Package com.simplicite.util.tools
Class AuthTool
- java.lang.Object
-
- com.simplicite.util.tools.AuthTool
-
public class AuthTool extends java.lang.ObjectSimplicite(R) authentication toolbox
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.StringAUTH_CLIENT_CREDENTIALS_MODE_AUTH_HEADERClient credentials HTTP header (Authorization) modestatic java.lang.StringAUTH_CLIENT_CREDENTIALS_MODE_PARAMSClient credentials HTTP parameters modestatic java.lang.StringAUTH_DEFAULT_ERRORDefault authentication error message text codestatic java.lang.StringAUTH_DEFAULT_URLDefault authentication form actionstatic java.lang.StringAUTH_ENDPOINT_ALLEnabled on all endpointsstatic java.lang.StringAUTH_ENDPOINT_APIEnabled on the API endpointsstatic java.lang.StringAUTH_ENDPOINT_UIEnabled on the UI endpointsstatic intAUTH_METHOD_CROWDCrowd authentication methodstatic intAUTH_METHOD_CUSTOMCustom authentication methodstatic intAUTH_METHOD_DEFAULTDefault (server managed: JAAS, Relam, ...) authentication methodstatic intAUTH_METHOD_INTERNALInternal OAuth2 authentication methodstatic intAUTH_METHOD_LDAPLDAP authentication methodstatic intAUTH_METHOD_NONENo authentication methodstatic intAUTH_METHOD_OAUTH2External OAuth2 authentication methodstatic intAUTH_METHOD_SAMLExternal SAML authentication methodstatic java.lang.StringAUTH_MFA_CUSTOMCustom MFA methodstatic java.lang.StringAUTH_MFA_EMAILEmail-based MFA methodstatic java.lang.StringAUTH_MFA_SMSSMS-based MFA methodstatic java.lang.StringAUTH_MFA_TOTPTOTP MFA methodstatic java.lang.StringAUTH_PROVIDER_CROWDGeneric Crowd provider namestatic java.lang.StringAUTH_PROVIDER_CUSTOMGeneric custom provider namestatic java.lang.StringAUTH_PROVIDER_DEFAULTDefault (server-managed: JAAS, Relam, ...) authentication provider namestatic java.lang.StringAUTH_PROVIDER_INTERNALInternal OAuth2 authentication provider namestatic java.lang.StringAUTH_PROVIDER_LDAPGeneric LDAP provider namestatic java.lang.StringAUTH_PROVIDER_OAUTH2_FRANCECONNECTFranceConnect external OAuth2 authentication provider namestatic java.lang.StringAUTH_PROVIDER_OAUTH2_GOOGLEGoogle external OAuth2 authentication provider namestatic java.lang.StringAUTH_PROVIDER_OAUTH2_KEYCLOAKKeyCloack external OAuth2 authentication provider namestatic java.lang.StringAUTH_PROVIDER_OAUTH2_LINKEDINLinkedIn external OAuth2 authentication provider namestatic java.lang.StringAUTH_PROVIDER_OAUTH2_MICROSOFTMicrosoft Live external OAuth2 authentication provider namestatic java.lang.StringAUTH_PROVIDER_SAML_GOOGLEGoogle external SAML authentication provider namestatic java.lang.StringAUTH_PROVIDERS_PARAM_NAMEAuthentication providers system parameter namestatic java.lang.StringOAUTH2_FRANCECONNECT_URL_FOR_COMPANIESFranceConnect URL for companiesstatic java.lang.StringOAUTH2_FRANCECONNECT_URL_FOR_INDVIDUALSFranceConnect URL for individualsstatic java.lang.StringOAUTH2_LINKEDIN_URLLinkedIn URL
-
Constructor Summary
Constructors Constructor Description AuthTool()
-
Method Summary
All Methods Static Methods Concrete Methods Deprecated Methods Modifier and Type Method Description static booleancheckTOPT(java.lang.String secret, java.lang.String code)Check TOPT codestatic java.lang.StringcreateJWTToken(Grant g)Create a JWT tokenstatic java.lang.StringcreateJWTToken(Grant g, boolean payload)Create a JWT tokenstatic java.lang.StringcreateJWTToken(java.lang.String subject, java.lang.String secret, long duration)Create a JWT token with specified secret and durationstatic java.lang.StringcreateJWTToken(java.lang.String subject, java.lang.String secret, java.util.Date date, long duration)Create a JWT token with specified secret, issued at date and durationstatic java.lang.StringcreateJWTToken(java.lang.String subject, java.lang.String secret, java.util.Date date, long duration, java.util.Map<java.lang.String,?