Package jakarta.security.enterprise.authentication.mechanism.http.openid

Annotation Interface LogoutDefinition

@Retention(RUNTIME) public @interface LogoutDefinition
LogoutDefinition annotation defines logout and RP session management configuration in openid connect client.

Expressions in attributes of type String are evaluated.

Author:
jGauravGupta

  • Element Details

    • notifyProvider

      boolean notifyProvider
      Optional. Notify the OIDC provider (OP) that the user has logged out of the application and might want to log out of the OP as well. If true then after having logged out the user from RP, redirects the End-User's User Agent to the OP's logout endpoint URL. This URL is normally obtained via the end_session_endpoint element of the OP's metadata or can be customized via OpenIdProviderMetadata#endSessionEndpoint.
      Returns:
      true when OIDC provider is notified of logout.
      Default:
      false

    • notifyProviderExpression

      String notifyProviderExpression
      Optional. Allows the OIDC provider (OP) notification that the user has logged using the Jakarta Expression Language expression. If set, overrides the value set by notifyProvider.
      Default:
      ""

    • redirectURI

      String redirectURI
      Optional. The post logout redirect URI to which the RP is requesting that the End-User's User Agent be redirected after a logout has been performed. If redirect URI is empty then redirect to OpenID connect provider authorization_endpoint for re-authentication. *
      Returns:
      URL after logout is performed on the client.
      Default:
      ""

    • accessTokenExpiry

      boolean accessTokenExpiry
      Session timeout on the expiry of Access Token.
      Returns:
      Default:
      false

    • accessTokenExpiryExpression

      String accessTokenExpiryExpression
      Allow the session timeout definition using a Jakarta Expression Language expression. If set, overrides the value defined with accessTokenExpiry.
      Returns:
      Default:
      ""

    • identityTokenExpiry

      boolean identityTokenExpiry
      Session timeout on the expiry of Identity Token.
      Returns:
      Default:
      false

    • identityTokenExpiryExpression

      String identityTokenExpiryExpression
      Allow the session timeout using the Jakarta Expression Language expression. If set, overrides the identityTokenExpiry value.
      Returns:
      Default:
      ""