Gitiles
Code Review Sign In
korap.ids-mannheim.de / KorAP / Kustvakt / 3181b8d223c65616541d996c9b2fc8e5c89d6830 / . / full / src / main / java / de / ids_mannheim / korap / oauth2 / openid / OpenIdConfiguration.java
blob: 499b214b9861f95671a0fff9bc06c99ab201a9d0 [file] [log] [blame]
margaretha9c78e1a2018-06-27 14:12:35 +0200[diff] [blame]1package de.ids_mannheim.korap.oauth2.openid;
2
3import com.fasterxml.jackson.annotation.JsonInclude;
4import com.fasterxml.jackson.annotation.JsonInclude.Include;
5
6/**
7 * Defines OpenID configuration.
8 *
9 * Note: some configuration such as display_values_supported and
10 * ui_locales_supported are more relevant to KorAP user interface
11 * component Kalamar.
12 *
13 * @see <a
14 * href="https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata">OpenID
15 * Provider Metadata</a>
16 * @author margaretha
17 *
18 */
19@JsonInclude(Include.NON_EMPTY)
20public class OpenIdConfiguration {
21
22 public final static String JWKS_ENDPOINT = "/oauth2/openid/jwks";
23 public static final String CLIENT_REGISTRATION_ENDPOINT =
24 "/oauth2/client/register";
25 public static final String AUTHORIZATION_ENDPOINT =
26 "/oauth2/openid/authorize";
27 public static final String TOKEN_ENDPOINT = "/oauth2/openid/token";
28
29 private String issuer;
30 private String jwks_uri;
31
32 private String authorization_endpoint;
33 private String token_endpoint;
34 private String userinfo_endpoint;
35 private String registration_endpoint;
36
37 // Additional endpoints
38 private String introspection_endpoint;
39 private String revocation_endpoint;
40 private String end_session_endpoint;
41
42 private String[] scopes_supported;
43 private String[] response_types_supported;
44 private String[] response_modes_supported;
45 private String[] grant_types_supported;
46
47 private String[] token_endpoint_auth_methods_supported;
48 private String[] token_endpoint_auth_signing_alg_values_supported;
49
50 private String[] id_token_signing_alg_values_supported;
51 private String[] id_token_encryption_alg_values_supported;
52 private String[] id_token_encryption_enc_values_supported;
53
54 private String[] userinfo_signing_alg_values_supported;
55 private String[] userinfo_encryption_alg_values_supported;
56 private String[] userinfo_encryption_enc_values_supported;
57
58 private String[] request_object_signing_alg_values_supported;
59 private String[] request_object_encryption_alg_values_supported;
60 private String[] request_object_encryption_enc_values_supported;
61
62 private String[] subject_types_supported;
63 private String[] acr_values_supported;
64 private String[] display_values_supported;
65 private String[] claim_types_supported;
66 private String[] claims_supported;
67 private String[] claims_locales_supported;
68 private String[] ui_locales_supported;
69
70 private boolean claims_parameter_supported = false;
71 private boolean request_parameter_supported = false;
72 private boolean request_uri_parameter_supported = true;
73 private boolean require_request_uri_registration = false;
74
75 private String op_policy_uri;
76 private String op_tos_uri;
77 private String service_documentation;
78
79 private boolean mutual_tls_sender_constrained_access_tokens = false;
80
81 // OAuth2.0 Discovery
82 // List of Proof Key for Code Exchange (PKCE) code challenge
83 // methods supported on by the authorization server
84 // private String[] code_challenge_methods_supported;
85
86 public String getIssuer () {
87 return issuer;
88 }
89
90 /**
91 * REQUIRED
92 *
93 * @param issuer
94 * The server identifier, typically base-URL
95 */
96 public void setIssuer (String issuer) {
97 this.issuer = issuer;
98 }
99
100 public String getJwks_uri () {
101 return jwks_uri;
102 }
103
104 /**
105 * REQUIRED
106 *
107 * @param jwks_uri
108 * The public JWK set URL
109 */
110 public void setJwks_uri (String jwks_uri) {
111 this.jwks_uri = jwks_uri;
112 }
113
114 public String getAuthorization_endpoint () {
115 return authorization_endpoint;
116 }
117
118 /**
119 * REQUIRED
120 *
121 * @param authorization_endpoint
122 * The authorisation endpoint URL.