> payload)Create a JWT token with specified secret, issued at date and durationstatic java.lang.StringcreateJWTToken(java.lang.String subject, java.util.Map<java.lang.String,?> payload)Create a JWT token with configured secret and durationstatic org.json.JSONObjectdecodeJWTToken(java.lang.String token)Decode JWT tokenstatic org.json.JSONObjectdecodeJWTToken(java.lang.String token, java.lang.String secret)Decode JWT tokenstatic byte[]generateTOPTQRCode(java.lang.String label, java.lang.String secret, java.lang.String issuer, int length, int period)Generate a TOPT QR code (PNG)static java.lang.StringgenerateTOPTSecret(int length)Generate a TOPT secretstatic intgetAuthMethodFromType(java.lang.String type)Get auth type code from auth type namestatic org.json.JSONObjectgetAuthProvider(int method, java.lang.String name)Get specified auth provider definitionstatic org.json.JSONObjectgetAuthProvider(javax.servlet.http.HttpServletRequest request)Get auth provider definition from the HTTP requeststatic org.json.JSONArraygetAuthProviders()Get all auth providers definitionstatic org.json.JSONArraygetAuthProviders(int method)Deprecated, for removal: This API element is subject to removal in a future version.Use getAuthProviders with endpointstatic org.json.JSONArraygetAuthProviders(int method, java.lang.String endpoint)Get auth providers definition for specified auth methodstatic java.lang.StringgetAuthTypeFromMethod(int method)Get auth type name from auth method codestatic booleangetBooleanSetting(java.lang.String providerName, int providerType, java.lang.String settingName, boolean defaultValue)Get boolean settingstatic java.lang.StringgetEndpoint(int endpoint)Get the endpoint string from a endpoint integer code.static org.json.JSONObjectgetLocalAuthProvider()LGet local OAUTH2 provider definitionstatic java.lang.StringgetOAuth2AuthorizeURL(java.lang.String provider, java.lang.String defaultValue)Get OAuth2 authorize endpoint URLstatic java.lang.StringgetOAuth2BaseURL(java.lang.String provider)Get OAuth2 base URLstatic java.lang.StringgetOAuth2ClientCredentialsMode(java.lang.String provider)Get OAuth2 client credentials (client ID and client secret) passing mode (defaults toAUTH_CLIENT_CREDENTIALS_MODE_AUTH_HEADER)static java.lang.StringgetOAuth2ClientID(java.lang.String provider)Get OAuth2 client IDstatic java.lang.StringgetOAuth2ClientSecret(java.lang.String provider)Get OAuth2 client secretstatic java.lang.StringgetOAuth2DefaultScopes(java.lang.String provider)Get OAuth2 default scopesstatic java.lang.StringgetOAuth2JWTIssuer(java.lang.String provider)Get OAuth2 JWT issuerstatic java.lang.StringgetOAuth2JWTSecret(java.lang.String provider)Get OAuth2 JWT secretstatic java.lang.StringgetOAuth2LogoutURL(java.lang.String provider, java.lang.String defaultValue)Get OAuth2 logout endpoint URLstatic booleangetOAuth2NonSSLURLsAllowed(java.lang.String provider)Check if OAuth2 non SSL URLs are allowedstatic java.lang.StringgetOAuth2PKCEChallengeMethod(java.lang.String provider)Get OAuth2 PKCE challenge methodstatic intgetOAuth2PKCECodeVerifierLength(java.lang.String provider)Get OAuth2 PKCE code verifier lengthstatic org.json.JSONObjectgetOAuth2ProviderForJWTIssuer(java.lang.String issuer, java.lang.String endpoint)Get auth provider definition for JWT issuer namestatic java.lang.StringgetOAuth2RedirectURI(java.lang.String provider, java.lang.String defaultValue)Get OAuth2 redirect URIstatic