Package io.quarkus.oidc.token.propagation.runtime

Interface OidcTokenPropagationConfig

@ConfigMapping(prefix="quarkus.resteasy-client-oidc-token-propagation") @ConfigRoot(phase=BUILD_AND_RUN_TIME_FIXED) public interface OidcTokenPropagationConfig

  • Method Summary

    Modifier and Type
    Method
    Description
    Optional<String>
    clientName()
    Name of the configured OidcClient.
    boolean
    exchangeToken()
    Exchange the current token with OpenId Connect Provider for a new token using either "urn:ietf:params:oauth:grant-type:token-exchange" or "urn:ietf:params:oauth:grant-type:jwt-bearer" token grant before propagating it.
    boolean
    jsonWebToken()
    Enable JsonWebTokenRequestFilter instead of AccessTokenRequestFilter for all the injected MP RestClient implementations.
    boolean
    registerFilter()
    Enable either AccessTokenRequestFilter or JsonWebTokenRequestFilter for all the injected MP RestClient implementations.
    boolean
    secureJsonWebToken()
    Secure the injected and possibly modified JsonWebToken.

  • Method Details

    • registerFilter

      @WithDefault("false") boolean registerFilter()
      Enable either AccessTokenRequestFilter or JsonWebTokenRequestFilter for all the injected MP RestClient implementations. AccessTokenRequestFilter can propagate both opaque (binary) and JsonWebToken tokens but it can not modify and secure the updated JsonWebToken tokens. JsonWebTokenRequestFilter can only propagate JsonWebToken tokens but it can also modify and secure them again. Enable the 'jsonWebToken' property to have JsonWebTokenRequestFilter registered. Alternatively, instead of using this property for registering these filters with all the injected MP RestClient implementations, both filters can be registered as MP RestClient providers with the specific MP RestClient implementations.

    • jsonWebToken

      @WithDefault("false") boolean jsonWebToken()
      Enable JsonWebTokenRequestFilter instead of AccessTokenRequestFilter for all the injected MP RestClient implementations. This filter can propagate as well as modify and secure the updated JsonWebToken tokens. Note this property is ignored unless the 'registerFilter' property is enabled.

    • secureJsonWebToken

      @WithDefault("false") boolean secureJsonWebToken()
      Secure the injected and possibly modified JsonWebToken. For example, a JsonWebToken produced and signed by OpenId Connect provider can be re-signed using a new private key. Note this property is injected into JsonWebTokenRequestFilter.

    • exchangeToken

      @WithDefault("false") boolean exchangeToken()
      Exchange the current token with OpenId Connect Provider for a new token using either "urn:ietf:params:oauth:grant-type:token-exchange" or "urn:ietf:params:oauth:grant-type:jwt-bearer" token grant before propagating it. Note this property is injected into AccessTokenRequestFilter.

    • clientName

      Optional<String> clientName()
      Name of the configured OidcClient. Note this property is injected into AccessTokenRequestFilter and is only used if the `exchangeToken` property is enabled.