Package org.apache.solr.security.jwt

Class JWTIssuerConfig

  • public class JWTIssuerConfig
extends Object
    Holds information about an IdP (issuer), such as issuer ID, JWK url(s), keys etc

    • Field Detail

      • ALLOW_OUTBOUND_HTTP

        public static boolean ALLOW_OUTBOUND_HTTP

    • Constructor Detail

      • JWTIssuerConfig

        public JWTIssuerConfig​(String name)
        Create config for further configuration with setters, builder style. Once all values are set, call init() before further use
        Parameters:
        name - a unique name for this issuer

      • JWTIssuerConfig

        public JWTIssuerConfig​(Map<String,​Object> configMap)
        Initialize issuer config from a generic configuration map
        Parameters:
        configMap - map of configuration keys anv values

    • Method Detail

      • init

        public void init()
        Call this to validate and initialize an object which is populated with setters. Init will fetch wellKnownUrl if relevant
        Throws:
        org.apache.solr.common.SolrException - if issuer is missing

      • parseConfigMap

        protected void parseConfigMap​(Map<String,​Object> configMap)
        Parses configuration for one IssuerConfig and sets all variables found
        Throws:
        org.apache.solr.common.SolrException - if unknown parameter names found in config

      • setJsonWebKeySet

        protected void setJsonWebKeySet​(Object jwksObject)
        Setter that takes a jwk config object, parses it into a JsonWebKeySet and sets it
        Parameters:
        jwksObject - the config object to parse

      • parseJwkSet

        protected static org.jose4j.jwk.JsonWebKeySet parseJwkSet​(Map<String,​Object> jwkObj)
                                                   throws org.jose4j.lang.JoseException
        Throws:
        org.jose4j.lang.JoseException

      • getIss

        public String getIss()

      • getName

        public String getName()

      • getWellKnownUrl

        public String getWellKnownUrl()

      • setJwksUrl

        public JWTIssuerConfig setJwksUrl​(Object jwksUrlListOrString)
        Setter that converts from String or List into a list
        Parameters:
        jwksUrlListOrString - object that should be either string or list
        Returns:
        this for builder pattern
        Throws:
        org.apache.solr.common.SolrException - if wrong type

      • getHttpsJwks

        public List<org.jose4j.jwk.HttpsJwks> getHttpsJwks()

      • setHttpsJwksFactory

        public static void setHttpsJwksFactory​(JWTIssuerConfig.HttpsJwksFactory httpsJwksFactory)
        Set the factory to use when creating HttpsJwks objects
        Parameters:
        httpsJwksFactory - factory with custom settings

      • getJsonWebKeySet

        public org.jose4j.jwk.JsonWebKeySet getJsonWebKeySet()

      • setJsonWebKeySet

        public JWTIssuerConfig setJsonWebKeySet​(org.jose4j.jwk.JsonWebKeySet jsonWebKeySet)

      • usesHttpsJwk

        public boolean usesHttpsJwk()
        Check if the issuer is backed by HttpsJwk url(s)
        Returns:
        true if keys are fetched over https

      • getAud

        public String getAud()

      • getClientId

        public String getClientId()

      • getAuthorizationEndpoint

        public String getAuthorizationEndpoint()

      • setAuthorizationEndpoint

        public JWTIssuerConfig setAuthorizationEndpoint​(String authorizationEndpoint)

      • getTokenEndpoint

        public String getTokenEndpoint()

      • getAuthorizationFlow

        public String getAuthorizationFlow()

      • isValid

        public boolean isValid()
        Validates that this config has a name and either jwksUrl, wellkKownUrl or jwk
        Returns:
        true if a configuration is found and is valid, otherwise false
        Throws:
        org.apache.solr.common.SolrException - if configuration is present but wrong

      • checkAllowOutboundHttpConnections

        public static void checkAllowOutboundHttpConnections​(String parameterName,
                                                     URL url)