java.lang.StringgetOAuth2Scopes(java.lang.String provider)Get OAuth2 scopesstatic org.json.JSONObjectgetOAuth2TokenInfoMappings(java.lang.String provider)Get OAuth2 token info fields mappingsstatic java.lang.StringgetOAuth2TokenInfoURL(java.lang.String provider, java.lang.String defaultValue)Get OAuth2 token info endpoint URLstatic org.json.JSONObjectgetOAuth2TokenJWTClaimsMappings(java.lang.String provider)Get OAuth2 token JWT claims fields mappingsstatic java.lang.StringgetOAuth2TokenURL(java.lang.String provider, java.lang.String defaultValue)Get OAuth2 token endpoint URLstatic org.json.JSONObjectgetOAuth2UserInfoMappings(java.lang.String provider)Get OAuth2 user info fields mappingsstatic java.lang.StringgetOAuth2UserInfoURL(java.lang.String provider, java.lang.String defaultValue)Get OAuth2 user info endpoint URLstatic java.lang.StringgetSetting(java.lang.String providerName, int providerType, java.lang.String settingName, java.lang.String defaultValue)Get string settingstatic java.lang.StringgetTOTPQRCode(Grant g)Generate TOTP QR code data image URL for specified grant.static java.lang.StringgetTOTPQRCode(java.lang.String login, org.json.JSONObject settings)Generate TOTP QR code data image URL for specified login and sesstings.static booleanisOAuth2JWTNonceCheck(java.lang.String provider)Check OAuth2 JWT nonce?static booleanisSync(java.lang.String provider, int providerType)Is user and responsibilities synchronization required?static org.json.JSONObjectrefreshToken(java.lang.String provider, java.lang.String refreshToken)Refresh OAuth2 tokenstatic booleanuseCrowd()Is at least one CROWD authentication provider configured?static booleanuseLDAP()Is at least one LDAP authentication provider configured?static booleanuseOAuth2()Is at least one OAuth2 authentication provider configured?static booleanuseSAML()Is at least one SAML authentication provider configured?static org.json.JSONObjectverifyJWTToken(org.json.JSONObject token, java.lang.String secret)Verify JWT token
-
-
-
Field Detail
-
AUTH_DEFAULT_URL
public static final java.lang.String AUTH_DEFAULT_URL
Default authentication form action- See Also:
- Constant Field Values
-
AUTH_METHOD_NONE
public static final int AUTH_METHOD_NONE
No authentication method- See Also:
- Constant Field Values
-
AUTH_METHOD_DEFAULT
public static final int AUTH_METHOD_DEFAULT
Default (server managed: JAAS, Relam, ...) authentication method- See Also:
- Constant Field Values
-
AUTH_METHOD_INTERNAL
public static final int AUTH_METHOD_INTERNAL
Internal OAuth2 authentication method- See Also:
- Constant Field Values
-
AUTH_METHOD_OAUTH2
public static final int AUTH_METHOD_OAUTH2
External OAuth2 authentication method- See Also:
- Constant Field Values
-
AUTH_METHOD_SAML
public static final int AUTH_METHOD_SAML
External SAML authentication method- See Also:
- Constant Field Values
-
AUTH_METHOD_LDAP
public static final int AUTH_METHOD_LDAP
LDAP authentication method- See Also:
- Constant Field Values
-
AUTH_METHOD_CROWD
public static final int AUTH_METHOD_CROWD
Crowd authentication method- See Also:
- Constant Field Values
-
AUTH_METHOD_CUSTOM
public static final int AUTH_METHOD_CUSTOM
Custom authentication method- See Also:
- Constant Field Values
-
AUTH_ENDPOINT_ALL
public static final java.lang.String AUTH_ENDPOINT_ALL
Enabled on all endpoints- See Also:
- Constant Field Values
-
AUTH_ENDPOINT_UI
public static final java.lang.String AUTH_ENDPOINT_UI
Enabled on the UI endpoints- See Also:
- Constant Field Values
-
AUTH_ENDPOINT_API
public static final java.lang.String AUTH_ENDPOINT_API
Enabled on the API endpoints- See Also:
