org.keycloak.broker.oidc.OIDCIdentityProviderConfig

All Implemented Interfaces:: Serializable

Direct Known Subclasses:: FacebookIdentityProviderConfig, GoogleIdentityProviderConfig, MicrosoftIdentityProviderConfig

public class OIDCIdentityProviderConfig extends OAuth2IdentityProviderConfig

Author:

Pedro Igor

See Also:

Serialized Form

Field Summary

Fields

Modifier and Type

Field

Description

static final String

IS_ACCESS_TOKEN_JWT

static final String

JWKS_URL

static final String

USE_JWKS_URL

static final String

VALIDATE_SIGNATURE

Fields inherited from class org.keycloak.broker.oidc.OAuth2IdentityProviderConfig
PKCE_ENABLED, PKCE_METHOD

Fields inherited from class org.keycloak.models.IdentityProviderModel
addReadTokenRoleOnCreate, ALLOWED_CLOCK_SKEW, CLAIM_FILTER_NAME, CLAIM_FILTER_VALUE, DO_NOT_STORE_USERS, FILTERED_BY_CLAIMS, HIDE_ON_LOGIN, linkOnly, LOGIN_HINT, PASS_MAX_AGE, SYNC_MODE
Constructor Summary

Constructors

Constructor

Description

OIDCIdentityProviderConfig()

OIDCIdentityProviderConfig(IdentityProviderModel identityProviderModel)
Method Summary

Modifier and Type

Method

Description

int

getAllowedClockSkew()

String

getIssuer()

String

getJwksUrl()

String

getLogoutUrl()

String

getPrompt()

String

getPublicKeySignatureVerifier()

String

getPublicKeySignatureVerifierKeyId()

boolean

isAccessTokenJwt()

boolean

isBackchannelSupported()

boolean

isDisableNonce()

boolean

isDisableUserInfoService()

boolean

isUseJwksUrl()

boolean

isValidateSignature()

void

setAccessTokenJwt(boolean accessTokenJwt)

void

setBackchannelSupported(boolean backchannel)

void

setDisableNonce(boolean disableNonce)

void

setDisableUserInfoService(boolean disable)

void

setIssuer(String issuer)

void

setJwksUrl(String jwksUrl)

void

setLogoutUrl(String url)

void

setPrompt(String prompt)

void

setPublicKeySignatureVerifier(String signingCertificate)

void

setPublicKeySignatureVerifierKeyId(String publicKeySignatureVerifierKeyId)

void

setUseJwksUrl(boolean useJwksUrl)

void

setValidateSignature(boolean validateSignature)

void

validate(RealmModel realm)

Validates this configuration.

Methods inherited from class org.keycloak.broker.oidc.OAuth2IdentityProviderConfig
getAuthorizationUrl, getClientAssertionAudience, getClientAssertionSigningAlg, getClientAuthMethod, getClientId, getClientSecret, getDefaultScope, getForwardParameters, getPkceMethod, getTokenUrl, getUserInfoUrl, isBasicAuthentication, isJWTAuthentication, isPkceEnabled, isUiLocales, setAuthorizationUrl, setClientAssertionAudience, setClientAssertionSigningAlg, setClientAuthMethod, setClientId, setClientSecret, setDefaultScope, setForwardParameters, setPkceEnabled, setPkceMethod, setTokenUrl, setUiLocales, setUserInfoUrl

Methods inherited from class org.keycloak.models.IdentityProviderModel
getAlias, getClaimFilterName, getClaimFilterValue, getConfig, getDisplayIconClasses, getDisplayName, getFirstBrokerLoginFlowId, getInternalId, getPostBrokerLoginFlowId, getProviderId, getSyncMode, isAddReadTokenRoleOnCreate, isAuthenticateByDefault, isEnabled, isFilteredByClaims, isHideOnLogin, isLinkOnly, isLoginHint, isPassMaxAge, isStoreToken, isTransientUsers, isTrustEmail, setAddReadTokenRoleOnCreate, setAlias, setAuthenticateByDefault, setClaimFilterName, setClaimFilterValue, setConfig, setDisplayName, setEnabled, setFilteredByClaims, setFirstBrokerLoginFlowId, setHideOnLogin, setInternalId, setLinkOnly, setLoginHint, setPassMaxAge, setPostBrokerLoginFlowId, setProviderId, setStoreToken, setSyncMode, setTransientUsers, setTrustEmail

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details
- JWKS_URL
  
  public static final String JWKS_URL
  See Also:
  