123 */
124 public void setAuthorization_endpoint (String authorization_endpoint) {
125 this.authorization_endpoint = authorization_endpoint;
126 }
127
128 public String getToken_endpoint () {
129 return token_endpoint;
130 }
131
132 /**
133 * REQUIRED unless only the Implicit Flow is used.
134 *
135 * @param token_endpoint
136 * The token endpoint URL.
137 */
138 public void setToken_endpoint (String token_endpoint) {
139 this.token_endpoint = token_endpoint;
140 }
141
142 public String getUserinfo_endpoint () {
143 return userinfo_endpoint;
144 }
145
146 /**
147 * RECOMMENDED. The URL MUST use the https scheme.
148 *
149 * @param userinfo_endpoint
150 * The OpenID Connect UserInfo endpoint URL.
151 */
152 public void setUserinfo_endpoint (String userinfo_endpoint) {
153 this.userinfo_endpoint = userinfo_endpoint;
154 }
155
156 public String getRegistration_endpoint () {
157 return registration_endpoint;
158 }
159
160 /**
161 * RECOMMENDED
162 *
163 * @param registration_endpoint
164 * The OAuth 2.0 / OpenID Connect client registration
165 * endpoint
166 * URL.
167 */
168 public void setRegistration_endpoint (String registration_endpoint) {
169 this.registration_endpoint = registration_endpoint;
170 }
171
172 public String[] getScopes_supported () {
173 return scopes_supported;
174 }
175
176 /**
177 * RECOMMENDED
178 *
179 * @param scopes_supported
180 * List of the supported scope values. Certain
181 * values may be omitted for privacy reasons.
182 */
183 public void setScopes_supported (String[] scopes_supported) {
184 this.scopes_supported = scopes_supported;
185 }
186
187 public String[] getResponse_types_supported () {
188 return response_types_supported;
189 }
190
191 /**
192 * REQUIRED
193 *
194 * @param response_types_supported
195 * List of the supported response_type
196 * values.
197 */
198 public void setResponse_types_supported (
199 String[] response_types_supported) {
200 this.response_types_supported = response_types_supported;
201 }
202
203 public String[] getResponse_modes_supported () {
204 return response_modes_supported;
205 }
206
207 /**
208 * OPTIONAL
209 *
210 * @param response_modes_supported
211 * List of the supported response mode
212 * values.
213 */
214 public void setResponse_modes_supported (
215 String[] response_modes_supported) {
216 this.response_modes_supported = response_modes_supported;
217 }
218
219 public String[] getGrant_types_supported () {
220 return grant_types_supported;
221 }
222
223 /**
224 * OPTIONAL
225 *
226 * @param grant_types_supported
227 * List of the supported grant types.
228 */
229 public void setGrant_types_supported (String[] grant_types_supported) {
230 this.grant_types_supported = grant_types_supported;
231 }
232
233 public String[] getAcr_values_supported () {
234 return acr_values_supported;
235 }
236
237 /**
238 * OPTIONAL
239 *
240 * @param acr_values_supported
241 * List of the supported Authentication Context Class
242 * References.
243 */
244 public void setAcr_values_supported (String[] acr_values_supported) {
245 this.acr_values_supported = acr_values_supported;
246 }
247
248 public String[] getSubject_types_supported () {
249 return subject_types_supported;
250 }
251
252 /**
253 * REQUIRED
254 *
255 * @param subject_types_supported
256 * List of the supported subject (end-user) identifier
257 * types.
258 */
259 public void setSubject_types_supported (String[] subject_types_supported) {
260 this.subject_types_supported = subject_types_supported;
261 }
262
263 public String[] getId_token_signing_alg_values_supported () {
264 return id_token_signing_alg_values_supported;
265 }
266
267 /**
268 * REQUIRED
269 *
270 * @param id_token_signing_alg_values_supported
271 * List of the supported JWS algorithms for
272 * the issued ID tokens to encode claims in a JWT.