- Constant Field Values
-
AUTH_PROVIDERS_PARAM_NAME
public static final java.lang.String AUTH_PROVIDERS_PARAM_NAME
Authentication providers system parameter name- See Also:
- Constant Field Values
-
AUTH_DEFAULT_ERROR
public static final java.lang.String AUTH_DEFAULT_ERROR
Default authentication error message text code- See Also:
- Constant Field Values
-
AUTH_PROVIDER_DEFAULT
public static final java.lang.String AUTH_PROVIDER_DEFAULT
Default (server-managed: JAAS, Relam, ...) authentication provider name- See Also:
- Constant Field Values
-
AUTH_PROVIDER_INTERNAL
public static final java.lang.String AUTH_PROVIDER_INTERNAL
Internal OAuth2 authentication provider name- See Also:
- Constant Field Values
-
AUTH_PROVIDER_OAUTH2_GOOGLE
public static final java.lang.String AUTH_PROVIDER_OAUTH2_GOOGLE
Google external OAuth2 authentication provider name- See Also:
- Constant Field Values
-
AUTH_PROVIDER_OAUTH2_MICROSOFT
public static final java.lang.String AUTH_PROVIDER_OAUTH2_MICROSOFT
Microsoft Live external OAuth2 authentication provider name- See Also:
- Constant Field Values
-
AUTH_PROVIDER_OAUTH2_LINKEDIN
public static final java.lang.String AUTH_PROVIDER_OAUTH2_LINKEDIN
LinkedIn external OAuth2 authentication provider name- See Also:
- Constant Field Values
-
AUTH_PROVIDER_OAUTH2_FRANCECONNECT
public static final java.lang.String AUTH_PROVIDER_OAUTH2_FRANCECONNECT
FranceConnect external OAuth2 authentication provider name- See Also:
- Constant Field Values
-
AUTH_PROVIDER_OAUTH2_KEYCLOAK
public static final java.lang.String AUTH_PROVIDER_OAUTH2_KEYCLOAK
KeyCloack external OAuth2 authentication provider name- See Also:
- Constant Field Values
-
AUTH_PROVIDER_SAML_GOOGLE
public static final java.lang.String AUTH_PROVIDER_SAML_GOOGLE
Google external SAML authentication provider name- See Also:
- Constant Field Values
-
AUTH_PROVIDER_CROWD
public static final java.lang.String AUTH_PROVIDER_CROWD
Generic Crowd provider name- See Also:
- Constant Field Values
-
AUTH_PROVIDER_LDAP
public static final java.lang.String AUTH_PROVIDER_LDAP
Generic LDAP provider name- See Also:
- Constant Field Values
-
AUTH_PROVIDER_CUSTOM
public static final java.lang.String AUTH_PROVIDER_CUSTOM
Generic custom provider name- See Also:
- Constant Field Values
-
AUTH_MFA_EMAIL
public static final java.lang.String AUTH_MFA_EMAIL
Email-based MFA method- See Also:
- Constant Field Values
-
AUTH_MFA_SMS
public static final java.lang.String AUTH_MFA_SMS
SMS-based MFA method- See Also:
- Constant Field Values
-
AUTH_MFA_TOTP
public static final java.lang.String AUTH_MFA_TOTP
TOTP MFA method- See Also:
- Constant Field Values
-
AUTH_MFA_CUSTOM
public static final java.lang.String AUTH_MFA_CUSTOM
Custom MFA method- See Also:
- Constant Field Values
-
OAUTH2_FRANCECONNECT_URL_FOR_INDVIDUALS
public static final java.lang.String OAUTH2_FRANCECONNECT_URL_FOR_INDVIDUALS
FranceConnect URL for individuals- See Also:
- Constant Field Values
-
OAUTH2_FRANCECONNECT_URL_FOR_COMPANIES
public static final java.lang.String OAUTH2_FRANCECONNECT_URL_FOR_COMPANIES
FranceConnect URL for companies- See Also:
- Constant Field Values
-
OAUTH2_LINKEDIN_URL
public static final java.lang.String OAUTH2_LINKEDIN_URL
LinkedIn URL- See Also:
- Constant Field Values
-
AUTH_CLIENT_CREDENTIALS_MODE_AUTH_HEADER
public static final java.lang.String AUTH_CLIENT_CREDENTIALS_MODE_AUTH_HEADER
Client credentials HTTP header (Authorization) mode- See Also:
- Constant Field Values
-
AUTH_CLIENT_CREDENTIALS_MODE_PARAMS
public static final java.lang.String AUTH_CLIENT_CREDENTIALS_MODE_PARAMS
Client credentials HTTP parameters mode- See Also:
