org.keycloak.adapters.saml.rotation

Class SamlDescriptorPublicKeyLocator

java.lang.Object

org.keycloak.adapters.saml.rotation.SamlDescriptorPublicKeyLocator

All Implemented Interfaces:

Iterable<PublicKey>, KeyLocator

public class SamlDescriptorPublicKeyLocator
extends Object
implements KeyLocator, Iterable<PublicKey>

This class defines a KeyLocator that looks up public keys and certificates in IdP's SAML descriptor (i.e. http://{host}/auth/realms/{realm}/protocol/saml/descriptor). Based on JWKPublicKeyLocator.

Author:

hmlnarik

Constructor Summary

Constructors

Constructor and Description
SamlDescriptorPublicKeyLocator(String descriptorUrl, int minTimeBetweenDescriptorRequests, int cacheEntryTtl, org.apache.http.client.HttpClient httpClient)

Method Summary

Modifier and Type	Method and Description
Key	getKey(String kid)
Iterator<PublicKey>	iterator()
void	refreshKeyCache()
String	toString()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface java.lang.Iterable

forEach, spliterator

Constructor Detail

SamlDescriptorPublicKeyLocator

public SamlDescriptorPublicKeyLocator(String descriptorUrl,
                                      int minTimeBetweenDescriptorRequests,
                                      int cacheEntryTtl,
                                      org.apache.http.client.HttpClient httpClient)

Method Detail

getKey

public Key getKey(String kid)
           throws KeyManagementException

Specified by:

getKey in interface KeyLocator

Throws:

KeyManagementException

refreshKeyCache

public void refreshKeyCache()

Specified by:

refreshKeyCache in interface KeyLocator

toString

public String toString()

Overrides:

toString in class Object

iterator

public Iterator<PublicKey> iterator()

Specified by:

iterator in interface Iterable<PublicKey>