  Constant Field Values
- USE_JWKS_URL
  
  public static final String USE_JWKS_URL
  See Also:
  
  Constant Field Values
- VALIDATE_SIGNATURE
  
  public static final String VALIDATE_SIGNATURE
  See Also:
  
  Constant Field Values
- IS_ACCESS_TOKEN_JWT
  
  public static final String IS_ACCESS_TOKEN_JWT
  See Also:
  
  Constant Field Values
Constructor Details
- OIDCIdentityProviderConfig
  
  public OIDCIdentityProviderConfig(IdentityProviderModel identityProviderModel)
- OIDCIdentityProviderConfig
  
  public OIDCIdentityProviderConfig()
Method Details
- getPrompt
  
  public String getPrompt()
  
  Overrides:
  
  getPrompt in class OAuth2IdentityProviderConfig
- setPrompt
  
  public void setPrompt(String prompt)
- getIssuer
  
  public String getIssuer()
- setIssuer
  
  public void setIssuer(String issuer)
- getLogoutUrl
  
  public String getLogoutUrl()
- setLogoutUrl
  
  public void setLogoutUrl(String url)
- getPublicKeySignatureVerifier
  
  public String getPublicKeySignatureVerifier()
- setPublicKeySignatureVerifier
  
  public void setPublicKeySignatureVerifier(String signingCertificate)
- getPublicKeySignatureVerifierKeyId
  
  public String getPublicKeySignatureVerifierKeyId()
- setPublicKeySignatureVerifierKeyId
  
  public void setPublicKeySignatureVerifierKeyId(String publicKeySignatureVerifierKeyId)
- isValidateSignature
  
  public boolean isValidateSignature()
- setValidateSignature
  
  public void setValidateSignature(boolean validateSignature)
- setAccessTokenJwt
  
  public void setAccessTokenJwt(boolean accessTokenJwt)
- isAccessTokenJwt
  
  public boolean isAccessTokenJwt()
- isUseJwksUrl
  
  public boolean isUseJwksUrl()
- setUseJwksUrl
  
  public void setUseJwksUrl(boolean useJwksUrl)
- getJwksUrl
  
  public String getJwksUrl()
- setJwksUrl
  
  public void setJwksUrl(String jwksUrl)
- isBackchannelSupported
  
  public boolean isBackchannelSupported()
- setBackchannelSupported
  
  public void setBackchannelSupported(boolean backchannel)
- isDisableUserInfoService
  
  public boolean isDisableUserInfoService()
- setDisableUserInfoService
  
  public void setDisableUserInfoService(boolean disable)
- isDisableNonce
  
  public boolean isDisableNonce()
- setDisableNonce
  
  public void setDisableNonce(boolean disableNonce)
- getAllowedClockSkew
  
  public int getAllowedClockSkew()
- validate
  
  public void validate(RealmModel realm)
  
  Description copied from class: IdentityProviderModel
  
  Validates this configuration.
  Sub-classes can override this method in order to enforce provider specific validations.
  
  Overrides:
  
  validate in class OAuth2IdentityProviderConfig
  
  Parameters:
  
  realm - the realm

Class OIDCIdentityProviderConfig

Field Summary

Fields inherited from class org.keycloak.broker.oidc.OAuth2IdentityProviderConfig

Fields inherited from class org.keycloak.models.IdentityProviderModel

Constructor Summary

Method Summary

Methods inherited from class org.keycloak.broker.oidc.OAuth2IdentityProviderConfig

Methods inherited from class org.keycloak.models.IdentityProviderModel

Methods inherited from class java.lang.Object

Field Details

JWKS_URL

USE_JWKS_URL

VALIDATE_SIGNATURE

IS_ACCESS_TOKEN_JWT

Constructor Details

OIDCIdentityProviderConfig

OIDCIdentityProviderConfig

Method Details

getPrompt

setPrompt

getIssuer

setIssuer

getLogoutUrl

setLogoutUrl

getPublicKeySignatureVerifier

setPublicKeySignatureVerifier

getPublicKeySignatureVerifierKeyId

setPublicKeySignatureVerifierKeyId

isValidateSignature

setValidateSignature

setAccessTokenJwt

isAccessTokenJwt

isUseJwksUrl

setUseJwksUrl

getJwksUrl

setJwksUrl

isBackchannelSupported

setBackchannelSupported

isDisableUserInfoService

setDisableUserInfoService

isDisableNonce

setDisableNonce

getAllowedClockSkew

validate