Package io.quarkus.oidc.token.propagation.runtime

Class OidcTokenPropagationConfig

  • @ConfigRoot(name="oidc-token-propagation",
            phase=BUILD_AND_RUN_TIME_FIXED)
public class OidcTokenPropagationConfig
extends Object

    • Field Summary

      Fields 
      Modifier and Type Field Description
      Optional<String> clientName
      Name of the configured OidcClient.
      boolean exchangeToken
      Exchange the current token with OpenId Connect Provider for a new token using either "urn:ietf:params:oauth:grant-type:token-exchange" or "urn:ietf:params:oauth:grant-type:jwt-bearer" token grant before propagating it.
      boolean jsonWebToken
      Enable JsonWebTokenRequestFilter instead of AccessTokenRequestFilter for all the injected MP RestClient implementations.
      boolean registerFilter
      Enable either AccessTokenRequestFilter or JsonWebTokenRequestFilter for all the injected MP RestClient implementations.
      boolean secureJsonWebToken
      Secure the injected and possibly modified JsonWebToken.

    • Field Detail

      • registerFilter

        @ConfigItem(defaultValue="false")
public boolean registerFilter
        Enable either AccessTokenRequestFilter or JsonWebTokenRequestFilter for all the injected MP RestClient implementations. AccessTokenRequestFilter can propagate both opaque (binary) and JsonWebToken tokens but it can not modify and secure the updated JsonWebToken tokens. JsonWebTokenRequestFilter can only propagate JsonWebToken tokens but it can also modify and secure them again. Enable the 'jsonWebToken' property to have JsonWebTokenRequestFilter registered. Alternatively, instead of using this property for registering these filters with all the injected MP RestClient implementations, both filters can be registered as MP RestClient providers with the specific MP RestClient implementations.

      • jsonWebToken

        @ConfigItem(defaultValue="false")
public boolean jsonWebToken
        Enable JsonWebTokenRequestFilter instead of AccessTokenRequestFilter for all the injected MP RestClient implementations. This filter can propagate as well as modify and secure the updated JsonWebToken tokens. Note this property is ignored unless the 'registerFilter' property is enabled.

      • secureJsonWebToken

        @ConfigItem(defaultValue="false")
public boolean secureJsonWebToken
        Secure the injected and possibly modified JsonWebToken. For example, a JsonWebToken produced and signed by OpenId Connect provider can be re-signed using a new private key. Note this property is injected into JsonWebTokenRequestFilter.

      • exchangeToken

        @ConfigItem(defaultValue="false")
public boolean exchangeToken
        Exchange the current token with OpenId Connect Provider for a new token using either "urn:ietf:params:oauth:grant-type:token-exchange" or "urn:ietf:params:oauth:grant-type:jwt-bearer" token grant before propagating it. Note this property is injected into AccessTokenRequestFilter.

      • clientName

        @ConfigItem
public Optional<String> clientName
        Name of the configured OidcClient. Note this property is injected into AccessTokenRequestFilter and is only used if the `exchangeToken` property is enabled.

    • Constructor Detail

      • OidcTokenPropagationConfig

        public OidcTokenPropagationConfig()