org.apache.solr.security

Class JWTIssuerConfig

java.lang.Object

org.apache.solr.security.JWTIssuerConfig

public class JWTIssuerConfig
extends Object

Holds information about an IdP (issuer), such as issuer ID, JWK url(s), keys etc

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	JWTIssuerConfig.WellKnownDiscoveryConfig Config object for a OpenId Connect well-known config Typically exposed through /.well-known/openid-configuration endpoint

Constructor Summary

Constructors

Constructor and Description
JWTIssuerConfig(Map<String,Object> configMap) Initialize issuer config from a generic configuration map
JWTIssuerConfig(String name) Create config for further configuration with setters, builder style.

Method Summary

Modifier and Type	Method and Description
Map<String,Object>	asConfig()
String	getAud()
String	getAuthorizationEndpoint()
String	getClientId()
List<org.jose4j.jwk.HttpsJwks>	getHttpsJwks()
String	getIss()
org.jose4j.jwk.JsonWebKeySet	getJsonWebKeySet()
List<String>	getJwksUrls()
String	getName()
JWTIssuerConfig.WellKnownDiscoveryConfig	getWellKnownDiscoveryConfig()
String	getWellKnownUrl()
void	init() Call this to validate and initialize an object which is populated with setters.
boolean	isValid() Validates that this config has a name and either jwksUrl, wellkKownUrl or jwk
protected void	parseConfigMap(Map<String,Object> configMap) Parses configuration for one IssuerConfig and sets all variables found
protected static org.jose4j.jwk.JsonWebKeySet	parseJwkSet(Map<String,Object> jwkObj)
JWTIssuerConfig	setAud(String aud)
JWTIssuerConfig	setAuthorizationEndpoint(String authorizationEndpoint)
JWTIssuerConfig	setClientId(String clientId)
static void	setHttpsJwksFactory(org.apache.solr.security.JWTIssuerConfig.HttpsJwksFactory httpsJwksFactory) Set the factory to use when creating HttpsJwks objects
JWTIssuerConfig	setIss(String iss)
JWTIssuerConfig	setJsonWebKeySet(org.jose4j.jwk.JsonWebKeySet jsonWebKeySet)
protected void	setJsonWebKeySet(Object jwksObject) Setter that takes a jwk config object, parses it into a JsonWebKeySet and sets it
JWTIssuerConfig	setJwksUrl(List<String> jwksUrl)
JWTIssuerConfig	setJwksUrl(Object jwksUrlListOrString) Setter that converts from String or List into a list
JWTIssuerConfig	setName(String name)
JWTIssuerConfig	setWellKnownUrl(String wellKnownUrl)
boolean	usesHttpsJwk() Check if the issuer is backed by HttpsJwk url(s)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

JWTIssuerConfig

public JWTIssuerConfig(String name)

Create config for further configuration with setters, builder style. Once all values are set, call init() before further use

Parameters:

name - a unique name for this issuer

JWTIssuerConfig

public JWTIssuerConfig(Map<String,Object> configMap)

Initialize issuer config from a generic configuration map

Parameters:

configMap - map of configuration keys anv values

Method Detail

init

public void init()

Call this to validate and initialize an object which is populated with setters. Init will fetch wellKnownUrl if relevant

Throws:

SolrException - if issuer is missing

parseConfigMap

protected void parseConfigMap(Map<String,Object> configMap)

Parses configuration for one IssuerConfig and sets all variables found

Throws:

SolrException - if unknown parameter names found in config

setJsonWebKeySet

protected void setJsonWebKeySet(Object jwksObject)

Setter that takes a jwk config object, parses it into a JsonWebKeySet and sets it

Parameters:

jwksObject - the config object to parse

parseJwkSet

protected static org.jose4j.jwk.JsonWebKeySet parseJwkSet(Map<String,Object> jwkObj)
                                                   throws org.jose4j.lang.JoseException

Throws:

org.jose4j.lang.JoseException

getIss

public String getIss()

setIss

public JWTIssuerConfig setIss(String iss)

getName

public String getName()

setName

public JWTIssuerConfig setName(String name)

getWellKnownUrl

public String getWellKnownUrl()

setWellKnownUrl

public JWTIssuerConfig setWellKnownUrl(String wellKnownUrl)

getJwksUrls

public List<String> getJwksUrls()

setJwksUrl

public JWTIssuerConfig setJwksUrl(List<String> jwksUrl)

setJwksUrl

public JWTIssuerConfig setJwksUrl(Object jwksUrlListOrString)

Setter that converts from String or List into a list

Parameters:

jwksUrlListOrString - object that should be either string or list

Returns:

this for builder pattern

Throws:

SolrException - if wrong type

getHttpsJwks

public List<org.jose4j.jwk.HttpsJwks> getHttpsJwks()

setHttpsJwksFactory

public static void setHttpsJwksFactory(org.apache.solr.security.JWTIssuerConfig.HttpsJwksFactory httpsJwksFactory)

Set the factory to use when creating HttpsJwks objects

Parameters:

httpsJwksFactory - factory with custom settings

getJsonWebKeySet

public org.jose4j.jwk.JsonWebKeySet getJsonWebKeySet()

setJsonWebKeySet

public JWTIssuerConfig setJsonWebKeySet(org.jose4j.jwk.JsonWebKeySet jsonWebKeySet)

usesHttpsJwk

public boolean usesHttpsJwk()

Check if the issuer is backed by HttpsJwk url(s)

Returns:

true if keys are fetched over https

getWellKnownDiscoveryConfig

public JWTIssuerConfig.WellKnownDiscoveryConfig getWellKnownDiscoveryConfig()

getAud

public String getAud()

setAud

public JWTIssuerConfig setAud(String aud)

getClientId

public String getClientId()

setClientId

public JWTIssuerConfig setClientId(String clientId)

getAuthorizationEndpoint

public String getAuthorizationEndpoint()

setAuthorizationEndpoint

public JWTIssuerConfig setAuthorizationEndpoint(String authorizationEndpoint)

asConfig

public Map<String,Object> asConfig()

isValid

public boolean isValid()

Validates that this config has a name and either jwksUrl, wellkKownUrl or jwk

Returns:

true if a configuration is found and is valid, otherwise false

Throws:

SolrException - if configuration is present but wrong