Interface TenantConfig
- All Known Implementing Classes:
OidcConfig
public interface TenantConfig
Tenant configuration.
-
Nested Class Summary
Modifier and TypeInterfaceDescriptionstatic final class
A fluent APIBuilder
to build instances ofTenantConfig
. -
Method Summary
Modifier and TypeMethodDescriptionaudience()
Expected token audience.Authorization endpoint.Base scopes to require from OIDC server.clientId()
Client id of this client.Client secret.Expected timeout of HTTP client operations.Identity server URI.name()
Name of the tenant.OIDC metadata.realm()
Realm to use for WWW-Authenticate response (if needed).Audience URI of custom scopes.Server type.static TenantConfig.Builder
Create newTenantConfig.Builder
instance.Introspection endpoint URI.Return provided token issuer.Logout endpoint on OIDC server.JWK used for signature validation.Token endpoint URI.Type of authentication mechanism used for token endpoint.boolean
Whether to use OIDC well known metadata.boolean
Whether to validate JWT with JWK information (e.g.
-
Method Details
-
tenantBuilder
Create newTenantConfig.Builder
instance.- Returns:
- new builder instance
-
clientId
String clientId()Client id of this client.- Returns:
- client id
-
name
String name()Name of the tenant.- Returns:
- tenant name
-
baseScopes
String baseScopes()Base scopes to require from OIDC server.- Returns:
- base scopes
-
validateJwtWithJwk
boolean validateJwtWithJwk()Whether to validate JWT with JWK information (e.g. verify signatures locally).- Returns:
- if we should validate JWT with JWK
-
tenantIntrospectUri
Introspection endpoint URI. Empty if no introspection endpoint has been provided via configuration.- Returns:
- introspection endpoint URI
-
tenantIssuer
Return provided token issuer. Empty if no issuer has been provided via configuration.- Returns:
- token issuer
-
tenantSignJwk
JWK used for signature validation. Empty if no jwk has been provided via configuration.- Returns:
- set of keys used to verify tokens
-
tenantLogoutEndpointUri
Logout endpoint on OIDC server. Empty if no logout endpoint uri has been provided via configuration.- Returns:
- URI of the logout endpoint
-
tenantTokenEndpointUri
Token endpoint URI. Empty if no token endpoint uri has been provided via configuration.- Returns:
- endpoint URI
-
audience
String audience()Expected token audience.- Returns:
- audience
-
scopeAudience
String scopeAudience()Audience URI of custom scopes.- Returns:
- scope audience
-
identityUri
URI identityUri()Identity server URI.- Returns:
- identity server URI
-
realm
String realm()Realm to use for WWW-Authenticate response (if needed).- Returns:
- realm name
-
tokenEndpointAuthentication
OidcConfig.ClientAuthentication tokenEndpointAuthentication()Type of authentication mechanism used for token endpoint.- Returns:
- client authentication type
-
clientTimeout
Duration clientTimeout()Expected timeout of HTTP client operations.- Returns:
- client timeout
-
authorizationEndpoint
Authorization endpoint.- Returns:
- authorization endpoint uri as a string
-
clientSecret
String clientSecret()Client secret.- Returns:
- configured client secret
-
serverType
String serverType()Server type.- Returns:
- configured server type
-
oidcMetadata
JsonObject oidcMetadata()OIDC metadata.- Returns:
- configured oidc metadata
-
useWellKnown
boolean useWellKnown()Whether to use OIDC well known metadata.- Returns:
- configured oidc metadata
-