Package jakarta.security.enterprise.authentication.mechanism.http.openid

Annotation Interface OpenIdProviderMetadata

@Retention(RUNTIME) public @interface OpenIdProviderMetadata
OpenIdProviderMetadata annotation overrides the openid connect provider's endpoint value, discovered using providerUri.

Expressions in attributes of type String are evaluated.

Author:
Gaurav Gupta, Rudy De Busscher

  • Element Details

    • authorizationEndpoint Link icon

      String authorizationEndpoint
      Required. The URL for the OAuth2 provider to provide authentication. This must be a https endpoint.
      Returns:
      URL for the OAuth2 provider.
      Default:
      ""

    • tokenEndpoint Link icon

      String tokenEndpoint
      Required. The URL for the OAuth2 provider to give the authorization token
      Returns:
      URL for the OAuth2 provider.
      Default:
      ""

    • userinfoEndpoint Link icon

      String userinfoEndpoint
      Optional. An OAuth 2.0 Protected Resource that returns Claims about the authenticated End-User.
      Returns:
      URL for User Info.
      Default:
      ""

    • endSessionEndpoint Link icon

      String endSessionEndpoint
      Optional. OP endpoint to notify that the End-User has logged out of the site and might want to log out of the OP as well.
      Returns:
      URL for logging out of server session.
      Default:
      ""

    • jwksURI Link icon

      String jwksURI
      Required. An OpenId Connect Provider's JSON Web Key Set document

      This contains the signing key(s) the RP uses to validate signatures from the OP. The JWK Set may also contain the Server's encryption key(s), which are used by RPs to encrypt requests to the Server.

      Returns:
      URL pointing to the JWK Set.
      Default:
      ""

    • issuer Link icon

      String issuer
      Required. The issuer of the tokens issued by the Provider.
      Returns:
      Default:
      ""

    • subjectTypeSupported Link icon

      String subjectTypeSupported
      Required. The supported subject Types by the Provider.
      Returns:
      Default:
      "public"

    • idTokenSigningAlgorithmsSupported Link icon

      String idTokenSigningAlgorithmsSupported
      Required. The supported Signing algorithms for the ID token by provider.
      Returns:
      Default:
      "RS256"

    • responseTypeSupported Link icon

      String responseTypeSupported
      Required. The supported response types by the Provider.
      Returns:
      Default:
      "code,id_token,token id_token"