Class OidcClientRegistration.Builder
java.lang.Object
org.springframework.security.oauth2.server.authorization.oidc.OidcClientRegistration.Builder
- Enclosing class:
- OidcClientRegistration
Helps configure an
OidcClientRegistration
.-
Method Summary
Modifier and TypeMethodDescriptionbuild()
Validate the claims and build theOidcClientRegistration
.Sets the claim.Provides access to everyclaim(String, Object)
declared so far allowing the ability to add, replace, or remove.Sets the Client Identifier, REQUIRED.clientIdIssuedAt
(Instant clientIdIssuedAt) Sets the time at which the Client Identifier was issued, OPTIONAL.clientName
(String clientName) Sets the name of the Client to be presented to the End-User, OPTIONAL.clientSecret
(String clientSecret) Sets the Client Secret, OPTIONAL.clientSecretExpiresAt
(Instant clientSecretExpiresAt) Sets the time at which theclient_secret
will expire ornull
if it will not expire, REQUIRED ifclient_secret
was issued.Add the OAuth 2.0grant_type
that the Client will restrict itself to using, OPTIONAL.grantTypes
(Consumer<List<String>> grantTypesConsumer) AConsumer
of the OAuth 2.0grant_type
values that the Client will restrict itself to using, allowing the ability to add, replace, or remove, OPTIONAL.idTokenSignedResponseAlgorithm
(String idTokenSignedResponseAlgorithm) Sets theJWS
algorithm required for signing theID Token
issued to the Client, OPTIONAL.Sets theURL
for the Client's JSON Web Key Set, OPTIONAL.postLogoutRedirectUri
(String postLogoutRedirectUri) Add the post logout redirectionURI
used by the Client, OPTIONAL.postLogoutRedirectUris
(Consumer<List<String>> postLogoutRedirectUrisConsumer) AConsumer
of the post logout redirectionURI
values used by the Client, allowing the ability to add, replace, or remove, OPTIONAL.redirectUri
(String redirectUri) Add the redirectionURI
used by the Client, REQUIRED.redirectUris
(Consumer<List<String>> redirectUrisConsumer) AConsumer
of the redirectionURI
values used by the Client, allowing the ability to add, replace, or remove, REQUIRED.registrationAccessToken
(String registrationAccessToken) Sets the Registration Access Token that can be used at the Client Configuration Endpoint, OPTIONAL.registrationClientUrl
(String registrationClientUrl) Sets theURL
of the Client Configuration Endpoint where the Registration Access Token can be used, OPTIONAL.responseType
(String responseType) Add the OAuth 2.0response_type
that the Client will restrict itself to using, OPTIONAL.responseTypes
(Consumer<List<String>> responseTypesConsumer) AConsumer
of the OAuth 2.0response_type
values that the Client will restrict itself to using, allowing the ability to add, replace, or remove, OPTIONAL.Add the OAuth 2.0scope
that the Client will restrict itself to using, OPTIONAL.AConsumer
of the OAuth 2.0scope
values that the Client will restrict itself to using, allowing the ability to add, replace, or remove, OPTIONAL.tokenEndpointAuthenticationMethod
(String tokenEndpointAuthenticationMethod) Sets the authentication method used by the Client for the Token Endpoint, OPTIONAL.tokenEndpointAuthenticationSigningAlgorithm
(String authenticationSigningAlgorithm) Sets theJWS
algorithm that must be used for signing theJWT
used to authenticate the Client at the Token Endpoint for theprivate_key_jwt
andclient_secret_jwt
authentication methods, OPTIONAL.
-
Method Details
-
clientId
Sets the Client Identifier, REQUIRED.- Parameters:
clientId
- the Client Identifier- Returns:
- the
OidcClientRegistration.Builder
for further configuration
-
clientIdIssuedAt
Sets the time at which the Client Identifier was issued, OPTIONAL.- Parameters:
clientIdIssuedAt
- the time at which the Client Identifier was issued- Returns:
- the
OidcClientRegistration.Builder
for further configuration
-
clientSecret
Sets the Client Secret, OPTIONAL.- Parameters:
clientSecret
- the Client Secret- Returns:
- the
OidcClientRegistration.Builder
for further configuration
-
clientSecretExpiresAt
Sets the time at which theclient_secret
will expire ornull
if it will not expire, REQUIRED ifclient_secret
was issued.- Parameters:
clientSecretExpiresAt
- the time at which theclient_secret
will expire ornull
if it will not expire- Returns:
- the
OidcClientRegistration.Builder
for further configuration
-
clientName
Sets the name of the Client to be presented to the End-User, OPTIONAL.- Parameters:
clientName
- the name of the Client to be presented to the End-User- Returns:
- the
OidcClientRegistration.Builder
for further configuration
-
redirectUri
Add the redirectionURI
used by the Client, REQUIRED.- Parameters:
redirectUri
- the redirectionURI
used by the Client- Returns:
- the
OidcClientRegistration.Builder
for further configuration
-
redirectUris
AConsumer
of the redirectionURI
values used by the Client, allowing the ability to add, replace, or remove, REQUIRED.- Parameters:
redirectUrisConsumer
- aConsumer
of the redirectionURI
values used by the Client- Returns:
- the
OidcClientRegistration.Builder
for further configuration
-
postLogoutRedirectUri
Add the post logout redirectionURI
used by the Client, OPTIONAL. Thepost_logout_redirect_uri
parameter is used by the client when requesting that the End-User's User Agent be redirected to after a logout has been performed.- Parameters:
postLogoutRedirectUri
- the post logout redirectionURI
used by the Client- Returns:
