Detailed Description
Configuration model for use with 10Duke SDK core built-in authentication and authorization setup.
Public Member Functions | |
| default Optional< String > | tokenPath () |
| Directory path for storing token data, e.g. | |
| default Optional< String > | publicKeyPath () |
| Directory path for storing public keys. | |
| default Optional< URI > | idpOidcDiscoveryUrl () |
| Used to retrieve the details of the Open ID Connect endpoints for the identity provider. | |
| default Optional< URI > | idpOauthAuthorizationUrl () |
Endpoint for Authorization Request in Authorization Code or Implicit Grant flows (may be omitted if idpOidcDiscoveryUrl() provides a valid value). | |
| default Optional< URI > | idpOauthDeviceCodeUrl () |
Endpoint for Device Authorization Request in Device Authorization Grant flow (may be omitted if idpOidcDiscoveryUrl() provides a valid value). | |
| default Optional< URI > | idpOauthTokenUrl () |
Endpoint for Access Token Request or Device Access Token Request (may be omitted if idpOidcDiscoveryUrl() provides a valid value). | |
| default Optional< String > | idpOauthClientId () |
| Application credentials for OAuth/Open ID Connect. | |
| default Optional< String > | idpOauthClientSecret () |
| Application credentials for OAuth/Open ID Connect. | |
| default Optional< String > | idpOauthScope () |
| Scopes to include in the Access and ID tokens requested via Open ID Connect. | |
| default Optional< URI > | idpUserinfoUrl () |
Endpoint handling the UserInfo Request (may be omitted if idpOidcDiscoveryUrl() provides a valid value). | |
| default Optional< URI > | idpJwksUri () |
| URL path to read public key used to verify JWTs received from Authorization Server authenticating Open ID Connect session. | |
| default Optional< URI > | authRedirectUri () |
| Fully specified redirect URL to use for PKCE Flow Client. | |
| default Optional< String > | authRedirectPath () |
| Path fragment for local redirect URL to use for PKCE Flow Client. | |
| default int | authRedirectPort () |
| Local port number for PKCE Flow login callback redirect. | |
| default Optional< String > | authSuccessMessage () |
| Path to file / resource containing response for successful login (see PKCE Flow Client implementation). | |
| default float | tokenRefreshLeewaySeconds () |
| The number of seconds before expiry time that an ID Token or JWT will be automatically refreshed. | |
 Public Member Functions inherited from tenduke.sdk.core.model.config.HttpClientConfig | |
| default float | httpTimeoutSeconds () |
| Timeout for HTTP requests. | |
| default Optional< String > | httpsProxy () |
| Proxy to use for HTTPS requests. | |
| Public Member Functions inherited from tenduke.sdk.core.model.config.Configuration | |
| < U > U | unwrap () |
| Unwraps the underlying implementation and returns it to the caller. | |
Public Attributes | |
| float | DEFAULT_TOKEN_REFRESH_LEEWAY_SECONDS = 30.0F |
| Defines the default token expiration related refresh leeway in seconds. | |
| Public Attributes inherited from tenduke.sdk.core.model.config.HttpClientConfig | |
| float | DEFAULT_HTTP_TIMEOUT_SECONDS = 30.0F |
| Defines the default HTTP connect, call, read and write timeout value in seconds. | |
Member Function Documentation
◆ authRedirectPath()
| default Optional< String > tenduke.sdk.core.model.config.AuthConfig.authRedirectPath | ( | ) |
Path fragment for local redirect URL to use for PKCE Flow Client.
This should be the path on http://localhost that the IDP will redirect to for successful authentication during the PKCE flow.
Defaults to: /login/callback (interpreted as http://localhost/login/callback).
Note: the client application callback URL must be registered with the Authorization Server (Identity Provider). This fragment is ignored if auth_redirect_uri is specified.
- Returns
- The URL path to use in the OAuth client's
redirect_uri.
Implemented in tenduke.sdk.core.model.config.AuthConfigWithFallback, and tenduke.sdk.core.model.config.InMemoryAuthConfig.