273 */
274 public void setId_token_signing_alg_values_supported (
275 String[] id_token_signing_alg_values_supported) {
276 this.id_token_signing_alg_values_supported =
277 id_token_signing_alg_values_supported;
278 }
279
280 public String[] getId_token_encryption_alg_values_supported () {
281 return id_token_encryption_alg_values_supported;
282 }
283
284 /**
285 * OPTIONAL
286 *
287 * @param id_token_encryption_alg_values_supported
288 * List of the supported JWE algorithms for
289 * the issued ID tokens to encode claims in a JWT.
290 */
291 public void setId_token_encryption_alg_values_supported (
292 String[] id_token_encryption_alg_values_supported) {
293 this.id_token_encryption_alg_values_supported =
294 id_token_encryption_alg_values_supported;
295 }
296
297 public String[] getId_token_encryption_enc_values_supported () {
298 return id_token_encryption_enc_values_supported;
299 }
300
301 /**
302 * OPTIONAL
303 *
304 * @param id_token_encryption_enc_values_supported
305 * List of the supported JWE encryption methods for
306 * the issued ID tokens to encode claims in a JWT.
307 */
308 public void setId_token_encryption_enc_values_supported (
309 String[] id_token_encryption_enc_values_supported) {
310 this.id_token_encryption_enc_values_supported =
311 id_token_encryption_enc_values_supported;
312 }
313
314 public String[] getUserinfo_signing_alg_values_supported () {
315 return userinfo_signing_alg_values_supported;
316 }
317
318 /**
319 * OPTIONAL
320 *
321 * @param userinfo_signing_alg_values_supported
322 * List of the supported signing JWS algorithms for
323 * encoding the claims in a JWT returned at the
324 * UserInfo endpoint.
325 */
326 public void setUserinfo_signing_alg_values_supported (
327 String[] userinfo_signing_alg_values_supported) {
328 this.userinfo_signing_alg_values_supported =
329 userinfo_signing_alg_values_supported;
330 }
331
332 public String[] getUserinfo_encryption_alg_values_supported () {
333 return userinfo_encryption_alg_values_supported;
334 }
335
336 /**
337 * OPTIONAL
338 *
339 * @param userinfo_encryption_alg_values_supported
340 * List of the supported JWE encryption algorithms for
341 * encoding the claims in a JWT returned at the
342 * UserInfo endpoint.
343 */
344 public void setUserinfo_encryption_alg_values_supported (
345 String[] userinfo_encryption_alg_values_supported) {
346 this.userinfo_encryption_alg_values_supported =
347 userinfo_encryption_alg_values_supported;
348 }
349
350 public String[] getUserinfo_encryption_enc_values_supported () {
351 return userinfo_encryption_enc_values_supported;
352 }
353
354 /**
355 * OPTIONAL
356 *
357 * @param userinfo_encryption_enc_values_supported
358 * List of the supported JWE encryption methods for
359 * encoding the claims in a JWT returned at the
360 * UserInfo endpoint.
361 */
362 public void setUserinfo_encryption_enc_values_supported (
363 String[] userinfo_encryption_enc_values_supported) {
364 this.userinfo_encryption_enc_values_supported =
365 userinfo_encryption_enc_values_supported;
366 }
367
368 public String[] getRequest_object_signing_alg_values_supported () {
369 return request_object_signing_alg_values_supported;
370 }
371
372 /**
373 * OPTIONAL
374 *
375 * @param request_object_signing_alg_values_supported
376 * JSON array containing a list of supported JWS
377 * signing algorithms (alg values) supported for
378 * Request Objects
379 */
380 public void setRequest_object_signing_alg_values_supported (
381 String[] request_object_signing_alg_values_supported) {
382 this.request_object_signing_alg_values_supported =
383 request_object_signing_alg_values_supported;
384 }
385
386 public String[] getRequest_object_encryption_alg_values_supported () {
387 return request_object_encryption_alg_values_supported;
388 }
389
390 /**
391 * OPTIONAL
392 *
393 * @param request_object_encryption_alg_values_supported
394 * List of the supported JWE encryption algorithms for
395 * OpenID Connect request objects
396 */
397 public void setRequest_object_encryption_alg_values_supported (
398 String[] request_object_encryption_alg_values_supported) {
399 this.request_object_encryption_alg_values_supported =
400 request_object_encryption_alg_values_supported;
401 }
402
403 public String[] getRequest_object_encryption_enc_values_supported () {
404 return request_object_encryption_enc_values_supported;
405 }
406
407 /**
408 * OPTIONAL
409 *
410 * @param request_object_encryption_enc_values_supported
411 * List of the supported JWE encryption methods for
412 * OpenID Connect request objects, omitted or empty if
413 * none.
