Skip to main content
Skip table of contents

OpenidConnectService

Name

OpenidConnectService

Class Path

io.trustbuilder.andromeda.protocols.oauth.beans.OpenidConnectService

Versions

9 10 11

Overview

The OpenidConnectService provides an abstraction for interacting with OpenID Connect (OIDC) identity providers (IdPs). It enables authorization, token exchange, user information retrieval, and claims requests for OAuth 2.0 and OIDC flows.

This service is designed for technical implementers integrating OpenID Connect authentication into their applications.

Available Functions

authorize(String idpCode, String host, String callbackURI, String state, boolean forceAuthentication): EndpointResponse

Initiates an authorization request to an OpenID Connect IdP.

  • Parameters:

    • idpCode (String): The identifier of the IdP.

    • host (String): The host to use for constructing the authorization request.

    • callbackURI (String): The callback URI where the authorization response should be sent.

    • state (String): A random state parameter to protect against CSRF attacks.

    • forceAuthentication (boolean): Whether to force authentication even if the user has an active session.

  • Returns:

    • EndpointResponse: The authorization endpoint response.

authorize(String idpCode, String host, String callbackURI, String state, boolean forceAuthentication, String authenticationContextString): EndpointResponse

Performs authorization with an additional authentication context.

  • Parameters:

    • authenticationContextString (String): The authentication context for the request.

  • Returns:

    • EndpointResponse: The authorization response.

authorize(String idpCode, String host, String callbackURI, String state, boolean forceAuthentication, OIDCClaimsRequest claimsRequest): EndpointResponse

Performs authorization with an additional OpenID Connect claims request.

  • Parameters:

    • claimsRequest (OIDCClaimsRequest): The claims request specifying additional user information to retrieve.

  • Returns:

    • EndpointResponse: The authorization response.

authorize(String idpCode, String host, String callbackURI, String state, boolean forceAuthentication, OIDCClaimsRequest claimsRequest, String authenticationContextString): EndpointResponse

Performs authorization with both an authentication context and a claims request.

  • Parameters:

    • claimsRequest (OIDCClaimsRequest): The claims request.

    • authenticationContextString (String): The authentication context.

  • Returns:

    • EndpointResponse: The authorization response.

callTokenEndpointWithCode(String idpCode, String code, String callbackURI): TokenResponseWrapper

Exchanges an authorization code for an OAuth2 access token.

  • Parameters:

    • idpCode (String): The identifier of the IdP.

    • code (String): The authorization code received from the IdP.

    • callbackURI (String): The callback URI used during authorization.

  • Returns:

    • TokenResponseWrapper: The token response containing access tokens, refresh tokens, and ID tokens.

callUserInfoEndpoint(String idpCode, String accessToken): UserInfoResponse

Retrieves user information from the IdP's user info endpoint.

  • Parameters:

    • idpCode (String): The identifier of the IdP.

    • accessToken (String): The OAuth2 access token to authenticate the request.

  • Returns:

    • UserInfoResponse: The user information response.

TokenResponseWrapper Class

Encapsulates the response from an OAuth2 token request.

Methods:

  • getErrorCode(): String – Retrieves the error code if the response is an error.

  • isError(): boolean – Returns true if the response indicates an error.

  • getErrorDescription(): String – Retrieves the error description.

  • getAccessToken(): String – Retrieves the access token.

  • getRefreshToken(): String – Retrieves the refresh token.

  • getIdToken(): JWT – Retrieves the OpenID Connect ID token.

Supporting Functions

claimsRequestBuilder(): ClaimsRequestBuilder

Creates a new ClaimsRequestBuilder instance to build claims requests.

  • Returns:

    • ClaimsRequestBuilder: A builder for OIDC claims requests.

oauthURIBuilder(String host): OauthURIBuilder

Creates an OauthURIBuilder instance for constructing OAuth request URIs.

  • Parameters:

    • host (String): The base host for OAuth operations.

  • Returns:

    • OauthURIBuilder: The OAuth URI builder.

Summary

The OpenidConnectService is responsible for handling OpenID Connect authentication flows, including:

  • Authorization requests.

  • Token exchanges using authorization codes.

  • Retrieving user information from the IdP.

  • Supporting claims requests for additional user attributes.

This service enables seamless integration of OpenID Connect authentication into applications.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close