All Downloads are FREE. Search and download functionalities are using the official Maven repository.

io.quarkus.oidc.OidcTenantConfig$TokenStateManager.jdp Maven / Gradle / Ivy

Go to download

Secure your applications with OpenID Connect Adapter and IDP such as Keycloak

There is a newer version: 3.18.0.CR1
Show newest version
io.quarkus.oidc.OidcTenantConfig.TokenStateManager.A256GCMKW=Content encryption key will be generated and encrypted using the A256GCMKW algorithm and the configured\nencryption secret.\nThe generated content encryption key will be used to encrypt the session cookie content.
io.quarkus.oidc.OidcTenantConfig.TokenStateManager.DIR=The configured key encryption secret will be used as the content encryption key to encrypt the session cookie\ncontent.\nUsing the direct encryption avoids a content encryption key generation step and\nwill make the encrypted session cookie sequence slightly shorter.\n

\nAvoid using the direct encryption if the encryption secret is less than 32 characters long. io.quarkus.oidc.OidcTenantConfig.TokenStateManager.ID_REFRESH_TOKENS=Keep ID and refresh tokens only io.quarkus.oidc.OidcTenantConfig.TokenStateManager.ID_TOKEN=Keep ID token only io.quarkus.oidc.OidcTenantConfig.TokenStateManager.KEEP_ALL_TOKENS=Keep ID, access and refresh tokens. io.quarkus.oidc.OidcTenantConfig.TokenStateManager.encryptionAlgorithm=Session cookie key encryption algorithm io.quarkus.oidc.OidcTenantConfig.TokenStateManager.encryptionRequired=Mandates that the Default TokenStateManager encrypt the session cookie that stores the tokens. io.quarkus.oidc.OidcTenantConfig.TokenStateManager.encryptionSecret=The secret used by the Default TokenStateManager to encrypt the session cookie\nstoring the tokens when {@link \#encryptionRequired} property is enabled.\n

\nIf this secret is not set, the client secret configured with\neither `quarkus.oidc.credentials.secret` or `quarkus.oidc.credentials.client-secret.value` is checked.\nFinally, `quarkus.oidc.credentials.jwt.secret` which can be used for `client_jwt_secret` authentication is\nchecked.\nThe secret is auto-generated every time an application starts if it remains uninitialized after checking all of these\nproperties.\nGenerated secret can not decrypt the session cookie encrypted before the restart, therefore a user re-authentication\nwill be required.\n

\nThe length of the secret used to encrypt the tokens should be at least 32 characters long.\nA warning is logged if the secret length is less than 16 characters. io.quarkus.oidc.OidcTenantConfig.TokenStateManager.splitTokens=Default TokenStateManager keeps all tokens (ID, access and refresh)\nreturned in the authorization code grant response in a single session cookie by default.\n\nEnable this property to minimize a session cookie size io.quarkus.oidc.OidcTenantConfig.TokenStateManager.strategy=Default TokenStateManager strategy.





© 2015 - 2025 Weber Informatics LLC | Privacy Policy