Class TokenManagerOpenIDConnect
- java.lang.Object
-
- de.fraunhofer.iosb.ilt.sta.service.TokenManagerOpenIDConnect
-
- All Implemented Interfaces:
TokenManager<TokenManagerOpenIDConnect>
public class TokenManagerOpenIDConnect extends Object implements TokenManager<TokenManagerOpenIDConnect>
A TokenManager for JsonWebTokens used in OpenID Connect authentication.- Author:
- scf
-
-
Constructor Summary
Constructors Constructor Description TokenManagerOpenIDConnect()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidaddAuthHeader(org.apache.http.HttpRequest request)Add any headers to the request that are required Authentication and Authorisation.org.apache.http.impl.client.CloseableHttpClientgetHttpClient()Get the HTTP client this TokenManager uses to fetch tokens.StringgetToken()booleanisExpired()TokenManagerOpenIDConnectsetAutoRefresh(boolean autoRefresh)Turns autoRefresh on or off.TokenManagerOpenIDConnectsetClientId(String clientId)The clientId to use for fetching tokens.TokenManagerOpenIDConnectsetHttpClient(org.apache.http.impl.client.CloseableHttpClient client)Set the HTTP client this TokenManager uses to fetch tokens.TokenManagerOpenIDConnectsetKeyType(String keyType)The type of public key (RSA or DSA).TokenManagerOpenIDConnectsetPassword(String password)Set the password to use for getting Tokens.TokenManagerOpenIDConnectsetRefreshExpireDuration(int refreshExpireDuration)Set the expire duration of the refresh token.TokenManagerOpenIDConnectsetRefreshToken(String refreshToken)Set a refreshToken.TokenManagerOpenIDConnectsetSigningKey(String signingKey)The public key to use for validating the token signature.TokenManagerOpenIDConnectsetTokenServerUrl(String tokenServerUrl)Set the URL to fetch tokens from.TokenManagerOpenIDConnectsetUserName(String userName)Set the username to use for getting Tokens.booleanvalidateToken(String token)
-
-
-
Method Detail
-
addAuthHeader
public void addAuthHeader(org.apache.http.HttpRequest request)
Description copied from interface:TokenManagerAdd any headers to the request that are required Authentication and Authorisation.- Specified by:
addAuthHeaderin interfaceTokenManager<TokenManagerOpenIDConnect>- Parameters:
request- The request to modify.
-
isExpired
public boolean isExpired()
-
getToken
public String getToken()
-
validateToken
public boolean validateToken(String token)
-
setHttpClient
public TokenManagerOpenIDConnect setHttpClient(org.apache.http.impl.client.CloseableHttpClient client)
Set the HTTP client this TokenManager uses to fetch tokens.- Specified by:
setHttpClientin interfaceTokenManager<TokenManagerOpenIDConnect>- Parameters:
client- The CloseableHttpClient to use for fetching Tokens.- Returns:
- this TokenManager
-
getHttpClient
public org.apache.http.impl.client.CloseableHttpClient getHttpClient()
Get the HTTP client this TokenManager uses to fetch tokens.- Specified by:
getHttpClientin interfaceTokenManager<TokenManagerOpenIDConnect>- Returns:
- The HTTP client this TokenManager uses to fetch tokens.
-
setTokenServerUrl
public TokenManagerOpenIDConnect setTokenServerUrl(String tokenServerUrl)
Set the URL to fetch tokens from. Usually in the form of http://example.com/auth/realms/{realm}/protocol/openid-connect/token- Parameters:
tokenServerUrl- The URL to fetch tokens from.- Returns:
- this TokenManager
-
setClientId
public TokenManagerOpenIDConnect setClientId(String clientId)
The clientId to use for fetching tokens. This client has to be able to use Direct Access Grants on the Authentication server.- Parameters:
clientId- The clientId on the Auth Server.- Returns:
- this TokenManager
-
setUserName
public TokenManagerOpenIDConnect setUserName(String userName)
Set the username to use for getting Tokens.- Parameters:
userName- The username to use for getting Tokens.- Returns:
- this TokenManager
-
setPassword
public TokenManagerOpenIDConnect setPassword(String password)
Set the password to use for getting Tokens.- Parameters:
password- The password to use for getting Tokens.- Returns:
- this TokenManager
-
setSigningKey
public TokenManagerOpenIDConnect setSigningKey(String signingKey)
The public key to use for validating the token signature.- Parameters:
signingKey- The Base64 encoded public key.- Returns:
- this TokenManager
-
setKeyType
public TokenManagerOpenIDConnect setKeyType(String keyType)
The type of public key (RSA or DSA).- Parameters:
keyType- The type of public key (RSA or DSA).- Returns:
- this TokenManager
-
setRefreshToken
public TokenManagerOpenIDConnect setRefreshToken(String refreshToken)
Set a refreshToken. If you do not want to pass a username and password, you can instead fetch a token yourself, and pass the refresh token to the TokenManager. The TokenManager will then use this refreshToken to fetch an actual token.- Parameters:
refreshToken- The refreshToken to use instead of username/password.- Returns:
- this TokenManager
-
setRefreshExpireDuration
public TokenManagerOpenIDConnect setRefreshExpireDuration(int refreshExpireDuration)
Set the expire duration of the refresh token. If autoRefresh is true, and no activity has occurred long enough for the refresh token to (almost) expire, an automatic refresh of the token will be done. If you set this you probably also want to set autoRefresh to true.- Parameters:
refreshExpireDuration- The expire duration of the refresh token.- Returns:
- this TokenManager
-
setAutoRefresh
public TokenManagerOpenIDConnect setAutoRefresh(boolean autoRefresh)
Turns autoRefresh on or off. If autoRefresh is true, and no activity has occurred long enough for the refresh token to (almost) expire, an automatic refresh of the token will be done. If the auth server does not specify the refresh token lifetime, you will have to set it withsetRefreshExpireDuration(int)- Parameters:
autoRefresh- Should autoRefresh happen or not.- Returns:
- this TokenManager
-
-