• Home
• io.quarkus
• quarkus-oidc
• 3.12.0.CR1
• source code
• OidcTenantConfig.jdp

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

io.quarkus.oidc.OidcTenantConfig.jdp Maven / Gradle / Ivy

io.quarkus.oidc.OidcTenantConfig.HYBRID=A combined {@code SERVICE} and {@code WEB_APP} client.\nFor this type of client, the Bearer Authorization method is used if the Authorization header is set\nand Authorization Code Flow - if not.
io.quarkus.oidc.OidcTenantConfig.SERVICE=A {@code SERVICE} is a client that has a set of protected HTTP resources, usually a backend application following the\nRESTful Architectural Design. For this type of client, the Bearer Authorization method is defined as the preferred\nmethod for authenticating and authorizing users.
io.quarkus.oidc.OidcTenantConfig.WEB_APP=A {@code WEB_APP} is a client that serves pages, usually a front-end application. For this type of client the\nAuthorization Code Flow is defined as the preferred method for authenticating users.
io.quarkus.oidc.OidcTenantConfig.allowTokenIntrospectionCache=Allow caching the token introspection data.\nNote enabling this property does not enable the cache itself but only permits to cache the token introspection\nfor a given tenant. If the default token cache can be used, see {@link OidcConfig.TokenCache} to enable\nit.
io.quarkus.oidc.OidcTenantConfig.allowUserInfoCache=Allow caching the user info data.\nNote enabling this property does not enable the cache itself but only permits to cache the user info data\nfor a given tenant. If the default token cache can be used, see {@link OidcConfig.TokenCache} to enable\nit.
io.quarkus.oidc.OidcTenantConfig.applicationType=The application type, which can be one of the following {@link ApplicationType} values.
io.quarkus.oidc.OidcTenantConfig.authorizationPath=The relative path or absolute URL of the OpenID Connect (OIDC) authorization endpoint, which authenticates\nusers.\nYou must set this property for `web-app` applications if OIDC discovery is disabled.\nThis property is ignored if OIDC discovery is enabled.
io.quarkus.oidc.OidcTenantConfig.cacheUserInfoInIdtoken=Allow inlining UserInfo in IdToken instead of caching it in the token cache.\nThis property is only checked when an internal IdToken is generated when OAuth2 providers do not return IdToken.\nInlining UserInfo in the generated IdToken allows to store it in the session cookie and avoids introducing a cached\nstate.\n
\nInlining UserInfo in the generated IdToken is enabled if the session cookie is encrypted\nand the UserInfo cache is not enabled or caching UserInfo is disabled for the current tenant\nwith the {@link \#allowUserInfoCache} property set to `false`.
io.quarkus.oidc.OidcTenantConfig.certificateChain=Configuration of the certificate chain which can be used to verify tokens.\nIf the certificate chain truststore is configured, the tokens can be verified using the certificate\nchain inlined in the Base64-encoded format as an `x5c` header in the token itself.\n
\nThe certificate chain inlined in the token is verified.\nSignature of every certificate in the chain but the root certificate is verified by the next certificate in the chain.\nThumbprint of the root certificate in the chain must match a thumbprint of one of the certificates in the truststore.\n
\nAdditionally, a direct trust in the leaf chain certificate which will be used to verify the token signature must\nbe established.\nBy default, the leaf certificate's thumbprint must match a thumbprint of one of the certificates in the truststore.\nIf the truststore does not have the leaf certificate imported, then the leaf certificate must be identified by its Common\nName.
io.quarkus.oidc.OidcTenantConfig.endSessionPath=Relative path or absolute URL of the OIDC end_session_endpoint.\nThis property must be set if OIDC discovery is disabled and RP Initiated Logout support for the `web-app` applications is\nrequired.\nThis property is ignored if the discovery is enabled.
io.quarkus.oidc.OidcTenantConfig.introspectionCredentials=Introspection Basic Authentication which must be configured only if the introspection is required\nand OpenId Connect Provider does not support the OIDC client authentication configured with\n{@link OidcCommonConfig\#credentials} for its introspection endpoint.
io.quarkus.oidc.OidcTenantConfig.introspectionPath=Relative path or absolute URL of the OIDC RFC7662 introspection endpoint which can introspect both opaque and\nJSON Web Token (JWT) tokens.\nThis property must be set if OIDC discovery is disabled and 1) the opaque bearer access tokens must be verified\nor 2) JWT tokens must be verified while the cached JWK verification set with no matching JWK is being refreshed.\nThis property is ignored if the discovery is enabled.
io.quarkus.oidc.OidcTenantConfig.jwks=Configuration for controlling how JsonWebKeySet containing verification keys should be acquired and managed.
io.quarkus.oidc.OidcTenantConfig.jwksPath=Relative path or absolute URL of the OIDC JSON Web Key Set (JWKS) endpoint which returns a JSON Web Key\nVerification Set.\nThis property should be set if OIDC discovery is disabled and the local JWT verification is required.\nThis property is ignored if the discovery is enabled.
io.quarkus.oidc.OidcTenantConfig.logout=RP Initiated, BackChannel and FrontChannel Logout configuration
io.quarkus.oidc.OidcTenantConfig.provider=Well known OpenId Connect provider identifier
io.quarkus.oidc.OidcTenantConfig.publicKey=The public key for the local JWT token verification.\nOIDC server connection is not created when this property is set.
io.quarkus.oidc.OidcTenantConfig.roles=Configuration to find and parse a custom claim containing the roles information.
io.quarkus.oidc.OidcTenantConfig.tenantEnabled=If this tenant configuration is enabled.\n\nThe default tenant is disabled if it is not configured but\na {@link TenantConfigResolver} that resolves tenant configurations is registered,\nor named tenants are configured.\nIn this case, you do not need to disable the default tenant.
io.quarkus.oidc.OidcTenantConfig.tenantId=A unique tenant identifier. It can be set by {@code TenantConfigResolver} providers, which\nresolve the tenant configuration dynamically.
io.quarkus.oidc.OidcTenantConfig.tenantPaths=The paths which must be secured by this tenant. Tenant with the most specific path wins.\nPlease see the xref\:security-openid-connect-multitenancy.adoc\#configuration-based-tenant-resolver[Resolve with\nconfiguration]\nsection of the OIDC multitenancy guide for explanation of allowed path patterns.\n\n@asciidoclet
io.quarkus.oidc.OidcTenantConfig.token=Configuration how to validate the token claims.
io.quarkus.oidc.OidcTenantConfig.tokenStateManager=Default token state manager configuration
io.quarkus.oidc.OidcTenantConfig.userInfoPath=The relative path or absolute URL of the OIDC UserInfo endpoint.\nYou must set this property for `web-app` applications if OIDC discovery is disabled\nand the `authentication.user-info-required` property is enabled.\nThis property is ignored if OIDC discovery is enabled.