Package org.apache.syncope.common.rest.api.service

Interface OIDCC4UIService

All Superinterfaces:

JAXRSService

All Known Implementing Classes:

OIDCC4UIServiceImpl

@Path("oidcc4ui/clients")
public interface OIDCC4UIService
extends JAXRSService

REST operations for OpenID Connect Clients.

Field Summary

Fields inherited from interface org.apache.syncope.common.rest.api.service.JAXRSService

CRLF, DOUBLE_DASH, PARAM_ANYTYPE_KIND, PARAM_ANYTYPEKEY, PARAM_CONNID_PAGED_RESULTS_COOKIE, PARAM_DETAILS, PARAM_ENTITY_KEY, PARAM_FIQL, PARAM_KEYWORD, PARAM_MAX, PARAM_NOTIFICATION, PARAM_ORDERBY, PARAM_PAGE, PARAM_REALM, PARAM_RECURSIVE, PARAM_RESOURCE, PARAM_SIZE, PARAM_USER

Method Summary

Modifier and Type	Method	Description
void	backChannelLogout(String logoutToken, String redirectURI)	Removes the JWT matching the provided OIDC logout token.
OIDCRequest	createLoginRequest(String redirectURI, String op, boolean reauth)	Generates OpenID Connect authentication request for the Provider matching the provided op.
OIDCRequest	createLogoutRequest(String redirectURI)	Returns the endSession endpoint for the OP matching the requesting access token.
OIDCLoginResponse	login(String redirectURI, String authorizationCode, String op)	Uses the provided authorization code to go through the OpenID Connect tokens process and finally creates JWT for the matching user, if found.

Method Details

createLoginRequest

@POST
@Path("loginRequest")
@Produces({"application/json","application/yaml","application/xml"})
OIDCRequest createLoginRequest(@QueryParam("redirect_uri")
 String redirectURI,
 @QueryParam("op")
 String op,
 @DefaultValue("false") @QueryParam("reauth")
 boolean reauth)

Generates OpenID Connect authentication request for the Provider matching the provided op.

Parameters:

redirectURI - redirect URI

op - OpenID Connect Provider

reauth - whether max_age=0 and prompt=login shall be set on the request

Returns:

OpenID Connect authentication request

login

@POST
@Path("login")
@Produces({"application/json","application/yaml","application/xml"})
OIDCLoginResponse login(@QueryParam("redirect_uri")
 String redirectURI,
 @QueryParam("authorizationCode")
 String authorizationCode,
 @QueryParam("op")
 String op)

Uses the provided authorization code to go through the OpenID Connect tokens process and finally creates JWT for the matching user, if found.

Parameters:

redirectURI - redirect URI

authorizationCode - authorization code generated by the remote OpenID Connect Provider

op - OpenID Connect Provider

Returns:

JWT for the matching user plus attributes returned in the response

createLogoutRequest

@POST
@Path("logout")
@Produces({"application/json","application/yaml","application/xml"})
OIDCRequest createLogoutRequest(@QueryParam("redirect_uri")
 String redirectURI)

Returns the endSession endpoint for the OP matching the requesting access token.

Parameters:

redirectURI - redirect URI

Returns:

endSession endpoint for the OP matching the requesting access token

backChannelLogout

@POST
@Path("backChannelLogout")
@Produces({"application/json","application/yaml","application/xml"})
void backChannelLogout(@QueryParam("logout_token")
 String logoutToken,
 @QueryParam("redirect_uri")
 String redirectURI)

Removes the JWT matching the provided OIDC logout token.

Parameters:

logoutToken - logout token

redirectURI - redirect URI