Record Class DiscoveryDocument
java.lang.Object
java.lang.Record
cloud.opencode.base.oauth2.discovery.DiscoveryDocument
public record DiscoveryDocument(String issuer, String authorizationEndpoint, String tokenEndpoint, String userinfoEndpoint, String jwksUri, String registrationEndpoint, String revocationEndpoint, String introspectionEndpoint, String deviceAuthorizationEndpoint, String parEndpoint, List<String> scopesSupported, List<String> responseTypesSupported, List<String> grantTypesSupported, List<String> tokenEndpointAuthMethodsSupported, List<String> codeChallengeMethodsSupported)
extends Record
OIDC Discovery Document
OIDC 发现文档
Immutable record representing an OpenID Connect Discovery 1.0 configuration document as defined in the OIDC Discovery specification.
表示 OpenID Connect Discovery 1.0 配置文档的不可变记录, 按照 OIDC 发现规范定义。
Features | 主要功能:
- All standard OIDC discovery fields - 所有标准 OIDC 发现字段
- Builder pattern for construction - 构建器模式用于构建
- Conversion to OAuth2Config - 转换为 OAuth2Config
- Capability query methods - 能力查询方法
Usage Examples | 使用示例:
// Build a discovery document
DiscoveryDocument doc = DiscoveryDocument.builder()
.issuer("https://accounts.example.com")
.authorizationEndpoint("https://accounts.example.com/authorize")
.tokenEndpoint("https://accounts.example.com/token")
.build();
// Check capabilities
boolean supportsPkce = doc.supportsPkce();
boolean supportsRefresh = doc.supports("refresh_token");
// Convert to OAuth2Config
OAuth2Config config = doc.toConfig("client-id", "client-secret");
Thread Safety | 线程安全:
This class is immutable and thread-safe. All list fields are unmodifiable.
此类是不可变的,线程安全。所有列表字段都是不可修改的。
- Since:
- JDK 25, opencode-base-oauth2 V1.0.3
- Author:
- Leon Soo www.LeonSoo.com
- See Also:
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic final classDiscoveryDocument Builder DiscoveryDocument 构建器 -
Constructor Summary
ConstructorsConstructorDescriptionDiscoveryDocument(String issuer, String authorizationEndpoint, String tokenEndpoint, String userinfoEndpoint, String jwksUri, String registrationEndpoint, String revocationEndpoint, String introspectionEndpoint, String deviceAuthorizationEndpoint, String parEndpoint, List<String> scopesSupported, List<String> responseTypesSupported, List<String> grantTypesSupported, List<String> tokenEndpointAuthMethodsSupported, List<String> codeChallengeMethodsSupported) Compact constructor with defensive copying and validation. -
Method Summary
Modifier and TypeMethodDescriptionReturns the value of theauthorizationEndpointrecord component.static DiscoveryDocument.Builderbuilder()Create a new builder.Returns the value of thecodeChallengeMethodsSupportedrecord component.Returns the value of thedeviceAuthorizationEndpointrecord component.final booleanIndicates whether some other object is "equal to" this one.Returns the value of thegrantTypesSupportedrecord component.final inthashCode()Returns a hash code value for this object.Returns the value of theintrospectionEndpointrecord component.issuer()Returns the value of theissuerrecord component.jwksUri()Returns the value of thejwksUrirecord component.Returns the value of theparEndpointrecord component.Returns the value of theregistrationEndpointrecord component.Returns the value of theresponseTypesSupportedrecord component.Returns the value of therevocationEndpointrecord component.Returns the value of thescopesSupportedrecord component.booleanCheck if the authorization server supports the given grant type.booleanCheck if the authorization server supports PKCE (S256 code challenge method).booleansupportsScope(String scope) Check if the authorization server supports the given scope.Convert this discovery document to an OAuth2Config using the given client credentials.Returns the value of thetokenEndpointrecord component.Returns the value of thetokenEndpointAuthMethodsSupportedrecord component.final StringtoString()Returns a string representation of this record class.Returns the value of theuserinfoEndpointrecord component.