◆ authRedirectPort()
| default int tenduke.sdk.core.model.config.AuthConfig.authRedirectPort | ( | ) |
Local port number for PKCE Flow login callback redirect.
Defaults to random port (denoted by port = 0).
- Returns
- The HTTP server port where theOAuth client listens at. Also used in the OAuth client's
redirect_urivalue.
Implemented in tenduke.sdk.core.model.config.AuthConfigWithFallback, and tenduke.sdk.core.model.config.InMemoryAuthConfig.
◆ authRedirectUri()
| default Optional< URI > tenduke.sdk.core.model.config.AuthConfig.authRedirectUri | ( | ) |
Fully specified redirect URL to use for PKCE Flow Client.
Note: the client application callback URL must be registered with the Authorization Server (Identity Provider).
Defaults to: empty (no URI configured).
- Returns
- The URL to use as the OAuth client's
redirect_uri.
Implemented in tenduke.sdk.core.model.config.AuthConfigWithFallback, and tenduke.sdk.core.model.config.InMemoryAuthConfig.
◆ authSuccessMessage()
| default Optional< String > tenduke.sdk.core.model.config.AuthConfig.authSuccessMessage | ( | ) |
Path to file / resource containing response for successful login (see PKCE Flow Client implementation).
Default value: empty (no resource path for the success message is configured).
- Returns
- HTTP response body to use as response for successful login in PKCE Flow Client implementation.
Implemented in tenduke.sdk.core.model.config.AuthConfigWithFallback, and tenduke.sdk.core.model.config.InMemoryAuthConfig.
◆ idpJwksUri()
| default Optional< URI > tenduke.sdk.core.model.config.AuthConfig.idpJwksUri | ( | ) |
URL path to read public key used to verify JWTs received from Authorization Server authenticating Open ID Connect session.
Defaults to: empty (no URI configured).
- Returns
- Authorization server URL that provides token signature verification keys in JSON Web Keys format.
Implemented in tenduke.sdk.core.model.config.AuthConfigWithFallback, and tenduke.sdk.core.model.config.InMemoryAuthConfig.
◆ idpOauthAuthorizationUrl()
| default Optional< URI > tenduke.sdk.core.model.config.AuthConfig.idpOauthAuthorizationUrl | ( | ) |
Endpoint for Authorization Request in Authorization Code or Implicit Grant flows (may be omitted if idpOidcDiscoveryUrl() provides a valid value).
Defaults to: empty (no URI configured).
- Returns
- Authorization server URL that serves authorization requests.
Implemented in tenduke.sdk.core.model.config.AuthConfigWithFallback, and tenduke.sdk.core.model.config.InMemoryAuthConfig.
◆ idpOauthClientId()
| default Optional< String > tenduke.sdk.core.model.config.AuthConfig.idpOauthClientId | ( | ) |
Application credentials for OAuth/Open ID Connect.
Defaults to: empty (no client id configured).
- Returns
- The value to use as OAuth client id.
Implemented in tenduke.sdk.core.model.config.AuthConfigWithFallback, and tenduke.sdk.core.model.config.InMemoryAuthConfig.
◆ idpOauthClientSecret()
| default Optional< String > tenduke.sdk.core.model.config.AuthConfig.idpOauthClientSecret | ( | ) |
Application credentials for OAuth/Open ID Connect.
Required for some OAuth flows or for some Identity Providers.
Defaults to: empty (no client secret configured).
- Returns
- The value to use as OAuth client secret.
Implemented in tenduke.sdk.core.model.config.AuthConfigWithFallback, and tenduke.sdk.core.model.config.InMemoryAuthConfig.
◆ idpOauthDeviceCodeUrl()
| default Optional< URI > tenduke.sdk.core.model.config.AuthConfig.idpOauthDeviceCodeUrl | ( | ) |
Endpoint for Device Authorization Request in Device Authorization Grant flow (may be omitted if idpOidcDiscoveryUrl() provides a valid value).
