org.forgerock.openidconnect

Interface OpenIdConnectClientRegistration

All Superinterfaces:

ClientRegistration

All Known Implementing Classes:

AgentClientRegistration, OpenAMClientRegistration

public interface OpenIdConnectClientRegistration
extends ClientRegistration

Models an OpenId Connect client registration in the OAuth2 provider.

Since:

12.0.0

Method Summary

Modifier and Type	Method and Description
long	getAccessTokenLifeTime(OAuth2ProviderSettings providerSettings) Gets the access token life time in milliseconds.
long	getAuthorizationCodeLifeTime(OAuth2ProviderSettings providerSettings) Gets the authorization code life time in milliseconds.
Key	getIDTokenEncryptionKey() Gets the encryption key used to encrypt OpenID Connect tokens.
String	getIDTokenEncryptionResponseAlgorithm() Gets the algorithm used to encrypt OpenID Connect tokens.
String	getIDTokenEncryptionResponseMethod() Gets the encryption method used to encrypt OpenID Connect tokens.
String	getIDTokenSignedResponseAlgorithm() Gets the OpenId Token signed response algorithm.
long	getJwtTokenLifeTime(OAuth2ProviderSettings providerSettings) Gets the JWT token life time in milliseconds.
long	getRefreshTokenLifeTime(OAuth2ProviderSettings providerSettings) Gets the refresh token life time in milliseconds.
URI	getSectorIdentifierUri() Gets the subject identifier uri.
String	getSubValue(String id, OAuth2ProviderSettings providerSettings) Retrieve the sub value, appropriate for the client subject type, or null if there are issues with its formation.
String	getTokenEndpointAuthMethod() Gets the token_endpoint_auth_method configured for this client.
boolean	isIDTokenEncryptionEnabled() Determines if ID token encryption is enabled.

Methods inherited from interface org.forgerock.oauth2.core.ClientRegistration

getAccessTokenType, getAllowedResponseTypes, getAllowedScopes, getClaimDescriptions, getClientId, getClientSecret, getClientSessionURI, getDefaultScopes, getDisplayDescription, getDisplayName, getPostLogoutRedirectUris, getRedirectUris, getScopeDescriptions, getSubjectType, isConfidential, isConsentImplied, verifyJwtIdentity

Method Detail

getIDTokenSignedResponseAlgorithm

String getIDTokenSignedResponseAlgorithm()

Gets the OpenId Token signed response algorithm.

Returns:

The OpenId token signed response algorithm.

isIDTokenEncryptionEnabled

boolean isIDTokenEncryptionEnabled()

Determines if ID token encryption is enabled.

Returns:

true if ID token encryption is enabled.

getIDTokenEncryptionResponseAlgorithm

String getIDTokenEncryptionResponseAlgorithm()

Gets the algorithm used to encrypt OpenID Connect tokens.

Returns:

The OpenID Connect token encryption algorithm.

getIDTokenEncryptionResponseMethod

String getIDTokenEncryptionResponseMethod()

Gets the encryption method used to encrypt OpenID Connect tokens.

Returns:

The OpenID Connect token encryption method.

getIDTokenEncryptionKey

Key getIDTokenEncryptionKey()

Gets the encryption key used to encrypt OpenID Connect tokens. This will either be the public key if RSA encryption is used, or the truncated SHA-2 hash of the client secret as per section 10.2 of the OpenID Connect spec.

Returns:

The OpenID Connect token encryption key.

See Also:

OpenID Connect 1.0 Section 10.2 - Encryption

getTokenEndpointAuthMethod

String getTokenEndpointAuthMethod()

Gets the token_endpoint_auth_method configured for this client.

getSectorIdentifierUri

URI getSectorIdentifierUri()

Gets the subject identifier uri.

getSubValue

String getSubValue(String id,
                   OAuth2ProviderSettings providerSettings)

Retrieve the sub value, appropriate for the client subject type, or null if there are issues with its formation.

getAuthorizationCodeLifeTime

long getAuthorizationCodeLifeTime(OAuth2ProviderSettings providerSettings)
                           throws ServerException

Gets the authorization code life time in milliseconds.

Parameters:

providerSettings - An instance of the OAuth2ProviderSettings.

Returns:

The authorization code life time in milliseconds.

Throws:

ServerException - If any internal server error occurs.

getAccessTokenLifeTime

long getAccessTokenLifeTime(OAuth2ProviderSettings providerSettings)
                     throws ServerException

Gets the access token life time in milliseconds.

Parameters:

providerSettings - An instance of the OAuth2ProviderSettings.

Returns:

The access token life time in milliseconds.

Throws:

ServerException - If any internal server error occurs.

getRefreshTokenLifeTime

long getRefreshTokenLifeTime(OAuth2ProviderSettings providerSettings)
                      throws ServerException

Gets the refresh token life time in milliseconds.

Parameters:

providerSettings - An instance of the OAuth2ProviderSettings.

Returns:

The refresh token life time in milliseconds.

Throws:

ServerException - If any internal server error occurs.

getJwtTokenLifeTime

long getJwtTokenLifeTime(OAuth2ProviderSettings providerSettings)
                  throws ServerException

Gets the JWT token life time in milliseconds.

Parameters:

providerSettings - An instance of the OAuth2ProviderSettings.

Returns:

The JWT token life time in milliseconds.

Throws:

ServerException - If any internal server error occurs.