Package org.keycloak.protocol.oidc

Class OIDCProviderConfig

java.lang.Object
org.keycloak.protocol.oidc.OIDCProviderConfig
public class OIDCProviderConfig extends Object
Author:
Patrick Weiner

  • Field Details

    • DEFAULT_REQ_PARAMS_DEFAULT_MAX_SIZE

      public static final int DEFAULT_REQ_PARAMS_DEFAULT_MAX_SIZE
      Maximum default length of the standard OIDC parameter sent to the OIDC authentication or token request.
      See Also:

    • DEFAULT_REQ_TOKEN_PARAMS_DEFAULT_MAX_SIZE

      public static final int DEFAULT_REQ_TOKEN_PARAMS_DEFAULT_MAX_SIZE
      Maximum default length of the standard OIDC parameter sent to the OIDC token request in case the parameter is "token" parameter. As "token" parameter is considered a parameter containing long token (for example JWT or SAML assertion) with unbounded data (For example possibly big amount of roles inside JWT). Applies for example for parameters like "subject_token" sent in case of token exchange grant.
      See Also:

    • DEFAULT_ADDITIONAL_REQ_PARAMS_MAX_NUMBER

      public static final int DEFAULT_ADDITIONAL_REQ_PARAMS_MAX_NUMBER
      Default value for additionalReqParamsMaxNumber if case no configuration property is set.
      See Also:

    • DEFAULT_ADDITIONAL_REQ_PARAMS_MAX_SIZE

      public static final int DEFAULT_ADDITIONAL_REQ_PARAMS_MAX_SIZE
      Default value for additionalReqParamsMaxSize if case no configuration property is set.
      See Also:

    • DEFAULT_ADDITIONAL_REQ_PARAMS_FAIL_FAST

      public static final boolean DEFAULT_ADDITIONAL_REQ_PARAMS_FAIL_FAST
      Default value for additionalReqParamsFailFast in case no configuration property is set.
      See Also:

    • DEFAULT_ADDITIONAL_REQ_TOKEN_PARAMS_FAIL_FAST

      public static final boolean DEFAULT_ADDITIONAL_REQ_TOKEN_PARAMS_FAIL_FAST
      Default value for additionalReqTokenParamsFailFast in case no configuration property is set.
      See Also:

    • DEFAULT_ADDITIONAL_REQ_PARAMS_MAX_OVERALL_SIZE

      public static final int DEFAULT_ADDITIONAL_REQ_PARAMS_MAX_OVERALL_SIZE
      Default value for additionalReqParamsMaxOverallSize in case no configuration property is set.
      See Also:

    • DEFAULT_ALLOW_MULTIPLE_AUDIENCES_FOR_JWT_CLIENT_AUTHENTICATION

      public static final boolean DEFAULT_ALLOW_MULTIPLE_AUDIENCES_FOR_JWT_CLIENT_AUTHENTICATION
      Deprecated.
      to be removed in Keycloak 27
      See Also:

    • DEFAULT_ALLOW_TOKEN_INTROSPECTION_WITHOUT_AUDIENCE_CHECK

      public static final boolean DEFAULT_ALLOW_TOKEN_INTROSPECTION_WITHOUT_AUDIENCE_CHECK
      See Also:

    • DEFAULT_ALLOW_USERINFO_WITH_LIGHTWEIGHT_ACCESS_TOKEN

      public static final boolean DEFAULT_ALLOW_USERINFO_WITH_LIGHTWEIGHT_ACCESS_TOKEN
      See Also:

  • Constructor Details

    • OIDCProviderConfig

      public OIDCProviderConfig(Config.Scope config)

  • Method Details

    • getAdditionalReqParamsMaxNumber

      public int getAdditionalReqParamsMaxNumber()

    • getAdditionalReqParamsMaxSize

      public int getAdditionalReqParamsMaxSize()

    • isAdditionalReqParamsFailFast

      public boolean isAdditionalReqParamsFailFast(boolean isTokenParam)

    • getAdditionalReqParamsMaxOverallSize

      public int getAdditionalReqParamsMaxOverallSize()

    • isAllowMultipleAudiencesForJwtClientAuthentication

      public boolean isAllowMultipleAudiencesForJwtClientAuthentication()

    • isAllowTokenIntrospectionWithoutAudienceCheck

      public boolean isAllowTokenIntrospectionWithoutAudienceCheck()

    • isAllowUserinfoWithLightweightAccessToken

      public boolean isAllowUserinfoWithLightweightAccessToken()

    • getMaxLengthForTheParameter

      public int getMaxLengthForTheParameter(String paramName, boolean isTokenParam)
      Parameters:
      paramName - Parameter name. Expected to be one of the known OIDC parameters
      isTokenParam - If this parameter represents token (like for example JWT)
      Returns:
      maximum length for the specified OIDC parameter