- Constant Field Values
-
-
Method Detail
-
getAuthTypeFromMethod
public static java.lang.String getAuthTypeFromMethod(int method)
Get auth type name from auth method code- Parameters:
method- Auth method code- Returns:
- Auth type name
-
getEndpoint
public static java.lang.String getEndpoint(int endpoint)
Get the endpoint string from a endpoint integer code.- Parameters:
endpoint- Endpoint code (one of theGlobals.ENDPOINT_*constants)- Returns:
- The relevant
ENDPOINT_*constants or null
-
getAuthMethodFromType
public static int getAuthMethodFromType(java.lang.String type)
Get auth type code from auth type name- Parameters:
type- Auth type name- Returns:
- Auth type code
-
getAuthProviders
@Deprecated(forRemoval=true, since="5") public static final org.json.JSONArray getAuthProviders(int method)Deprecated, for removal: This API element is subject to removal in a future version.Use getAuthProviders with endpoint
-
getAuthProviders
public static final org.json.JSONArray getAuthProviders(int method, java.lang.String endpoint)Get auth providers definition for specified auth method- Parameters:
method- Auth method (one ofGlobals.AUTH_METHOD_*)endpoint- Enabled endpoint(s) (one ofAUTH_ENDPOINT_*)- Returns:
- JSON array
-
getAuthProviders
public static final org.json.JSONArray getAuthProviders()
Get all auth providers definition- Returns:
- JSON array
-
getLocalAuthProvider
public static final org.json.JSONObject getLocalAuthProvider()
LGet local OAUTH2 provider definition- Returns:
- JSON object
-
getAuthProvider
public static final org.json.JSONObject getAuthProvider(int method, java.lang.String name)Get specified auth provider definition- Parameters:
method- Auth method (one ofAuthTool.AUTH_METHOD_*constants)name- Provider name- Returns:
- JSON object
-
getAuthProvider
public static final org.json.JSONObject getAuthProvider(javax.servlet.http.HttpServletRequest request)
Get auth provider definition from the HTTP request- Parameters:
request- HTTP request- Returns:
- Auth provider definition or null if no provider name in the HTTP request or if no provider is found for the provider name
-
useOAuth2
public static final boolean useOAuth2()
Is at least one OAuth2 authentication provider configured?- Returns:
- True if at least one OAuth2 authentication provider is configured
-
useSAML
public static final boolean useSAML()
Is at least one SAML authentication provider configured?- Returns:
- True if at least one SAML authentication provider is configured
-
useCrowd
public static final boolean useCrowd()
Is at least one CROWD authentication provider configured?- Returns:
- True if at least one CROWD authentication provider is configured
-
useLDAP
public static final boolean useLDAP()
Is at least one LDAP authentication provider configured?- Returns:
- True if at least one LDAP authentication provider is configured
-
getSetting
public static java.lang.String getSetting(java.lang.String providerName, int providerType, java.lang.String settingName, java.lang.String defaultValue)Get string setting- Parameters:
providerName- Provider nameproviderType- Provider type (one of Globals.AUTH_METHOD_*)settingName- Setting namedefaultValue- Default value- Returns:
- Setting value or default if not found
-
getBooleanSetting
public static boolean getBooleanSetting(java.lang.String providerName, int providerType, java.lang.String settingName, boolean defaultValue)Get boolean setting- Parameters:
providerName- Provider nameproviderType- Provider type (one of Globals.AUTH_METHOD_*)settingName- Setting namedefaultValue- Default value- Returns:
- Setting boolean value or default if not found
-
