Package org.keycloak.protocol.oauth2.cimd.provider

Class PersistentClientIdMetadataDocumentProvider

java.lang.Object

org.keycloak.protocol.oauth2.cimd.provider.AbstractPersistentClientIdMetadataDocumentProvider<ClientIdMetadataDocumentExecutor.Configuration>

org.keycloak.protocol.oauth2.cimd.provider.PersistentClientIdMetadataDocumentProvider

All Implemented Interfaces:

ClientIdMetadataDocumentProvider<ClientIdMetadataDocumentExecutor.Configuration>, Provider

public class PersistentClientIdMetadataDocumentProvider
extends AbstractPersistentClientIdMetadataDocumentProvider<ClientIdMetadataDocumentExecutor.Configuration>

The class is a concrete class of AbstractPersistentClientIdMetadataDocumentProvider.

Client Metadata Augmentation in ClientRepresentation: The class provide the following policies:

• Consent required: to mitigate the risk of phishing, the CIMD and MCP specification requires an authorization server to show information on a client on the consent screen.
• Full scope allowed: to follow least-privilege principle, only required scopes are permitted to a client.

Author:

Takashi Norimatsu

Field Summary

Fields

Modifier and Type	Field	Description
protected org.jboss.logging.Logger	logger

Fields inherited from class org.keycloak.protocol.oauth2.cimd.provider.AbstractPersistentClientIdMetadataDocumentProvider

CIMD_CACHE_EXPIRY_TIME_IN_SEC, configuration, session

Constructor Summary

Constructors

Constructor	Description
PersistentClientIdMetadataDocumentProvider(KeycloakSession session)

Method Summary

Modifier and Type	Method	Description
void	augmentClientMetadata(ClientRepresentation clientRep)	Augments a client metadata.
ClientIdMetadataDocumentExecutor.Configuration	getConfiguration()	Gets a configuration of an executor for Client ID metadata document.
org.jboss.logging.Logger	getLogger()
void	setConfiguration(ClientIdMetadataDocumentExecutor.Configuration configuration)	Sets a configuration of an executor for Client ID metadata document.

Methods inherited from class org.keycloak.protocol.oauth2.cimd.provider.AbstractPersistentClientIdMetadataDocumentProvider

createClientMetadata, determineFetchOperation, setCacheExpiryTimeToClientMetadata, setCacheExpiryTimeToClientMetadata, updateClientMetadata

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.keycloak.protocol.oauth2.cimd.provider.ClientIdMetadataDocumentProvider

close

Field Details

logger

protected org.jboss.logging.Logger logger

Constructor Details

PersistentClientIdMetadataDocumentProvider

public PersistentClientIdMetadataDocumentProvider(KeycloakSession session)

Method Details

getLogger

public org.jboss.logging.Logger getLogger()

Specified by:

getLogger in class AbstractPersistentClientIdMetadataDocumentProvider<ClientIdMetadataDocumentExecutor.Configuration>

getConfiguration

public ClientIdMetadataDocumentExecutor.Configuration getConfiguration()

Description copied from interface: ClientIdMetadataDocumentProvider

Gets a configuration of an executor for Client ID metadata document.

Returns:

CONFIG extends AbstractClientIdMetadataDocumentExecutor.Configuration

setConfiguration

public void setConfiguration(ClientIdMetadataDocumentExecutor.Configuration configuration)

Description copied from interface: ClientIdMetadataDocumentProvider

Sets a configuration of an executor for Client ID metadata document.

Parameters:

configuration - a configuration of an executor for Client ID metadata document, not null

augmentClientMetadata

public void augmentClientMetadata(ClientRepresentation clientRep)

Description copied from interface: ClientIdMetadataDocumentProvider

Augments a client metadata.

Parameters:

clientRep - a client metadata in ClientRepresentation, not null