Record Class OidcConfig
java.lang.Object
java.lang.Record
cloud.opencode.base.oauth2.oidc.OidcConfig
public record OidcConfig(String issuer, String jwksUri, String userInfoEndpoint, boolean validateIdToken, boolean validateNonce, boolean validateAudience, boolean validateExpiration, Duration clockSkew, Set<String> requiredClaims, Set<String> requestedClaims)
extends Record
OpenID Connect Configuration
OpenID Connect 配置
Configuration for OIDC-specific features.
OIDC 特定功能的配置。
Features | 主要功能:
- OIDC discovery support - OIDC 发现支持
- ID token validation settings - ID Token 验证设置
- Nonce support - Nonce 支持
- Claims configuration - 声明配置
Usage Examples | 使用示例:
// Create OIDC config
OidcConfig config = OidcConfig.builder()
.issuer("https://accounts.google.com")
.jwksUri("https://www.googleapis.com/oauth2/v3/certs")
.validateIdToken(true)
.clockSkew(Duration.ofMinutes(5))
.build();
// Use with OidcClient
OidcClient client = OidcClient.builder()
.oauth2Client(oauth2Client)
.oidcConfig(config)
.build();
Thread Safety | 线程安全:
This record is immutable and thread-safe.
此记录是不可变的,线程安全。
- Since:
- JDK 25, opencode-base-oauth2 V1.0.0
- Author:
- Leon Soo www.LeonSoo.com
- See Also:
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic classOidcConfig Builder OidcConfig 构建器 -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic OidcConfig.Builderbuilder()Create a new builder 创建新的构建器booleanCheck if issuer validation is possible 检查是否可以进行发行者验证booleanCheck if signature validation is possible 检查是否可以进行签名验证Returns the value of theclockSkewrecord component.static OidcConfigdefaults()Create default OIDC config 创建默认 OIDC 配置final booleanIndicates whether some other object is "equal to" this one.final inthashCode()Returns a hash code value for this object.issuer()Returns the value of theissuerrecord component.jwksUri()Returns the value of thejwksUrirecord component.Returns the value of therequestedClaimsrecord component.Returns the value of therequiredClaimsrecord component.static OidcConfigCreate strict OIDC config with all validations enabled 创建启用所有验证的严格 OIDC 配置final StringtoString()Returns a string representation of this record class.Returns the value of theuserInfoEndpointrecord component.booleanReturns the value of thevalidateAudiencerecord component.booleanReturns the value of thevalidateExpirationrecord component.booleanReturns the value of thevalidateIdTokenrecord component.booleanReturns the value of thevalidateNoncerecord component.
-
Constructor Details
-
OidcConfig
-
-
Method Details
-
canValidateSignature
public boolean canValidateSignature()Check if signature validation is possible 检查是否可以进行签名验证- Returns:
- true if JWKS URI is configured | 如果配置了 JWKS URI 返回 true
-
canValidateIssuer
public boolean canValidateIssuer()Check if issuer validation is possible 检查是否可以进行发行者验证- Returns:
- true if issuer is configured | 如果配置了发行者返回 true
-
builder
-
defaults
Create default OIDC config 创建默认 OIDC 配置- Returns:
- the default config | 默认配置
-
strict
Create strict OIDC config with all validations enabled 创建启用所有验证的严格 OIDC 配置- Parameters:
issuer- the expected issuer | 预期的发行者jwksUri- the JWKS URI | JWKS URI- Returns:
- the strict config | 严格配置
-
toString
-
hashCode
-
equals
Indicates whether some other object is "equal to" this one. The objects are equal if the other object is of the same class and if all the record components are equal. Reference components are compared withObjects::equals(Object,Object); primitive components are compared with thecomparemethod from their corresponding wrapper classes. -
issuer
Returns the value of theissuerrecord component.- Returns:
- the value of the
issuerrecord component
-
jwksUri
Returns the value of thejwksUrirecord component.- Returns:
- the value of the
jwksUrirecord component
-
userInfoEndpoint
Returns the value of theuserInfoEndpointrecord component.- Returns:
- the value of the
userInfoEndpointrecord component
-
validateIdToken
public boolean validateIdToken()Returns the value of thevalidateIdTokenrecord component.- Returns:
- the value of the
validateIdTokenrecord component
-
validateNonce
public boolean validateNonce()Returns the value of thevalidateNoncerecord component.- Returns:
- the value of the
validateNoncerecord component
-
validateAudience
public boolean validateAudience()Returns the value of thevalidateAudiencerecord component.- Returns:
- the value of the
validateAudiencerecord component
-
validateExpiration
public boolean validateExpiration()Returns the value of thevalidateExpirationrecord component.- Returns:
- the value of the
validateExpirationrecord component
-
clockSkew
Returns the value of theclockSkewrecord component.- Returns:
- the value of the
clockSkewrecord component
-
requiredClaims
-
requestedClaims
-