Package de.fraunhofer.iosb.ilt.frostclient.utils

Class TokenManagerOpenIDConnect

java.lang.Object
de.fraunhofer.iosb.ilt.frostclient.utils.TokenManagerOpenIDConnect
All Implemented Interfaces:
TokenManager<TokenManagerOpenIDConnect>
public class TokenManagerOpenIDConnect extends Object implements TokenManager<TokenManagerOpenIDConnect>
A TokenManager for JsonWebTokens used in OpenID Connect authentication.

  • Constructor Details

    • TokenManagerOpenIDConnect

      public TokenManagerOpenIDConnect()

  • Method Details

    • addAuthHeader

      public void addAuthHeader(org.apache.http.HttpRequest request)
      Description copied from interface: TokenManager
      Add any headers to the request that are required Authentication and Authorisation.
      Specified by:
      addAuthHeader in interface TokenManager<TokenManagerOpenIDConnect>
      Parameters:
      request - The request to modify.

    • isExpired

      public boolean isExpired()

    • getToken

      public String getToken()

    • validateToken

      public boolean validateToken(String token)

    • setHttpClient

      public TokenManagerOpenIDConnect setHttpClient(org.apache.http.impl.client.CloseableHttpClient client)
      Set the HTTP client this TokenManager uses to fetch tokens.
      Specified by:
      setHttpClient in interface TokenManager<TokenManagerOpenIDConnect>
      Parameters:
      client - The CloseableHttpClient to use for fetching Tokens.
      Returns:
      this TokenManager

    • getHttpClient

      public org.apache.http.impl.client.CloseableHttpClient getHttpClient()
      Get the HTTP client this TokenManager uses to fetch tokens.
      Specified by:
      getHttpClient in interface TokenManager<TokenManagerOpenIDConnect>
      Returns:
      The HTTP client this TokenManager uses to fetch tokens.

    • setTokenServerUrl

      public TokenManagerOpenIDConnect setTokenServerUrl(String tokenServerUrl)
      Set the URL to fetch tokens from. Usually in the form of http://example.com/auth/realms/{realm}/protocol/openid-connect/token
      Parameters:
      tokenServerUrl - The URL to fetch tokens from.
      Returns:
      this TokenManager

    • setClientId

      public TokenManagerOpenIDConnect setClientId(String clientId)
      The clientId to use for fetching tokens. This client has to be able to use Direct Access Grants on the Authentication server.
      Parameters:
      clientId - The clientId on the Auth Server.
      Returns:
      this TokenManager

    • setUserName

      public TokenManagerOpenIDConnect setUserName(String userName)
      Set the username to use for getting Tokens.
      Parameters:
      userName - The username to use for getting Tokens.
      Returns:
      this TokenManager

    • setPassword

      public TokenManagerOpenIDConnect setPassword(String password)
      Set the password to use for getting Tokens.
      Parameters:
      password - The password to use for getting Tokens.
      Returns:
      this TokenManager

    • setSigningKey

      public TokenManagerOpenIDConnect setSigningKey(String signingKey)
      The public key to use for validating the token signature.
      Parameters:
      signingKey - The Base64 encoded public key.
      Returns:
      this TokenManager

    • setKeyType

      public TokenManagerOpenIDConnect setKeyType(String keyType)
      The type of public key (RSA or DSA).
      Parameters:
      keyType - The type of public key (RSA or DSA).
      Returns:
      this TokenManager

    • setRefreshToken

      public TokenManagerOpenIDConnect setRefreshToken(String refreshToken)
      Set a refreshToken. If you do not want to pass a username and password, you can instead fetch a token yourself, and pass the refresh token to the TokenManager. The TokenManager will then use this refreshToken to fetch an actual token.
      Parameters:
      refreshToken - The refreshToken to use instead of username/password.
      Returns:
      this TokenManager

    • setRefreshExpireDuration

      public TokenManagerOpenIDConnect setRefreshExpireDuration(int refreshExpireDuration)
      Set the expire duration of the refresh token. If autoRefresh is true, and no activity has occurred long enough for the refresh token to (almost) expire, an automatic refresh of the token will be done. If you set this you probably also want to set autoRefresh to true.
      Parameters:
      refreshExpireDuration - The expire duration of the refresh token.
      Returns:
      this TokenManager

    • setAutoRefresh

      public TokenManagerOpenIDConnect setAutoRefresh(boolean autoRefresh)
      Turns autoRefresh on or off. If autoRefresh is true, and no activity has occurred long enough for the refresh token to (almost) expire, an automatic refresh of the token will be done. If the auth server does not specify the refresh token lifetime, you will have to set it with setRefreshExpireDuration(int)
      Parameters:
      autoRefresh - Should autoRefresh happen or not.
      Returns:
      this TokenManager