public final class Issuer extends Object
With an OpenId well-known end-point:
{
"wellKnownEndpoint" : uriExpression, [REQUIRED]
"issuerHandler" : handler [OPTIONAL - by default it uses the 'ClientHandler'
provided in heap.]
"supportedDomains" : [ patterns ] [OPTIONAL - if this issuer supports other domain names]
}
The 'supportedDomains' are the other domain names supported by this issuer,
their format can include use of regular-expression patterns.
Nota: Declaring these domains in the configuration should be as simple as
possible, without any schemes or end slash i.e.:
GOOD: [ "openam.com", "openam.com:8092", "register.server.com", "allopenamdomains.*" ]
BAD : [ "http://openam.com", "openam.com:8092/", "http://openam.com/" ]
For example, use this kind of configuration if the end-points are not known:
{
"name": "openam",
"type": "Issuer",
"config": {
"wellKnownEndpoint": "http://www.example.com:8081/openam/oauth2/.well-known/openid-configuration"
"supportedDomains" : [ "openam.com", "openam.com:8092", "register.server.com" ]
}
}
Use this configuration if the end-points are known. The well-known end-point is optional as the value will be saved but no request will be performed on this end-point.
{
"authorizeEndpoint" : uriExpression, [REQUIRED]
"tokenEndpoint" : uriExpression, [REQUIRED]
"registrationEndpoint" : uriExpression, [OPTIONAL - allows dynamic client registration]
"userInfoEndpoint" : uriExpression [OPTIONAL - default is no user info]
"wellKnownEndpoint" : uriExpression [OPTIONAL]
"supportedDomains" : [ patterns ] [OPTIONAL - if this issuer supports other domain names]
}
For example:
{
"name": "openam",
"type": "Issuer",
"config": {
"authorizeEndpoint": "http://www.example.com:8081/openam/oauth2/authorize",
"tokenEndpoint": "http://www.example.com:8081/openam/oauth2/access_token",
"userInfoEndpoint": "http://www.example.com:8081/openam/oauth2/userinfo"
}
}
Modifier and Type | Class and Description |
---|---|
static class |
Issuer.Heaplet
Creates and initializes an Issuer object in a heap environment.
|
Modifier and Type | Field and Description |
---|---|
static String |
ISSUER_KEY
The key used to store this issuer in the context.
|
Constructor and Description |
---|
Issuer(String name,
JsonValue config)
Creates an issuer with the specified name and configuration.
|
Modifier and Type | Method and Description |
---|---|
boolean |
equals(Object obj) |
URI |
getAuthorizeEndpoint()
Returns the authorize end-point of this issuer.
|
String |
getName()
Returns the name of this issuer.
|
URI |
getRegistrationEndpoint()
Returns the registration end-point of this issuer.
|
URI |
getTokenEndpoint()
Returns the token end-point of this issuer.
|
URI |
getUserInfoEndpoint()
Returns the user end-point of this issuer.
|
URI |
getWellKnownEndpoint()
Returns the well-known end-point of this issuer.
|
int |
hashCode() |
boolean |
hasUserInfoEndpoint()
Returns
true if this issuer has a user info end-point. |
public static final String ISSUER_KEY
public Issuer(String name, JsonValue config)
name
- The name of this Issuer. When the issuer is created by
discovery, the issuer name is given by the metadata "issuer",
not null.config
- The configuration of this issuer, not null.public URI getAuthorizeEndpoint()
public URI getTokenEndpoint()
public URI getRegistrationEndpoint()
public URI getUserInfoEndpoint()
public URI getWellKnownEndpoint()
public boolean hasUserInfoEndpoint()
true
if this issuer has a user info end-point.true
if this issuer has a user info end-point.Copyright 2011-2015 ForgeRock AS.