Package org.forgerock.openidconnect

Interface OpenIdConnectClientRegistration

    • Method Detail

      • getIDTokenSignedResponseAlgorithm

        String getIDTokenSignedResponseAlgorithm()
        Gets the OpenId Token signed response algorithm.
        Returns:
        The OpenId token signed response algorithm.

      • isIDTokenEncryptionEnabled

        boolean isIDTokenEncryptionEnabled()
        Determines if ID token encryption is enabled.
        Returns:
        true if ID token encryption is enabled.

      • getIDTokenEncryptionResponseAlgorithm

        String getIDTokenEncryptionResponseAlgorithm()
        Gets the algorithm used to encrypt OpenID Connect tokens.
        Returns:
        The OpenID Connect token encryption algorithm.

      • getIDTokenEncryptionResponseMethod

        String getIDTokenEncryptionResponseMethod()
        Gets the encryption method used to encrypt OpenID Connect tokens.
        Returns:
        The OpenID Connect token encryption method.

      • getIDTokenEncryptionKey

        Key getIDTokenEncryptionKey()
        Gets the encryption key used to encrypt OpenID Connect tokens. This will either be the public key if RSA encryption is used, or the truncated SHA-2 hash of the client secret as per section 10.2 of the OpenID Connect spec.
        Returns:
        The OpenID Connect token encryption key.
        See Also:
        OpenID Connect 1.0 Section 10.2 - Encryption

      • getTokenEndpointAuthMethod

        String getTokenEndpointAuthMethod()
        Gets the token_endpoint_auth_method configured for this client.

      • getSectorIdentifierUri

        URI getSectorIdentifierUri()
        Gets the subject identifier uri.

      • getSubValue

        String getSubValue​(String id,
                   OAuth2ProviderSettings providerSettings)
        Retrieve the sub value, appropriate for the client subject type, or null if there are issues with its formation.

      • getAuthorizationCodeLifeTime

        long getAuthorizationCodeLifeTime​(OAuth2ProviderSettings providerSettings)
                           throws ServerException
        Gets the authorization code life time in milliseconds.
        Parameters:
        providerSettings - An instance of the OAuth2ProviderSettings.
        Returns:
        The authorization code life time in milliseconds.
        Throws:
        ServerException - If any internal server error occurs.

      • getAccessTokenLifeTime

        long getAccessTokenLifeTime​(OAuth2ProviderSettings providerSettings)
                     throws ServerException
        Gets the access token life time in milliseconds.
        Parameters:
        providerSettings - An instance of the OAuth2ProviderSettings.
        Returns:
        The access token life time in milliseconds.
        Throws:
        ServerException - If any internal server error occurs.

      • getRefreshTokenLifeTime

        long getRefreshTokenLifeTime​(OAuth2ProviderSettings providerSettings)
                      throws ServerException
        Gets the refresh token life time in milliseconds.
        Parameters:
        providerSettings - An instance of the OAuth2ProviderSettings.
        Returns:
        The refresh token life time in milliseconds.
        Throws:
        ServerException - If any internal server error occurs.

      • getJwtTokenLifeTime

        long getJwtTokenLifeTime​(OAuth2ProviderSettings providerSettings)
                  throws ServerException
        Gets the JWT token life time in milliseconds.
        Parameters:
        providerSettings - An instance of the OAuth2ProviderSettings.
        Returns:
        The JWT token life time in milliseconds.
        Throws:
        ServerException - If any internal server error occurs.