Only required when Device Authorization Grant flow is being used.
Defaults to: empty (no URI configured).
- Returns
- Authorization server URL that serves device authorization requests.
Implemented in tenduke.sdk.core.model.config.AuthConfigWithFallback, and tenduke.sdk.core.model.config.InMemoryAuthConfig.
◆ idpOauthScope()
| default Optional< String > tenduke.sdk.core.model.config.AuthConfig.idpOauthScope | ( | ) |
Scopes to include in the Access and ID tokens requested via Open ID Connect.
Default value: "openid".
- Returns
- Array in String format: space separated scope names. Minimum viable setting is
"openid", which is also the default value.
Implemented in tenduke.sdk.core.model.config.AuthConfigWithFallback, and tenduke.sdk.core.model.config.InMemoryAuthConfig.
◆ idpOauthTokenUrl()
| default Optional< URI > tenduke.sdk.core.model.config.AuthConfig.idpOauthTokenUrl | ( | ) |
Endpoint for Access Token Request or Device Access Token Request (may be omitted if idpOidcDiscoveryUrl() provides a valid value).
Defaults to: empty (no URI configured).
- Returns
- Authorization server URL that serves access token requests.
Implemented in tenduke.sdk.core.model.config.AuthConfigWithFallback, and tenduke.sdk.core.model.config.InMemoryAuthConfig.
◆ idpOidcDiscoveryUrl()
| default Optional< URI > tenduke.sdk.core.model.config.AuthConfig.idpOidcDiscoveryUrl | ( | ) |
Used to retrieve the details of the Open ID Connect endpoints for the identity provider.
Defaults to: empty (no URI configured).
- Returns
- The URL to use for loading OpenID Connect settings.
Implemented in tenduke.sdk.core.model.config.AuthConfigWithFallback, and tenduke.sdk.core.model.config.InMemoryAuthConfig.
◆ idpUserinfoUrl()
| default Optional< URI > tenduke.sdk.core.model.config.AuthConfig.idpUserinfoUrl | ( | ) |
Endpoint handling the UserInfo Request (may be omitted if idpOidcDiscoveryUrl() provides a valid value).
Defaults to: empty (no URI configured).
- Returns
- OpenID Connect server URL that serves user info requests.
Implemented in tenduke.sdk.core.model.config.AuthConfigWithFallback, and tenduke.sdk.core.model.config.InMemoryAuthConfig.
◆ publicKeyPath()
| default Optional< String > tenduke.sdk.core.model.config.AuthConfig.publicKeyPath | ( | ) |
Directory path for storing public keys.
Defaults to: "./local-config".
- Returns
- A file system path where public keys are stored.
Implemented in tenduke.sdk.core.model.config.AuthConfigWithFallback, and tenduke.sdk.core.model.config.InMemoryAuthConfig.
◆ tokenPath()
| default Optional< String > tenduke.sdk.core.model.config.AuthConfig.tokenPath | ( | ) |
Directory path for storing token data, e.g.
JSON Web Tokens (JWT's).
Defaults to: "./local-config".
- Returns
- A file system path where tokens are stored.
Implemented in tenduke.sdk.core.model.config.AuthConfigWithFallback, and tenduke.sdk.core.model.config.InMemoryAuthConfig.
◆ tokenRefreshLeewaySeconds()
| default float tenduke.sdk.core.model.config.AuthConfig.tokenRefreshLeewaySeconds | ( | ) |
The number of seconds before expiry time that an ID Token or JWT will be automatically refreshed.
Default value: 30 seconds.
- Returns
- access token refresh leeway in seconds. Defaults to:
DEFAULT_TOKEN_REFRESH_LEEWAY_SECONDS.
Implemented in tenduke.sdk.core.model.config.AuthConfigWithFallback, and tenduke.sdk.core.model.config.InMemoryAuthConfig.
The documentation for this interface was generated from the following file:
- model/src/main/java/tenduke/sdk/core/model/config/AuthConfig.java
