Package org.springframework.security.oauth2.client.oidc.authentication

Class OidcIdTokenDecoderFactory

  • All Implemented Interfaces:
    org.springframework.security.oauth2.jwt.JwtDecoderFactory<ClientRegistration>
    public final class OidcIdTokenDecoderFactory
extends java.lang.Object
implements org.springframework.security.oauth2.jwt.JwtDecoderFactory<ClientRegistration>
    A factory that provides a JwtDecoder used for OidcIdToken signature verification. The provided JwtDecoder is associated to a specific ClientRegistration.
    Since:
    5.2
    See Also:
    JwtDecoderFactory, ClientRegistration, OidcIdToken

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      org.springframework.security.oauth2.jwt.JwtDecoder createDecoder​(ClientRegistration clientRegistration)  
      static java.util.Map<java.lang.String,​org.springframework.core.convert.converter.Converter<java.lang.Object,​?>> createDefaultClaimTypeConverters()
      Returns the default Converter's used for type conversion of claim values for an OidcIdToken.
      void setClaimTypeConverterFactory​(java.util.function.Function<ClientRegistration,​org.springframework.core.convert.converter.Converter<java.util.Map<java.lang.String,​java.lang.Object>,​java.util.Map<java.lang.String,​java.lang.Object>>> claimTypeConverterFactory)
      Sets the factory that provides a Converter used for type conversion of claim values for an OidcIdToken.
      void setJwsAlgorithmResolver​(java.util.function.Function<ClientRegistration,​org.springframework.security.oauth2.jose.jws.JwsAlgorithm> jwsAlgorithmResolver)
      Sets the resolver that provides the expected JWS algorithm used for the signature or MAC on the ID Token.
      void setJwtValidatorFactory​(java.util.function.Function<ClientRegistration,​org.springframework.security.oauth2.core.OAuth2TokenValidator<org.springframework.security.oauth2.jwt.Jwt>> jwtValidatorFactory)
      Sets the factory that provides an OAuth2TokenValidator, which is used by the JwtDecoder.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • OidcIdTokenDecoderFactory

        public OidcIdTokenDecoderFactory()

    • Method Detail

      • createDefaultClaimTypeConverters

        public static java.util.Map<java.lang.String,​org.springframework.core.convert.converter.Converter<java.lang.Object,​?>> createDefaultClaimTypeConverters()
        Returns the default Converter's used for type conversion of claim values for an OidcIdToken.
        Returns:
        a Map of Converter's keyed by claim name

      • createDecoder

        public org.springframework.security.oauth2.jwt.JwtDecoder createDecoder​(ClientRegistration clientRegistration)
        Specified by:
        createDecoder in interface org.springframework.security.oauth2.jwt.JwtDecoderFactory<ClientRegistration>

      • setJwtValidatorFactory

        public void setJwtValidatorFactory​(java.util.function.Function<ClientRegistration,​org.springframework.security.oauth2.core.OAuth2TokenValidator<org.springframework.security.oauth2.jwt.Jwt>> jwtValidatorFactory)
        Sets the factory that provides an OAuth2TokenValidator, which is used by the JwtDecoder. The default composes JwtTimestampValidator and OidcIdTokenValidator.
        Parameters:
        jwtValidatorFactory - the factory that provides an OAuth2TokenValidator

      • setJwsAlgorithmResolver

        public void setJwsAlgorithmResolver​(java.util.function.Function<ClientRegistration,​org.springframework.security.oauth2.jose.jws.JwsAlgorithm> jwsAlgorithmResolver)
        Sets the resolver that provides the expected JWS algorithm used for the signature or MAC on the ID Token. The default resolves to RS256 for all clients.
        Parameters:
        jwsAlgorithmResolver - the resolver that provides the expected JWS algorithm for a specific client

      • setClaimTypeConverterFactory

        public void setClaimTypeConverterFactory​(java.util.function.Function<ClientRegistration,​org.springframework.core.convert.converter.Converter<java.util.Map<java.lang.String,​java.lang.Object>,​java.util.Map<java.lang.String,​java.lang.Object>>> claimTypeConverterFactory)
        Sets the factory that provides a Converter used for type conversion of claim values for an OidcIdToken. The default is ClaimTypeConverter for all clients.
        Parameters:
        claimTypeConverterFactory - the factory that provides a Converter used for type conversion of claim values for a specific client