Package jakarta.security.enterprise.authentication.mechanism.http.openid

Annotation Type OpenIdProviderMetadata

  • @Retention(RUNTIME)
public @interface OpenIdProviderMetadata
    OpenIdProviderMetadata annotation overrides the openid connect provider's endpoint value, discovered using providerUri.
    Author:
    Gaurav Gupta, Rudy De Busscher

    • Element Detail

      • authorizationEndpoint

        String authorizationEndpoint
        Required. The URL for the OAuth2 provider to provide authentication. This must be a https endpoint.
        Returns:
        URL for the OAuth2 provider.
        Default:
        ""

      • tokenEndpoint

        String tokenEndpoint
        Required. The URL for the OAuth2 provider to give the authorization token
        Returns:
        URL for the OAuth2 provider.
        Default:
        ""

      • userinfoEndpoint

        String userinfoEndpoint
        Required. An OAuth 2.0 Protected Resource that returns Claims about the authenticated End-User.
        Returns:
        URL for User Info.
        Default:
        ""

      • endSessionEndpoint

        String endSessionEndpoint
        Optional. OP endpoint to notify that the End-User has logged out of the site and might want to log out of the OP as well.
        Returns:
        URL for logging out of server session.
        Default:
        ""

      • jwksURI

        String jwksURI
        Required. An OpenId Connect Provider's JSON Web Key Set document

        This contains the signing key(s) the RP uses to validate signatures from the OP. The JWK Set may also contain the Server's encryption key(s), which are used by RPs to encrypt requests to the Server.

        Returns:
        URL pointing to the JWK Set.
        Default:
        ""

      • issuer

        String issuer
        Required. The issuer of the tokens issued by the Provider.
        Returns:
        Default:
        ""

      • subjectTypeSupported

        String subjectTypeSupported
        Required. The supported subject Types by the Provider.
        Returns:
        Default:
        "public"

      • idTokenSigningAlgorithmsSupported

        String idTokenSigningAlgorithmsSupported
        Required. The supported Signing algorithms for the ID token by provider.
        Returns:
        Default:
        "RS256"

      • responseTypeSupported

        String responseTypeSupported
        Required. The supported response types by the Provider.
        Returns:
        Default:
        "code,id_token,token id_token"