414 */
415 public void setRequest_object_encryption_enc_values_supported (
416 String[] request_object_encryption_enc_values_supported) {
417 this.request_object_encryption_enc_values_supported =
418 request_object_encryption_enc_values_supported;
419 }
420
421 public String[] getToken_endpoint_auth_methods_supported () {
422 return token_endpoint_auth_methods_supported;
423 }
424
425 /**
426 * OPTIONAL
427 *
428 * @param token_endpoint_auth_methods_supported
429 * List of the supported client authentication methods
430 * at the token endpoint.
431 */
432 public void setToken_endpoint_auth_methods_supported (
433 String[] token_endpoint_auth_methods_supported) {
434 this.token_endpoint_auth_methods_supported =
435 token_endpoint_auth_methods_supported;
436 }
437
438 public String[] getToken_endpoint_auth_signing_alg_values_supported () {
439 return token_endpoint_auth_signing_alg_values_supported;
440 }
441
442 /**
443 * OPTIONAL
444 *
445 * @param token_endpoint_auth_signing_alg_values_supported
446 * List of the supported JWS algorithms for JWT-based
447 * client authentication at the token endpoint
448 */
449 public void setToken_endpoint_auth_signing_alg_values_supported (
450 String[] token_endpoint_auth_signing_alg_values_supported) {
451 this.token_endpoint_auth_signing_alg_values_supported =
452 token_endpoint_auth_signing_alg_values_supported;
453 }
454
455 public String[] getDisplay_values_supported () {
456 return display_values_supported;
457 }
458
459 /**
460 * OPTIONAL
461 *
462 * @param display_values_supported
463 * List of the supported display parameters.
464 */
465 public void setDisplay_values_supported (
466 String[] display_values_supported) {
467 this.display_values_supported = display_values_supported;
468 }
469
470 public String[] getClaim_types_supported () {
471 return claim_types_supported;
472 }
473
474 /**
475 * OPTIONAL
476 *
477 * @param claim_types_supported
478 * List of the supported OpenID Connect claim types.
479 */
480 public void setClaim_types_supported (String[] claim_types_supported) {
481 this.claim_types_supported = claim_types_supported;
482 }
483
484 public String[] getClaims_supported () {
485 return claims_supported;
486 }
487
488 /**
489 * RECOMMENDED
490 *
491 * @param claims_supported
492 * List of the supported OpenID Connect claims.
493 */
494 public void setClaims_supported (String[] claims_supported) {
495 this.claims_supported = claims_supported;
496 }
497
498 public String getService_documentation () {
499 return service_documentation;
500 }
501
502 /**
503 * OPTIONAL
504 *
505 * @param service_documentation
506 * The service documentation URL
507 */
508 public void setService_documentation (String service_documentation) {
509 this.service_documentation = service_documentation;
510 }
511
512 public String[] getClaims_locales_supported () {
513 return claims_locales_supported;
514 }
515
516 /**
517 * OPTIONAL
518 *
519 * @param claims_locales_supported
520 * List of the supported OpenID Connect claims locales
521 */
522 public void setClaims_locales_supported (
523 String[] claims_locales_supported) {
524 this.claims_locales_supported = claims_locales_supported;
525 }
526
527 public String[] getUi_locales_supported () {
528 return ui_locales_supported;
529 }
530
531 /**
532 * OPTIONAL
533 *
534 * @param ui_locales_supported
535 * List of the supported UI locales
536 */
537 public void setUi_locales_supported (String[] ui_locales_supported) {
538 this.ui_locales_supported = ui_locales_supported;
539 }
540
541 public boolean isClaims_parameter_supported () {
542 return claims_parameter_supported;
543 }
544
545 /**
546 * OPTIONAL. Default false.
547 *
548 * @param claims_parameter_supported
549 * Specifies whether the claims request parameter is
550 * supported.
551 */
552 public void setClaims_parameter_supported (
553 boolean claims_parameter_supported) {
554 this.claims_parameter_supported = claims_parameter_supported;
555 }
556
557 public boolean isRequest_parameter_supported () {
558 return request_parameter_supported;
559 }
560
561 /**
562 * OPTIONAL. Default false.