-
Constructor Details
-
DiscoveryDocument
public DiscoveryDocument(String issuer, String authorizationEndpoint, String tokenEndpoint, String userinfoEndpoint, String jwksUri, String registrationEndpoint, String revocationEndpoint, String introspectionEndpoint, String deviceAuthorizationEndpoint, String parEndpoint, List<String> scopesSupported, List<String> responseTypesSupported, List<String> grantTypesSupported, List<String> tokenEndpointAuthMethodsSupported, List<String> codeChallengeMethodsSupported) Compact constructor with defensive copying and validation. 带防御性复制和验证的紧凑构造器。
-
-
Method Details
-
toConfig
Convert this discovery document to an OAuth2Config using the given client credentials. 使用给定的客户端凭证将此发现文档转换为 OAuth2Config。- Parameters:
clientId- the client ID | 客户端 IDclientSecret- the client secret (may be null for public clients) | 客户端密钥(公共客户端可为 null)- Returns:
- the OAuth2Config built from this discovery document | 从此发现文档构建的 OAuth2Config
- Throws:
NullPointerException- if clientId is null | 如果 clientId 为 null
-
supports
Check if the authorization server supports the given grant type. 检查授权服务器是否支持给定的授权类型。- Parameters:
grantType- the grant type to check (e.g., "authorization_code", "refresh_token") | 要检查的授权类型(例如 "authorization_code"、"refresh_token")- Returns:
- true if the grant type is supported | 如果支持该授权类型返回 true
-
supportsScope
Check if the authorization server supports the given scope. 检查授权服务器是否支持给定的权限范围。- Parameters:
scope- the scope to check (e.g., "openid", "email") | 要检查的权限范围(例如 "openid"、"email")- Returns:
- true if the scope is supported | 如果支持该权限范围返回 true
-
supportsPkce
public boolean supportsPkce()Check if the authorization server supports PKCE (S256 code challenge method). 检查授权服务器是否支持 PKCE(S256 代码挑战方法)。- Returns:
- true if PKCE with S256 is supported | 如果支持 S256 的 PKCE 返回 true
-
builder
Create a new builder. 创建新的构建器。- Returns:
- the builder | 构建器
-
toString
-
hashCode
-
equals
Indicates whether some other object is "equal to" this one. The objects are equal if the other object is of the same class and if all the record components are equal. All components in this record class are compared withObjects::equals(Object,Object). -
issuer
Returns the value of theissuerrecord component.- Returns:
- the value of the
issuerrecord component
-
authorizationEndpoint
Returns the value of theauthorizationEndpointrecord component.- Returns:
- the value of the
authorizationEndpointrecord component
-
tokenEndpoint
Returns the value of thetokenEndpointrecord component.- Returns:
- the value of the
tokenEndpointrecord component
-
userinfoEndpoint
Returns the value of theuserinfoEndpointrecord component.- Returns:
- the value of the
userinfoEndpointrecord component
-
jwksUri
Returns the value of thejwksUrirecord component.- Returns:
- the value of the
jwksUrirecord component
-
registrationEndpoint
Returns the value of theregistrationEndpointrecord component.- Returns:
- the value of the
registrationEndpointrecord component
-
revocationEndpoint
Returns the value of therevocationEndpointrecord component.- Returns:
- the value of the
revocationEndpointrecord component
-
introspectionEndpoint
Returns the value of theintrospectionEndpointrecord component.- Returns:
- the value of the
introspectionEndpointrecord component
-
deviceAuthorizationEndpoint
Returns the value of thedeviceAuthorizationEndpointrecord component.- Returns:
- the value of the
deviceAuthorizationEndpointrecord component
-
parEndpoint
Returns the value of theparEndpointrecord component.- Returns:
- the value of the
parEndpointrecord component
-
scopesSupported
-
responseTypesSupported
-
grantTypesSupported
-
tokenEndpointAuthMethodsSupported
-
codeChallengeMethodsSupported
-