Class ClientRegistrationFilter

  • All Implemented Interfaces:
    Filter

    public class ClientRegistrationFilter
    extends Object
    implements Filter
    The client registration filter is the way to dynamically register an OpenID Connect Relying Party with the End-User's OpenID Provider.

    All OpenID metadata must be included in the OAuth2ClientFilter configuration, in the "metadata" attribute. Note that for dynamic client registration, only the "redirect_uris" attribute is mandatory. Notably, where private_key_jwt authentication is configured, the "jwks" metadata should be omitted as this will be determined by the ClientRegistrationFilter from the configured discoverySecretId.

    The supplied ClientRegistrationStrategy determines the authentication mechanism used.

    Note: When using AM, the "scopes" may be specified to this configuration but it must be defined as: "scopes"(array of string), which differs from the OAuth2 metadata "scope" (a string containing a space separated list of scope values).
    See Also:
    OpenID Connect Dynamic Client Registration 1.0, OpenID Connect Dynamic Client Registration 1.0 , OAuth 2.0 Dynamic Client Registration Protocol
    • Constructor Detail

      • ClientRegistrationFilter

        public ClientRegistrationFilter​(org.forgerock.openig.filter.oauth2.client.ClientRegistrationRepository repository,
                                        ClientRegistrationStrategy registrationStrategy)
        Creates a new dynamic registration filter.
        Parameters:
        repository - The ClientRegistrationRepository holding the registrations values.
        registrationStrategy - The ClientRegistrationStrategy used to conduct client registration.
    • Method Detail

      • filter

        public Promise<Response,​NeverThrowsException> filter​(Context context,
                                                                   Request request,
                                                                   Handler next)
        Description copied from interface: Filter
        Filters the request and/or response of an exchange. To pass the request to the next filter or handler in the chain, the filter calls next.handle(context, request).

        This method may elect not to pass the request to the next filter or handler, and instead handle the request itself. It can achieve this by merely avoiding a call to next.handle(context, request) and creating its own response object. The filter is also at liberty to replace a response with another of its own by intercepting the response returned by the next handler.

        Specified by:
        filter in interface Filter
        Parameters:
        context - The request context.
        request - The request.
        next - The next filter or handler in the chain to handle the request.
        Returns:
        A Promise representing the response to be returned to the client.