All Classes and Interfaces
Class
Description
OAuth 2.0 Access Token Response json
Configuration for Java based adapters
Configuration options relevant for configuring http client that can be used by adapter.
Posted to managed client from admin server.
Deprecated.
Deprecated.
Handles selective disclosure of elements within a top-level array claim,
supporting both visible and undisclosed elements.
The JSON representation of a Rich Authorization Request's "authorization_details" object.
Common Adapter configuration
Common Realm Configuration
The default implementation is compliant with RFC 2617
compliant with RFC 6749
PEM values of key and certificate
Claims parameter as described in the OIDC specification https://openid.net/specs/openid-connect-core-1_0.html#ClaimsParameter
The simple SPI for authenticating clients/applications .
Traditional OAuth2 authentication of clients based on client_id and client_secret
Client Policies' (the set of all Client Policy) external representation class
Just adds some type-safety to the ClientPolicyConditionConfiguration
Just adds some type-safety to the ClientPolicyExecutorConfiguration
Client Policy's external representation class
Client Profile's external representation class
Client Profiles' (the set of all Client Profile) external representation class
Created by st on 29/03/17.
Deprecated.
The decision strategy dictates how the policies associated with a given policy are evaluated and how a final decision
is obtained.
Handles hash production for a decoy entry from the given salt.
Handles undisclosed claims and array elements, providing functionality
to generate disclosure digests from Base64Url encoded strings.
Manages the specification of undisclosed claims and array elements.
Per the docker auth v2 spec, access is defined like this:
{
"type": "repository",
"name": "samalba/my-app",
"actions": [
"push",
"pull"
]
}
JSON Representation of a Docker Error in the following format:
{
"code": "UNAUTHORIZED",
"message": "access to the requested resource is not authorized",
"detail": [
{
"Type": "repository",
"Name": "samalba/my-app",
"Action": "pull"
},
{
"Type": "repository",
"Name": "samalba/my-app",
"Action": "push"
}
]
}
Creates a response understandable by the docker client in the form:
{
"token" : "eyJh...nSQ",
"expires_in" : 300,
"issued_at" : "2016-09-02T10:56:33Z"
}
* {
"iss": "auth.docker.com",
"sub": "jlhawn",
"aud": "registry.docker.com",
"exp": 1415387315,
"nbf": 1415387015,
"iat": 1415387015,
"jti": "tYJCO1c6cnyy7kAn0c7rKPgbV1H1bFws",
"access": [
{
"type": "repository",
"name": "samalba/my-app",
"actions": [
"push"
]
}
]
}
Classes implementing this interface guarantee that for each instance of this class,
there exists an mutually unique integer which is stable in time, and identifies
always the same instance of this class.
Result of the "global" request (like push notBefore or logoutAll), which is send to all cluster nodes
Handle verifiable credentials (SD-JWT VC), enabling the parsing
of existing VCs as well as the creation and signing of new ones.
Options for Issuer-signed JWT verification.
An interface to represent signed (JWS) and encrypted (JWE) JWTs.
This interface represents a JOSE header.
Utility class to handle simple JSON serializable for Keycloak.
Client authentication based on JWT signed by client private key .
Client authentication based on JWT signed by client secret instead of private key .
POJO for JWT VC Metadata
A trusted Issuer for running SD-JWT VP verification.
Options for Key Binding JWT verification.
Available in secured requests under HttpServletRequest.getAttribute()
Also available in HttpSession.getAttribute under the classname of this class
Configuration of KeyStore.
Value object to represent an OID (object identifier) as used to describe LDAP schema, extension and features.
The decision strategy dictates how the policies associated with a given policy are evaluated and how a final decision
is obtained.
Representation for Device Authorization Response.
Deprecated.
Representation implementation of an organization internet domain.
Used for partial import of users, groups, clients, roles, and identity providers.
The policy enforcement mode dictates how authorization requests are handled by the server.
Presentation requirements to constrain the kind of credential expected.
Represents the configurable properties of a RequiredAction.
Represents the configuration of a RequiredAction.
Some endpoints (like register new required action) doesn't support all the fields (like setEnabled etc).
One or more resources that the resource server manages as a set of protected resources.
Deprecated.
A bounded extent of access that is possible to perform on a resource set.
Handle jws, either the issuer jwt or the holder key binding jwt.
Main entry class for selective disclosure jwt (SD-JWT).
Represents a top level claim in the payload of a JWT.
Strong typing claim name to avoid parameter mismatch.
Simplified service for creating and managing SD-JWTs with easy-to-use methods.
A component for consuming (verifying) SD-JWT presentations.
Strong typing salt to avoid parameter mismatch.
Runs SD-JWT verification in isolation with only essential properties.
Default configuration for security profile.
Created by st on 29/03/17.
A simple presentation definition of the kind of credential expected.
A trusted Issuer for running SD-JWT VP verification.
Exception thrown for cases when token is invalid due to time constraints (expired, or not yet valid).
Thrown when token signature is invalid.
Exception thrown on failed verification of a token.
Functional interface of checks that verify some part of a JWT.
A trusted Issuer for running SD-JWT VP verification.
Configuration of the Attribute.
Configuration of permissions for the attribute
Config of the rules when attribute is required.
Config of the rules when attribute is selected.
Configuration of the User Profile for one realm.
Configuration of the attribute group.