- Generated by
1.12.0
|
10Duke Java Core
|
Before supplying the core's jar artifacts via Maven central the artifacts will be available via the gitlab package registry in 10Duke Core
The first step is to configure the repository for your project. This can be done in the Maven settings file or in your project's pom file.
The XML fragment to add to your Maven configuration:
Using the 10Duke Java Core artifacts is possible after adding them as dependencies in your project's pom file(s):
The 10Duke SDKs requires certain configuration items to connect and interact with the 10Duke Enterprise or Scale API. Additional configuration items can be specified to control the behavior of the SDK.
The interface tenduke.sdk.core.model.config.AuthConfig defines the contract for providing the required configuration.
Default implementation for loading configuration and the configuration itself is provided by classes tenduke.sdk.core.config.typesafe.AuthConfigLoader, which returns instances of tenduke.sdk.core.config.typesafe.TypesafeAuthConfig. The class tenduke.sdk.core.model.config.DefaultAuthConfigBuilder is used to construct a TendukeConfig object from a variety of configuration sources.
Configuration items can be loaded from the following sources:
tenduke.sdk.core.model.config.InMemoryAuthConfigtenduke.sdk.core.config.typesafe.TypesafeAuthConfigtenduke.sdk.core.config.typesafe.TypesafeAuthConfigtenduke.sdk.core.config.typesafe.TypesafeAuthConfigThe configuration can be composed from a variety of these source or all loaded from a single source. Using the builder, you can provide defaults for slow moving configuration items in code, then load values from a configuration file, and then apply any settings from environment variables.
The effective configuration that an application bootstraps works in concert with OAuth / OpenID connect client implementations. OAuth clients load the details of the OpenID Connect (OIDC) provider from the Discovery URL when the URL is present in configuration. Where a key exists in more than one source the first source added to the configuration builder will take precedence. Precedence for configured values in configuration files vs. system properties vs. environment variables are defined by logic implemented by Typesafe config.
Almost all of the configuration items are optional, and which items you need to provide will depend on how you are using the 10Duke API. For identity based licensing, the minimum configuration would be licensing_api_url and idp_oidc_discovery_url, provided that the OIDC provider (also known as Identity Provider IdP) implements a discovery endpoint. Configuration items keys (names) are accepted in snake_case.
(Mandatory) API base URL for the 10Duke API. Used to send requests to the 10Duke API. For 10Duke Scale You can view your API base URL on the dashboard at the 10Duke Scale console.
OIDC provider Discovery URL. Used to retrieve the details of the OIDC endpoints for the identity provider.
Endpoint for Authorization Request in Authorization Code or Implicit Grant flows. This can either be provided in the configuration or loaded using the Discovery URL.
Endpoint for Device Authorization Request in Device Authorization Grant flow. This can either be provided in the configuration or loaded using the Discovery URL.
Endpoint for Access Token Request or Device Access Token Request. This can either be provided in the configuration or loaded using the Discovery URL.
Endpoint handling the UserInfo Request. This can either be provided in the configuration or loaded using the Discovery URL.
URL path to read public key used to verify JWTs received from Authorization Server authenticating OIDC session. This can either be provided in the configuration or loaded using the Discovery URL.
Application credentials for OAuth/OIDC. This is set when you configure your application on the OIDC provider.
Application credentials for OAuth/OIDC. Required for some OAuth flows or for some Identity Providers. This is set when you configure your application on the OIDC provider.
Scopes to include in the Access and ID tokens requested via OIDC. Scopes are provided as a list, separated by spaces. You will need a minimum of openid.
The number of seconds before expiry time that an ID Token or Scale JWT will be automatically refreshed (default: 30 seconds).
URI to use for the redirect_uri in the OAuth Authorization Code flow (with or without Proof Key for Code Exchange). This URI can be used for localhost or remote processing of the redirect callback. If this configuration option is populated, auth_redirect_path will be ignored.
Path fragment for local redirect URL to use for PKCE Flow Client. This should be the path on http://localhost that the IDP will redirect to for successful authentication during the PKCE flow. Defaults to /login/callback (interpreted as http://localhost/login/callback).
Local port number to list for PKCE Flow redirect. Defaults to a random port. If auth_redirect_path is used with a localhost or loopback HTTP listener then this port will be used for the HTTP listener. The port will also be used if auth_redirect_uri is specified with localhost or loopback as the host name.
Timeout for HTTP requests (default: 30.0 seconds).
An optional proxy URL, when configured it must define a hostname and port. The format, including scheme is: proxy://hostname:port. E.g. proxy://localhost:32008.
A file to send as the content of the response to the redirect during PKCE flow. This is sent as the body of a 200 OK response.
A directory path to store license and identity tokens in.
A directory path to cache public keys in
1.12.0