Package org.apache.solr.security.jwt
Class JWTIssuerConfig
- java.lang.Object
-
- org.apache.solr.security.jwt.JWTIssuerConfig
-
public class JWTIssuerConfig extends Object
Holds information about an IdP (issuer), such as issuer ID, JWK url(s), keys etc
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
JWTIssuerConfig.HttpsJwksFactory
static class
JWTIssuerConfig.WellKnownDiscoveryConfig
Config object for a OpenId Connect well-known config.
-
Field Summary
Fields Modifier and Type Field Description static boolean
ALLOW_OUTBOUND_HTTP
static String
ALLOW_OUTBOUND_HTTP_ERR_MSG
-
Constructor Summary
Constructors Constructor Description JWTIssuerConfig(String name)
Create config for further configuration with setters, builder style.JWTIssuerConfig(Map<String,Object> configMap)
Initialize issuer config from a generic configuration map
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description Map<String,Object>
asConfig()
static void
checkAllowOutboundHttpConnections(String parameterName, URL url)
String
getAud()
String
getAuthorizationEndpoint()
String
getClientId()
List<org.jose4j.jwk.HttpsJwks>
getHttpsJwks()
String
getIss()
org.jose4j.jwk.JsonWebKeySet
getJsonWebKeySet()
List<String>
getJwksUrls()
String
getName()
Collection<X509Certificate>
getTrustedCerts()
JWTIssuerConfig.WellKnownDiscoveryConfig
getWellKnownDiscoveryConfig()
String
getWellKnownUrl()
void
init()
Call this to validate and initialize an object which is populated with setters.boolean
isValid()
Validates that this config has a name and either jwksUrl, wellkKownUrl or jwkprotected void
parseConfigMap(Map<String,Object> configMap)
Parses configuration for one IssuerConfig and sets all variables foundprotected static org.jose4j.jwk.JsonWebKeySet
parseJwkSet(Map<String,Object> jwkObj)
JWTIssuerConfig
setAud(String aud)
JWTIssuerConfig
setAuthorizationEndpoint(String authorizationEndpoint)
JWTIssuerConfig
setClientId(String clientId)
static void
setHttpsJwksFactory(JWTIssuerConfig.HttpsJwksFactory httpsJwksFactory)
Set the factory to use when creating HttpsJwks objectsJWTIssuerConfig
setIss(String iss)
protected void
setJsonWebKeySet(Object jwksObject)
Setter that takes a jwk config object, parses it into aJsonWebKeySet
and sets itJWTIssuerConfig
setJsonWebKeySet(org.jose4j.jwk.JsonWebKeySet jsonWebKeySet)
JWTIssuerConfig
setJwksUrl(Object jwksUrlListOrString)
Setter that converts from String or List into a listJWTIssuerConfig
setJwksUrl(List<String> jwksUrl)
JWTIssuerConfig
setName(String name)
void
setTrustedCerts(Collection<X509Certificate> trustedCerts)
JWTIssuerConfig
setWellKnownUrl(String wellKnownUrl)
boolean
usesHttpsJwk()
Check if the issuer is backed by HttpsJwk url(s)
-
-
-
Field Detail
-
ALLOW_OUTBOUND_HTTP
public static boolean ALLOW_OUTBOUND_HTTP
-
ALLOW_OUTBOUND_HTTP_ERR_MSG
public static final String ALLOW_OUTBOUND_HTTP_ERR_MSG
- See Also:
- Constant Field Values
-
-
Method Detail
-
init
public void init()
Call this to validate and initialize an object which is populated with setters. Init will fetch wellKnownUrl if relevant- Throws:
SolrException
- if issuer is missing
-
parseConfigMap
protected void parseConfigMap(Map<String,Object> configMap)
Parses configuration for one IssuerConfig and sets all variables found- Throws:
SolrException
- if unknown parameter names found in config
-
setJsonWebKeySet
protected void setJsonWebKeySet(Object jwksObject)
Setter that takes a jwk config object, parses it into aJsonWebKeySet
and sets it- Parameters:
jwksObject
- the config object to parse
-
parseJwkSet
protected static org.jose4j.jwk.JsonWebKeySet parseJwkSet(Map<String,Object> jwkObj) throws org.jose4j.lang.JoseException
- Throws:
org.jose4j.lang.JoseException
-
getIss
public String getIss()
-
setIss
public JWTIssuerConfig setIss(String iss)
-
getName
public String getName()
-
setName
public JWTIssuerConfig setName(String name)
-
getWellKnownUrl
public String getWellKnownUrl()
-
setWellKnownUrl
public JWTIssuerConfig setWellKnownUrl(String wellKnownUrl)
-
setJwksUrl
public JWTIssuerConfig setJwksUrl(List<String> jwksUrl)
-
setJwksUrl
public JWTIssuerConfig setJwksUrl(Object jwksUrlListOrString)
Setter that converts from String or List into a list- Parameters:
jwksUrlListOrString
- object that should be either string or list- Returns:
- this for builder pattern
- Throws:
SolrException
- if wrong type
-
getHttpsJwks
public List<org.jose4j.jwk.HttpsJwks> getHttpsJwks()
-
setHttpsJwksFactory
public static void setHttpsJwksFactory(JWTIssuerConfig.HttpsJwksFactory httpsJwksFactory)
Set the factory to use when creating HttpsJwks objects- Parameters:
httpsJwksFactory
- factory with custom settings
-
getJsonWebKeySet
public org.jose4j.jwk.JsonWebKeySet getJsonWebKeySet()
-
setJsonWebKeySet
public JWTIssuerConfig setJsonWebKeySet(org.jose4j.jwk.JsonWebKeySet jsonWebKeySet)
-
usesHttpsJwk
public boolean usesHttpsJwk()
Check if the issuer is backed by HttpsJwk url(s)- Returns:
- true if keys are fetched over https
-
getWellKnownDiscoveryConfig
public JWTIssuerConfig.WellKnownDiscoveryConfig getWellKnownDiscoveryConfig()
-
getAud
public String getAud()
-
setAud
public JWTIssuerConfig setAud(String aud)
-
getClientId
public String getClientId()
-
setClientId
public JWTIssuerConfig setClientId(String clientId)
-
getAuthorizationEndpoint
public String getAuthorizationEndpoint()
-
setAuthorizationEndpoint
public JWTIssuerConfig setAuthorizationEndpoint(String authorizationEndpoint)
-
isValid
public boolean isValid()
Validates that this config has a name and either jwksUrl, wellkKownUrl or jwk- Returns:
- true if a configuration is found and is valid, otherwise false
- Throws:
SolrException
- if configuration is present but wrong
-
setTrustedCerts
public void setTrustedCerts(Collection<X509Certificate> trustedCerts)
-
getTrustedCerts
public Collection<X509Certificate> getTrustedCerts()
-
-