values of the "ssl-protocol" property.

      • setSslProtocol

        void setSslProtocol​(Collection<ValueOrExpression<String>> values)
             throws PropertyException
        Sets the "ssl-protocol" property.

        Specifies the names of the SSL protocols that are allowed for use in SSL or TLS communication.

        Parameters:
        values - The values of the "ssl-protocol" property.
        Throws:
        PropertyException - If one or more of the new values are invalid.

      • getTokenIntrospectionUrl

        @MandatoryProperty
ValueOrExpression<String> getTokenIntrospectionUrl()
        Gets the "token-introspection-url" property.

        Defines the token introspection endpoint URL where the access-token resolution request should be sent. (example: http://example.com/introspect)

        Returns:
        Returns the value of the "token-introspection-url" property.

      • setTokenIntrospectionUrl

        @MandatoryProperty
void setTokenIntrospectionUrl​(ValueOrExpression<String> value)
                       throws PropertyException
        Sets the "token-introspection-url" property.

        Defines the token introspection endpoint URL where the access-token resolution request should be sent. (example: http://example.com/introspect)

        Parameters:
        value - The value of the "token-introspection-url" property.
        Throws:
        PropertyException - If the new value is invalid.

      • getTrustManagerProvider

        ValueOrExpression<String> getTrustManagerProvider()
        Gets the "trust-manager-provider" property.

        Specifies the name of the trust manager that should be used when negotiating SSL connections with the remote authorization server.

        Returns:
        Returns the value of the "trust-manager-provider" property.

      • setTrustManagerProvider

        void setTrustManagerProvider​(ValueOrExpression<String> value)
                      throws PropertyException
        Sets the "trust-manager-provider" property.

        Specifies the name of the trust manager that should be used when negotiating SSL connections with the remote authorization server.

        Parameters:
        value - The value of the "trust-manager-provider" property.
        Throws:
        PropertyException - If the new value is invalid.