563 *
564 * @param request_parameter_supported
565 * Specifies whether the request parameter is
566 * supported.
567 */
568 public void setRequest_parameter_supported (
569 boolean request_parameter_supported) {
570 this.request_parameter_supported = request_parameter_supported;
571 }
572
573 public boolean isRequest_uri_parameter_supported () {
574 return request_uri_parameter_supported;
575 }
576
577 /**
578 * OPTIONAL. Default true.
579 *
580 * @param request_uri_parameter_supported
581 * Specifies whether the request_uri parameter is
582 * supported.
583 */
584 public void setRequest_uri_parameter_supported (
585 boolean request_uri_parameter_supported) {
586 this.request_uri_parameter_supported = request_uri_parameter_supported;
587 }
588
589 public boolean isRequire_request_uri_registration () {
590 return require_request_uri_registration;
591 }
592
593 /**
594 * OPTIONAL. Default false.
595 *
596 * @param require_request_uri_registration
597 * Specifies whether request URIs must be registered
598 * for a client.
599 */
600 public void setRequire_request_uri_registration (
601 boolean require_request_uri_registration) {
602 this.require_request_uri_registration =
603 require_request_uri_registration;
604 }
605
606 public String getOp_policy_uri () {
607 return op_policy_uri;
608 }
609
610 /**
611 * OPTIONAL. URL that the OpenID Provider provides to the person
612 * registering the Client to read about the requirements on
613 * how the client can use the data provided by the OpenID
614 * Provider. The registration process SHOULD display this URL to
615 * the person registering the Client if it is given.
616 *
617 * @param op_policy_uri
618 * The privacy policy document URL, omitted if none.
619 */
620 public void setOp_policy_uri (String op_policy_uri) {
621 this.op_policy_uri = op_policy_uri;
622 }
623
624 public String getOp_tos_uri () {
625 return op_tos_uri;
626 }
627
628 /**
629 * @param op_tos_uri
630 * The terms of service document URL, omitted if none.
631 */
632 public void setOp_tos_uri (String op_tos_uri) {
633 this.op_tos_uri = op_tos_uri;
634 }
635
636 public String getIntrospection_endpoint () {
637 return introspection_endpoint;
638 }
639
640 /**
641 * ADDITIONAL
642 *
643 * @param introspection_endpoint
644 * The token introspection endpoint URL.
645 */
646 public void setIntrospection_endpoint (String introspection_endpoint) {
647 this.introspection_endpoint = introspection_endpoint;
648 }
649
650 public String getRevocation_endpoint () {
651 return revocation_endpoint;
652 }
653
654 /**
655 * ADDITIONAL
656 *
657 * @param revocation_endpoint
658 * The token revocation endpoint URL.
659 */
660 public void setRevocation_endpoint (String revocation_endpoint) {
661 this.revocation_endpoint = revocation_endpoint;
662 }
663
664 public String getEnd_session_endpoint () {
665 return end_session_endpoint;
666 }
667
668 /**
669 * ADDITIONAL
670 *
671 * @param end_session_endpoint
672 * The OpenID Connect logout endpoint URL, omitted if
673 * disabled.
674 */
675 public void setEnd_session_endpoint (String end_session_endpoint) {
676 this.end_session_endpoint = end_session_endpoint;
677 }
678
679 public boolean isMutual_tls_sender_constrained_access_tokens () {
680 return mutual_tls_sender_constrained_access_tokens;
681 }
682
683 /**
684 * OPTIONAL. Default false.
685 *
686 * @see <a
687 * href="https://tools.ietf.org/id/draft-ietf-oauth-mtls-03.html#server_metadata">Mutual
688 * TLS Profile for OAuth 2.0</a>
689 * @param mutual_tls_sender_constrained_access_tokens
690 * specifies whether issue of client X.509 certificate
691 * bound access tokens is supported, omitted
692 * implies no support.
693 */
694 public void setMutual_tls_sender_constrained_access_tokens (
695 boolean mutual_tls_sender_constrained_access_tokens) {
696 this.mutual_tls_sender_constrained_access_tokens =
697 mutual_tls_sender_constrained_access_tokens;
698 }
699}