Record Class OidcConfig

java.lang.Object
java.lang.Record
cloud.opencode.base.oauth2.oidc.OidcConfig

public record OidcConfig(String issuer, String jwksUri, String userInfoEndpoint, boolean validateIdToken, boolean validateNonce, boolean validateAudience, boolean validateExpiration, Duration clockSkew, Set<String> requiredClaims, Set<String> requestedClaims) extends Record
OpenID Connect Configuration OpenID Connect 配置

Configuration for OIDC-specific features.

OIDC 特定功能的配置。

Features | 主要功能:

  • OIDC discovery support - OIDC 发现支持
  • ID token validation settings - ID Token 验证设置
  • Nonce support - Nonce 支持
  • Claims configuration - 声明配置

Usage Examples | 使用示例:

// Create OIDC config
OidcConfig config = OidcConfig.builder()
    .issuer("https://accounts.google.com")
    .jwksUri("https://www.googleapis.com/oauth2/v3/certs")
    .validateIdToken(true)
    .clockSkew(Duration.ofMinutes(5))
    .build();

// Use with OidcClient
OidcClient client = OidcClient.builder()
    .oauth2Client(oauth2Client)
    .oidcConfig(config)
    .build();

Thread Safety | 线程安全:

This record is immutable and thread-safe.

此记录是不可变的,线程安全。

Since:
JDK 25, opencode-base-oauth2 V1.0.0
Author:
Leon Soo www.LeonSoo.com
See Also:
  • Nested Class Summary

    Nested Classes
    Modifier and Type
    Class
    Description
    static class 
    OidcConfig Builder OidcConfig 构建器
  • Constructor Summary

    Constructors
    Constructor
    Description
    OidcConfig(String issuer, String jwksUri, String userInfoEndpoint, boolean validateIdToken, boolean validateNonce, boolean validateAudience, boolean validateExpiration, Duration clockSkew, Set<String> requiredClaims, Set<String> requestedClaims)
    Compact constructor 紧凑构造器
  • Method Summary

    Modifier and Type
    Method
    Description
    Create a new builder 创建新的构建器
    boolean
    Check if issuer validation is possible 检查是否可以进行发行者验证
    boolean
    Check if signature validation is possible 检查是否可以进行签名验证
    Returns the value of the clockSkew record component.
    static OidcConfig
    Create default OIDC config 创建默认 OIDC 配置
    final boolean
    Indicates whether some other object is "equal to" this one.
    final int
    Returns a hash code value for this object.
    Returns the value of the issuer record component.
    Returns the value of the jwksUri record component.
    Returns the value of the requestedClaims record component.
    Returns the value of the requiredClaims record component.
    static OidcConfig
    strict(String issuer, String jwksUri)
    Create strict OIDC config with all validations enabled 创建启用所有验证的严格 OIDC 配置
    final String
    Returns a string representation of this record class.
    Returns the value of the userInfoEndpoint record component.
    boolean
    Returns the value of the validateAudience record component.
    boolean
    Returns the value of the validateExpiration record component.
    boolean
    Returns the value of the validateIdToken record component.
    boolean
    Returns the value of the validateNonce record component.

    Methods inherited from class Object

    clone, finalize, getClass, notify, notifyAll, wait, wait, wait
  • Constructor Details

    • OidcConfig

      public OidcConfig(String issuer, String jwksUri, String userInfoEndpoint, boolean validateIdToken, boolean validateNonce, boolean validateAudience, boolean validateExpiration, Duration clockSkew, Set<String> requiredClaims, Set<String> requestedClaims)
      Compact constructor 紧凑构造器
  • Method Details

    • canValidateSignature

      public boolean canValidateSignature()
      Check if signature validation is possible 检查是否可以进行签名验证
      Returns:
      true if JWKS URI is configured | 如果配置了 JWKS URI 返回 true
    • canValidateIssuer

      public boolean canValidateIssuer()
      Check if issuer validation is possible 检查是否可以进行发行者验证
      Returns:
      true if issuer is configured | 如果配置了发行者返回 true
    • builder

      public static OidcConfig.Builder builder()
      Create a new builder 创建新的构建器
      Returns:
      the builder | 构建器
    • defaults

      public static OidcConfig defaults()
      Create default OIDC config 创建默认 OIDC 配置
      Returns:
      the default config | 默认配置
    • strict

      public static OidcConfig strict(String issuer, String jwksUri)
      Create strict OIDC config with all validations enabled 创建启用所有验证的严格 OIDC 配置
      Parameters:
      issuer - the expected issuer | 预期的发行者
      jwksUri - the JWKS URI | JWKS URI
      Returns:
      the strict config | 严格配置
    • toString

      public final String toString()
      Returns a string representation of this record class. The representation contains the name of the class, followed by the name and value of each of the record components.
      Specified by:
      toString in class Record
      Returns:
      a string representation of this object
    • hashCode

      public final int hashCode()
      Returns a hash code value for this object. The value is derived from the hash code of each of the record components.
      Specified by:
      hashCode in class Record
      Returns:
      a hash code value for this object
    • equals

      public final boolean equals(Object o)
      Indicates whether some other object is "equal to" this one. The objects are equal if the other object is of the same class and if all the record components are equal. Reference components are compared with Objects::equals(Object,Object); primitive components are compared with the compare method from their corresponding wrapper classes.
      Specified by:
      equals in class Record
      Parameters:
      o - the object with which to compare
      Returns:
      true if this object is the same as the o argument; false otherwise.
    • issuer

      public String issuer()
      Returns the value of the issuer record component.
      Returns:
      the value of the issuer record component
    • jwksUri

      public String jwksUri()
      Returns the value of the jwksUri record component.
      Returns:
      the value of the jwksUri record component
    • userInfoEndpoint

      public String userInfoEndpoint()
      Returns the value of the userInfoEndpoint record component.
      Returns:
      the value of the userInfoEndpoint record component
    • validateIdToken

      public boolean validateIdToken()
      Returns the value of the validateIdToken record component.
      Returns:
      the value of the validateIdToken record component
    • validateNonce

      public boolean validateNonce()
      Returns the value of the validateNonce record component.
      Returns:
      the value of the validateNonce record component
    • validateAudience

      public boolean validateAudience()
      Returns the value of the validateAudience record component.
      Returns:
      the value of the validateAudience record component
    • validateExpiration

      public boolean validateExpiration()
      Returns the value of the validateExpiration record component.
      Returns:
      the value of the validateExpiration record component
    • clockSkew

      public Duration clockSkew()
      Returns the value of the clockSkew record component.
      Returns:
      the value of the clockSkew record component
    • requiredClaims

      public Set<String> requiredClaims()
      Returns the value of the requiredClaims record component.
      Returns:
      the value of the requiredClaims record component
    • requestedClaims

      public Set<String> requestedClaims()
      Returns the value of the requestedClaims record component.
      Returns:
      the value of the requestedClaims record component