Package com.authlete.jaxrs

Class BaseConfigurationEndpoint

  • public class BaseConfigurationEndpoint
extends BaseEndpoint
    A base class for OpenID Provider configuration endpoints.

    An OpenID Provider that supports OpenID Connect Discovery 1.0 must provide an endpoint that returns its configuration information in a JSON format. Details about the format are described in "3. OpenID Provider Metadata" in OpenID Connect Discovery 1.0.

    Note that the URI of an OpenID Provider configuration endpoint is defined in "4.1. OpenID Provider Configuration Request" in OpenID Connect Discovery 1.0. In short, the URI must be:

    Issuer Identifier + /.well-known/openid-configuration

    Issuer Identifier is a URL to identify an OpenID Provider. For example, https://example.com. For details about Issuer Identifier, See issuer in "3. OpenID Provider Metadata" (OpenID Connect Discovery 1.0) and iss in "2. ID Token" (OpenID Connect Core 1.0).

    You can change the Issuer Identifier of your service using the management console (Service Owner Console). Note that the default value of Issuer Identifier is not appropriate for commercial use, so you should change it.

    Since:
    1.1
    Author:
    Takahiko Kawasaki
    See Also:
    OpenID Connect Discovery 1.0

    • Constructor Detail

      • BaseConfigurationEndpoint

        public BaseConfigurationEndpoint()

    • Method Detail

      • handle

        public javax.ws.rs.core.Response handle​(com.authlete.common.api.AuthleteApi api)
        Handle a request for OpenID Provider configuration.

        This method internally creates a ConfigurationRequestHandler instance and calls its ConfigurationRequestHandler.handle() method. Then, this method uses the value returned from the handle() method as a response from this method.

        When ConfigurationRequestHandler.handle() method raises a WebApplicationException, this method calls onError() method with the exception. The default implementation of onError() does nothing. You can override the method as necessary. After calling onError() method, this method calls getResponse() method of the exception and uses the returned value as a response from this method.

        Parameters:
        api - An implementation of AuthleteApi.
        Returns:
        A response that should be returned to the client application.

      • handle

        public javax.ws.rs.core.Response handle​(com.authlete.common.api.AuthleteApi api,
                                        com.authlete.common.dto.ServiceConfigurationRequest request)
        Handle a request for OpenID Provider configuration.

        This method internally creates a ConfigurationRequestHandler instance and calls its handle(ServiceConfigurationRequest) method. Then, this method uses the value returned from the method as a response from this method.

        When handler's method raises a WebApplicationException, this method calls onError() method with the exception. The default implementation of onError() does nothing. You can override the method as necessary. After calling onError() method, this method calls getResponse() method of the exception and uses the returned value as a response from this method.

        Parameters:
        api - An implementation of AuthleteApi.
        request - Request parameters for Authlete's /service/configuration API.
        Returns:
        A response that should be returned from the discovery endpoint.
        Since:
        2.50