10Duke Java Core: tenduke.sdk.core.auth.AbstractOAuthClient Class Reference

Searching...

No Matches

Detailed Description

Base class for OAuth client implementations.

Note: the second phase construction method init() must be used prior to running an OAuth flow.

Inheritance diagram for tenduke.sdk.core.auth.AbstractOAuthClient:

Public Member Functions
	AbstractOAuthClient (final AuthConfig config, final OkHttpProvider okHttpProvider, final JwtServiceProvider jwtServiceProvider, final ObjectMapper mapper)
	Class constructor.

void	init ()
	Second phase construction hook provided for controlling potentially slow loading of remote OpenId configuration.

VerifiedOAuthTokenResponse	refreshToken (final String refreshToken) throws IOException
	Makes an access token refresh request to the authorization server.

boolean	checkIfJwksUriIsConfigured ()
	Checks if this client instance has configuration for the JWKS endpoint.

boolean	reloadJwks ()
	Requests this client instance to reload keys from the JWKS endpoint.

Protected Member Functions
VerifiedOAuthTokenResponse	parseTokenResponse (final Response response)
	Parses a token response received from the authorization server (Identity Provider).

void	assertStateIsValid ()
	Analyzes state and configuration.

void	loadOpenIdConnectConfiguration ()
	Loads OpenId configuration from configured URL (only if discovery URL is available in configuration).

String	formatConfigMissingMessage (final String formatValue)
	Formats a message for a missing configuration value.

String	formatRuntimeDependencyMissingMessage (final String formatValue)
	Formats a message for a missing configuration value.

abstract boolean	supportsTokenRefresh ()
	Returns flag that tells if the OAuth client implementation supports token refresh.

boolean	updateSigningKeys (final OpenIdConfiguration effectiveOidcConfig, final JwtServiceProvider jwtSp)
	Updates signing keys based on OpenIdConfiguration that has been loaded or changed.

Constructor & Destructor Documentation

◆ AbstractOAuthClient()

tenduke.sdk.core.auth.AbstractOAuthClient.AbstractOAuthClient	(	final AuthConfig	config,
		final OkHttpProvider	okHttpProvider,
		final JwtServiceProvider	jwtServiceProvider,
		final ObjectMapper	mapper )

Class constructor.

Parameters

config	The configuration to use for OAuth client_id and endpoints at the authorization provider,
okHttpProvider	Provides OkHttpClient instance(s).
jwtServiceProvider	Provides JwtService instances.
mapper	Jackson object mapper, needed for parsing access token response JSON.

Member Function Documentation

◆ assertStateIsValid()

void tenduke.sdk.core.auth.AbstractOAuthClient.assertStateIsValid ( )

protected

Analyzes state and configuration.

Throws IllegalStateException if:

runtime dependencies have not been provided
missing or invalid configuration is encountered

Required values are checked to ensure they are not null and conform to expected grammar (for example URIs are formatted correctly).

Reimplemented in tenduke.sdk.core.auth.AbstractPkceClient, tenduke.sdk.core.auth.DeviceFlowClient, and tenduke.sdk.core.auth.WebAppPkceClient.

◆ checkIfJwksUriIsConfigured()

boolean tenduke.sdk.core.auth.AbstractOAuthClient.checkIfJwksUriIsConfigured ( )

Checks if this client instance has configuration for the JWKS endpoint.

Returns: true if this client instance has configuration for the JWKS endpoint, false otherwise.

◆ formatConfigMissingMessage()

String tenduke.sdk.core.auth.AbstractOAuthClient.formatConfigMissingMessage ( final String formatValue )

protected

Formats a message for a missing configuration value.

The message takes shape: "{0} is not configured."

Parameters

formatValue The value for the single format element.

Returns: The formatted message.

◆ formatRuntimeDependencyMissingMessage()

String tenduke.sdk.core.auth.AbstractOAuthClient.formatRuntimeDependencyMissingMessage ( final String formatValue )

protected

Formats a message for a missing configuration value.

The message takes shape: "{0} is not configured."

Parameters

formatValue The value for the single format element.

Returns: The formatted message.

◆ init()

void tenduke.sdk.core.auth.AbstractOAuthClient.init ( )

Second phase construction hook provided for controlling potentially slow loading of remote OpenId configuration.

Calling this method will induce an HTTP request if the AuthConfig#idpOidcDiscoveryUrl() is configured. Otherwise the provided AuthConfig is used as such.

Reimplemented in tenduke.sdk.core.auth.DesktopPkceClient.

◆ parseTokenResponse()

VerifiedOAuthTokenResponse tenduke.sdk.core.auth.AbstractOAuthClient.parseTokenResponse ( final Response response )

protected

Parses a token response received from the authorization server (Identity Provider).

Parameters

response The HTTP response object.

Returns: A token response object with success vs. error information.

◆ refreshToken()

VerifiedOAuthTokenResponse tenduke.sdk.core.auth.AbstractOAuthClient.refreshToken ( final String refreshToken ) throws IOException

Makes an access token refresh request to the authorization server.

Parameters

refreshToken The client's current refresh token.

Returns: The token response provided by the authorization server. Note: The return value may be null, which happens if no response body is provided by the access token request to the authorization server. For not null return values you may use the OAuthTokenResponse#checkIsSuccess() and OAuthTokenResponse#checkIsError() methods of OAuthTokenResponse to determine if getting the id token or error handling is the next step.

Exceptions

java.io.IOException if the request could not be executed due to cancellation, a connectivity problem or timeout.

◆ reloadJwks()

boolean tenduke.sdk.core.auth.AbstractOAuthClient.reloadJwks ( )

Requests this client instance to reload keys from the JWKS endpoint.

Returns: true if key loading is possible based on configuration and supported by the JwtServiceProvider, false otherwise.

◆ supportsTokenRefresh()

abstract boolean tenduke.sdk.core.auth.AbstractOAuthClient.supportsTokenRefresh ( )

abstractprotected

Returns flag that tells if the OAuth client implementation supports token refresh.

Returns: true if token refresh is supported, false otherwise

Reimplemented in tenduke.sdk.core.auth.AbstractPkceClient, and tenduke.sdk.core.auth.DeviceFlowClient.

◆ updateSigningKeys()

boolean tenduke.sdk.core.auth.AbstractOAuthClient.updateSigningKeys	(	final OpenIdConfiguration	effectiveOidcConfig,
		final JwtServiceProvider	jwtSp )

protected

Updates signing keys based on OpenIdConfiguration that has been loaded or changed.

Parameters

effectiveOidcConfig	The OpenIdConfiguration containing an optional JWKS URL.
jwtSp	The JWT service provider to trigger key update for.

Returns: true if key loading is possible based on configuration and supported by the JwtServiceProvider, false otherwise.

The documentation for this class was generated from the following file:

auth/src/main/java/tenduke/sdk/core/auth/AbstractOAuthClient.java

Detailed Description

Public Member Functions

Protected Member Functions

Constructor & Destructor Documentation

◆ AbstractOAuthClient()

Member Function Documentation

◆ assertStateIsValid()

◆ checkIfJwksUriIsConfigured()

◆ formatConfigMissingMessage()

◆ formatRuntimeDependencyMissingMessage()

◆ init()

◆ parseTokenResponse()

◆ refreshToken()

◆ reloadJwks()

◆ supportsTokenRefresh()

◆ updateSigningKeys()