isSync
public static boolean isSync(java.lang.String provider, int providerType)Is user and responsibilities synchronization required?- Parameters:
provider- Provider nameproviderType- Provider type (one of Globals.AUTH_METHOD_*)- Returns:
- True if synchronization is required
-
getOAuth2NonSSLURLsAllowed
public static boolean getOAuth2NonSSLURLsAllowed(java.lang.String provider)
Check if OAuth2 non SSL URLs are allowed- Parameters:
provider- Provider name- Returns:
- True if non SSL URLs are allowed (defaults to false)
-
getOAuth2BaseURL
public static java.lang.String getOAuth2BaseURL(java.lang.String provider)
Get OAuth2 base URL- Parameters:
provider- Provider name- Returns:
- OAuth2 base URL
-
getOAuth2AuthorizeURL
public static java.lang.String getOAuth2AuthorizeURL(java.lang.String provider, java.lang.String defaultValue)Get OAuth2 authorize endpoint URL- Parameters:
provider- Provider namedefaultValue- Default value- Returns:
- OAuth2 authorize endpoint URL
-
getOAuth2TokenURL
public static java.lang.String getOAuth2TokenURL(java.lang.String provider, java.lang.String defaultValue)Get OAuth2 token endpoint URL- Parameters:
provider- Provider namedefaultValue- Default value- Returns:
- OAuth2 token endpoint URL
-
getOAuth2UserInfoURL
public static java.lang.String getOAuth2UserInfoURL(java.lang.String provider, java.lang.String defaultValue)Get OAuth2 user info endpoint URL- Parameters:
provider- Provider namedefaultValue- Default value- Returns:
- OAuth2 user info endpoint URL
-
getOAuth2UserInfoMappings
public static org.json.JSONObject getOAuth2UserInfoMappings(java.lang.String provider)
Get OAuth2 user info fields mappings- Parameters:
provider- Provider- Returns:
- User info as JSON object
-
getOAuth2TokenInfoURL
public static java.lang.String getOAuth2TokenInfoURL(java.lang.String provider, java.lang.String defaultValue)Get OAuth2 token info endpoint URL- Parameters:
provider- Provider namedefaultValue- Default value- Returns:
- OAuth2 token info URL
-
getOAuth2TokenInfoMappings
public static org.json.JSONObject getOAuth2TokenInfoMappings(java.lang.String provider)
Get OAuth2 token info fields mappings- Parameters:
provider- Provider name- Returns:
- OAuth2 token info fields mapping as JSON object
-
getOAuth2TokenJWTClaimsMappings
public static org.json.JSONObject getOAuth2TokenJWTClaimsMappings(java.lang.String provider)
Get OAuth2 token JWT claims fields mappings- Parameters:
provider- Provider name- Returns:
- OAuth2 token JWT claims fields mapping as JSON object
-
getOAuth2LogoutURL
public static java.lang.String getOAuth2LogoutURL(java.lang.String provider, java.lang.String defaultValue)Get OAuth2 logout endpoint URL- Parameters:
provider- Provider namedefaultValue- Default value- Returns:
- Logout URL
-
getOAuth2RedirectURI
public static java.lang.String getOAuth2RedirectURI(java.lang.String provider, java.lang.String defaultValue)Get OAuth2 redirect URI- Parameters:
provider- Provider namedefaultValue- Default value- Returns:
- Redirect URI
-
getOAuth2ClientID
public static java.lang.String getOAuth2ClientID(java.lang.String provider)
Get OAuth2 client ID- Parameters:
provider- Provider name- Returns:
- OAuth2 client ID
-
getOAuth2ClientSecret
public static java.lang.String getOAuth2ClientSecret(java.lang.String provider)
Get OAuth2 client secret- Parameters:
provider- Provider name- Returns:
- OAuth2 client secret
-
getOAuth2PKCEChallengeMethod
public static java.lang.String getOAuth2PKCEChallengeMethod(java.lang.String provider)
Get OAuth2 PKCE challenge method- Parameters:
provider- Provider name- Returns:
- OAuth2 PKCE challenge method (e.g.