- the
OidcClientRegistration.Builder
for further configuration - Since:
- 1.1
-
postLogoutRedirectUris
public OidcClientRegistration.Builder postLogoutRedirectUris(Consumer<List<String>> postLogoutRedirectUrisConsumer) AConsumer
of the post logout redirectionURI
values used by the Client, allowing the ability to add, replace, or remove, OPTIONAL.- Parameters:
postLogoutRedirectUrisConsumer
- aConsumer
of the post logout redirectionURI
values used by the Client- Returns:
- the
OidcClientRegistration.Builder
for further configuration - Since:
- 1.1
-
tokenEndpointAuthenticationMethod
public OidcClientRegistration.Builder tokenEndpointAuthenticationMethod(String tokenEndpointAuthenticationMethod) Sets the authentication method used by the Client for the Token Endpoint, OPTIONAL.- Parameters:
tokenEndpointAuthenticationMethod
- the authentication method used by the Client for the Token Endpoint- Returns:
- the
OidcClientRegistration.Builder
for further configuration
-
tokenEndpointAuthenticationSigningAlgorithm
public OidcClientRegistration.Builder tokenEndpointAuthenticationSigningAlgorithm(String authenticationSigningAlgorithm) Sets theJWS
algorithm that must be used for signing theJWT
used to authenticate the Client at the Token Endpoint for theprivate_key_jwt
andclient_secret_jwt
authentication methods, OPTIONAL.- Parameters:
authenticationSigningAlgorithm
- theJWS
algorithm that must be used for signing theJWT
used to authenticate the Client at the Token Endpoint- Returns:
- the
OidcClientRegistration.Builder
for further configuration - Since:
- 0.2.2
-
grantType
Add the OAuth 2.0grant_type
that the Client will restrict itself to using, OPTIONAL.- Parameters:
grantType
- the OAuth 2.0grant_type
that the Client will restrict itself to using- Returns:
- the
OidcClientRegistration.Builder
for further configuration
-
grantTypes
AConsumer
of the OAuth 2.0grant_type
values that the Client will restrict itself to using, allowing the ability to add, replace, or remove, OPTIONAL.- Parameters:
grantTypesConsumer
- aConsumer
of the OAuth 2.0grant_type
values that the Client will restrict itself to using- Returns:
- the
OidcClientRegistration.Builder
for further configuration
-
responseType
Add the OAuth 2.0response_type
that the Client will restrict itself to using, OPTIONAL.- Parameters:
responseType
- the OAuth 2.0response_type
that the Client will restrict itself to using- Returns:
- the
OidcClientRegistration.Builder
for further configuration
-
responseTypes
AConsumer
of the OAuth 2.0response_type
values that the Client will restrict itself to using, allowing the ability to add, replace, or remove, OPTIONAL.- Parameters:
responseTypesConsumer
- aConsumer
of the OAuth 2.0response_type
values that the Client will restrict itself to using- Returns:
- the
OidcClientRegistration.Builder
for further configuration
-
scope
Add the OAuth 2.0scope
that the Client will restrict itself to using, OPTIONAL.- Parameters:
scope
- the OAuth 2.0scope
that the Client will restrict itself to using- Returns:
- the
OidcClientRegistration.Builder
for further configuration
-
scopes
AConsumer
of the OAuth 2.0scope
values that the Client will restrict itself to using, allowing the ability to add, replace, or remove, OPTIONAL.- Parameters:
scopesConsumer
- aConsumer
of the OAuth 2.0scope
values that the Client will restrict itself to using- Returns:
- the
OidcClientRegistration.Builder
for further configuration
-
jwkSetUrl
Sets theURL
for the Client's JSON Web Key Set, OPTIONAL.- Parameters:
jwkSetUrl
- theURL
for the Client's JSON Web Key Set- Returns:
- the
OidcClientRegistration.Builder
for further configuration - Since:
- 0.2.2
-
idTokenSignedResponseAlgorithm
public OidcClientRegistration.Builder idTokenSignedResponseAlgorithm(String idTokenSignedResponseAlgorithm) Sets theJWS
algorithm required for signing theID Token
issued to the Client, OPTIONAL.- Parameters:
idTokenSignedResponseAlgorithm
- theJWS
algorithm required for signing theID Token
issued to the Client- Returns:
- the
OidcClientRegistration.Builder
for further configuration
-
registrationAccessToken
Sets the Registration Access Token that can be used at the Client Configuration Endpoint, OPTIONAL.- Parameters:
registrationAccessToken
- the Registration Access Token that can be used at the Client Configuration Endpoint- Returns:
- the
OidcClientRegistration.Builder
for further configuration - Since:
- 0.2.1
-
registrationClientUrl
Sets theURL
of the Client Configuration Endpoint where the Registration Access Token can be used, OPTIONAL.- Parameters:
registrationClientUrl
- theURL
of the Client Configuration Endpoint where the Registration Access Token can be used- Returns:
- the
OidcClientRegistration.Builder
for further configuration - Since:
- 0.2.1
-
claim
Sets the claim.- Parameters:
name
- the claim namevalue
- the claim value- Returns:
- the
OidcClientRegistration.Builder
for further configuration
-
claims
Provides access to everyclaim(String, Object)
declared so far allowing the ability to add, replace, or remove.- Parameters:
claimsConsumer
- aConsumer
of the claims- Returns:
- the
OidcClientRegistration.Builder
for further configurations
-
build
Validate the claims and build theOidcClientRegistration
.The following claims are REQUIRED:
client_id
,redirect_uris
.- Returns:
- the
OidcClientRegistration
-