Class OidcDiscovery
java.lang.Object
cloud.opencode.base.oauth2.discovery.OidcDiscovery
OIDC Discovery Client
OIDC 发现客户端
Fetches and caches OpenID Connect Discovery configuration documents from the well-known endpoint as defined in OIDC Discovery 1.0.
从 OIDC Discovery 1.0 定义的 well-known 端点获取和缓存 OpenID Connect 发现配置文档。
Features | 主要功能:
- Fetches /.well-known/openid-configuration - 获取 /.well-known/openid-configuration
- Thread-safe caching with ConcurrentHashMap - 使用 ConcurrentHashMap 的线程安全缓存
- Issuer validation - 颁发者验证
- Custom HTTP client support - 自定义 HTTP 客户端支持
Usage Examples | 使用示例:
// Discover OIDC configuration
DiscoveryDocument doc = OidcDiscovery.discover("https://accounts.google.com");
// With custom HTTP client
OAuth2HttpClient httpClient = new OAuth2HttpClient();
DiscoveryDocument doc = OidcDiscovery.discover("https://accounts.google.com", httpClient);
// Clear the cache
OidcDiscovery.clearCache();
Security | 安全性:
- Validates issuer in response matches expected issuer - 验证响应中的颁发者与期望颁发者匹配
- Uses HTTPS for all discovery requests - 所有发现请求使用 HTTPS
Thread Safety | 线程安全:
This class is thread-safe. The internal cache uses ConcurrentHashMap.
此类是线程安全的。内部缓存使用 ConcurrentHashMap。
- Since:
- JDK 25, opencode-base-oauth2 V1.0.3
- Author:
- Leon Soo www.LeonSoo.com
- See Also:
-
Method Summary
Modifier and TypeMethodDescriptionstatic voidClear the discovery document cache.static DiscoveryDocumentDiscover OIDC configuration from the given issuer URL using a default HTTP client.static DiscoveryDocumentdiscover(String issuerUrl, OAuth2HttpClient httpClient) Discover OIDC configuration from the given issuer URL using a custom HTTP client.
-
Method Details
-
discover
Discover OIDC configuration from the given issuer URL using a default HTTP client. 使用默认 HTTP 客户端从给定的颁发者 URL 发现 OIDC 配置。Results are cached by issuer URL. Subsequent calls with the same issuer return the cached document.
结果按颁发者 URL 缓存。使用相同颁发者的后续调用返回缓存的文档。
- Parameters:
issuerUrl- the issuer URL (e.g., "https://accounts.google.com") | 颁发者 URL- Returns:
- the discovery document | 发现文档
- Throws:
OAuth2Exception- with DISCOVERY_FAILED if the request fails | 如果请求失败则抛出 DISCOVERY_FAILEDOAuth2Exception- with DISCOVERY_INVALID_RESPONSE if the response is invalid | 如果响应无效则抛出 DISCOVERY_INVALID_RESPONSENullPointerException- if issuerUrl is null | 如果 issuerUrl 为 null
-
discover
Discover OIDC configuration from the given issuer URL using a custom HTTP client. 使用自定义 HTTP 客户端从给定的颁发者 URL 发现 OIDC 配置。Results are cached by issuer URL. Subsequent calls with the same issuer return the cached document.
结果按颁发者 URL 缓存。使用相同颁发者的后续调用返回缓存的文档。
- Parameters:
issuerUrl- the issuer URL (e.g., "https://accounts.google.com") | 颁发者 URLhttpClient- the HTTP client to use | 要使用的 HTTP 客户端- Returns:
- the discovery document | 发现文档
- Throws:
OAuth2Exception- with DISCOVERY_FAILED if the request fails | 如果请求失败则抛出 DISCOVERY_FAILEDOAuth2Exception- with DISCOVERY_INVALID_RESPONSE if the response is invalid | 如果响应无效则抛出 DISCOVERY_INVALID_RESPONSENullPointerException- if issuerUrl or httpClient is null | 如果 issuerUrl 或 httpClient 为 null
-
clearCache
public static void clearCache()Clear the discovery document cache. 清除发现文档缓存。
-