org.imixs.security.oidc.UserInfoService

@RequestScoped public class UserInfoService extends Object

Service to fetch additional user information from the OIDC UserInfo endpoint. This is necessary for providers like ForgeRock that don't include all claims in the ID token but require a separate UserInfo request.

Constructor Summary

Constructors

Constructor

Description

UserInfoService()
Method Summary

Modifier and Type

Method

Description

jakarta.json.JsonObject

fetchAndMergeUserInfo(String accessToken, jakarta.json.JsonObject idTokenClaims)

Fetches user information from the UserInfo endpoint using the access token and merges it with existing claims from the ID token.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- UserInfoService
  
  public UserInfoService()
Method Details
- fetchAndMergeUserInfo
  
  public jakarta.json.JsonObject fetchAndMergeUserInfo(String accessToken, jakarta.json.JsonObject idTokenClaims)
  
  Fetches user information from the UserInfo endpoint using the access token and merges it with existing claims from the ID token.
  
  Parameters:
  
  accessToken - The access token to authenticate the UserInfo request
  
  idTokenClaims - Existing claims from the ID token
  
  Returns:
  
  JsonObject containing merged claims from ID token and UserInfo endpoint

Class UserInfoService

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Details

UserInfoService

Method Details

fetchAndMergeUserInfo