Closed inabajunmr closed 1 year ago
var azIdP = AzIdP.oauth2()
.inMemoryClientStore()
.defaultClientValidator()
.inMemoryAuthorizationCodeService()
.inMemoryAccessTokenService()
.inMemoryRefreshTokenService()
.staticScopeAudienceMapper("audience.example.com")
.build();
var discovery = Discovery.minimum()
. authorization_endpoint("https://example.com/authorize")
. scopes_supported(Set.of("read"))
...;
var azIdP = AzIdP
.inMemoryClientStore()
.defaultClientValidator()
.inMemoryAuthorizationCodeService()
.inMemoryAccessTokenService()
.inMemoryRefreshTokenService()
.staticScopeAudienceMapper("audience.example.com")
.discovery(discovery)
.oauth2() // if setting is not enough, throw exception
.build();
var azIdP = AzIdP.oauth2AndOidc()
.jwkSet(jwks)
.inMemoryClientStore()
.defaultClientValidator()
.inMemoryAuthorizationCodeService()
.inMemoryAccessTokenService()
.inMemoryRefreshTokenService()
.staticScopeAudienceMapper("audience.example.com")
.build();
must to consider configuration interface
// required
public final String issuer;
// only support discovery
public final String authorizationEndpoint;
// only support discovery
public final String tokenEndpoint;
// only support discovery and OIDC
public final String jwksEndpoint;
// only support discovery and client registration
public final String clientRegistrationEndpoint;
// only support discovery and client configuration
public final String clientConfigurationEndpointPattern;
// only support discovery and userinfo endpoint
public final String userInfoEndpoint;
// always required
public final Set<String> scopesSupported;
// always required
public final Set<String> defaultScope;
// always required support default value
public final int authorizationCodeExpirationSec;
// always required support default value
public final int accessTokenExpirationSec;
// only oidc, support default value
public final int idTokenExpirationSec;
// always required support default value
public final int refreshTokenExpirationSec;
discovery has more options so
one way interface is too complicated