S256), empty means no PKCE
-
getOAuth2PKCECodeVerifierLength
public static int getOAuth2PKCECodeVerifierLength(java.lang.String provider)
Get OAuth2 PKCE code verifier length- Parameters:
provider- Provider name- Returns:
- OAuth2 PKCE code verfier length (default is
64)
-
getOAuth2ClientCredentialsMode
public static java.lang.String getOAuth2ClientCredentialsMode(java.lang.String provider)
Get OAuth2 client credentials (client ID and client secret) passing mode (defaults toAUTH_CLIENT_CREDENTIALS_MODE_AUTH_HEADER)- Parameters:
provider- Provider name- Returns:
- OAuth2 client credentials mode (one of
AUTH_CLIENT_CREDENTIALS_MODE_*)
-
getOAuth2DefaultScopes
public static java.lang.String getOAuth2DefaultScopes(java.lang.String provider)
Get OAuth2 default scopes- Parameters:
provider- Provider name- Returns:
- OAuth2 default scopes
-
getOAuth2Scopes
public static java.lang.String getOAuth2Scopes(java.lang.String provider)
Get OAuth2 scopes- Parameters:
provider- Provider name- Returns:
- OAuth2 scopes
-
getOAuth2ProviderForJWTIssuer
public static org.json.JSONObject getOAuth2ProviderForJWTIssuer(java.lang.String issuer, java.lang.String endpoint)Get auth provider definition for JWT issuer name- Parameters:
issuer- JWT issuer nameendpoint- Enabled endpoint(s) (one ofAUTH_ENDPOINT_*)- Returns:
- Provider or null if not found
-
getOAuth2JWTIssuer
public static java.lang.String getOAuth2JWTIssuer(java.lang.String provider)
Get OAuth2 JWT issuer- Parameters:
provider- Provider name- Returns:
- OAUth2 JWT issuer
-
getOAuth2JWTSecret
public static java.lang.String getOAuth2JWTSecret(java.lang.String provider)
Get OAuth2 JWT secret- Parameters:
provider- Provider name- Returns:
- OAUth2 JWT secret
-
isOAuth2JWTNonceCheck
public static boolean isOAuth2JWTNonceCheck(java.lang.String provider)
Check OAuth2 JWT nonce?- Parameters:
provider- Provider name- Returns:
- True if nonce check is required
-
verifyJWTToken
public static org.json.JSONObject verifyJWTToken(org.json.JSONObject token, java.lang.String secret) throws com.auth0.jwt.exceptions.JWTVerificationExceptionVerify JWT token- Parameters:
token- Decoded JWT token- Returns:
- Verified decoded JWT token
- Throws:
com.auth0.jwt.exceptions.JWTVerificationException
-
decodeJWTToken
public static org.json.JSONObject decodeJWTToken(java.lang.String token) throws ParamsExceptionDecode JWT token- Parameters:
token- JWT token- Returns:
- Decoded JWT token as JSON object
- Throws:
ParamsException
-
decodeJWTToken
public static org.json.JSONObject decodeJWTToken(java.lang.String token, java.lang.String secret) throws ParamsExceptionDecode JWT token- Parameters:
token- JWT tokensecret- Optional secret to verify- Returns:
- Decoded JWT token as JSON object
- Throws:
ParamsException
-
createJWTToken
public static java.lang.String createJWTToken(Grant g)
Create a JWT token- Parameters:
g- Grant- Returns:
- JWT token
-
createJWTToken
public static java.lang.String createJWTToken(Grant g, boolean payload)
Create a JWT token- Parameters:
g- Grantpayload- Add payload (name, email, locale, timezone)- Returns:
- JWT token
-
createJWTToken
public static java.lang.String createJWTToken(java.lang.String subject, java.util.Map<java.lang.String,?> payload) throws java.lang.IllegalArgumentExceptionCreate a JWT token with configured secret and duration- Parameters:
subject- Subjectpayload- Payload- Returns:
- JWT token
- Throws:
java.lang.IllegalArgumentException
-
createJWTToken
public static java.lang.String createJWTToken(java.lang.String subject, java.lang.String secret, long duration) throws java.lang.IllegalArgumentExceptionCreate a JWT token with specified secret and duration- Parameters:
subject- Subjectsecret- Secretduration- Duration in seconds- Returns:
- JWT token
- Throws:
java.lang.IllegalArgumentException
-
createJWTToken
public static java.lang.String createJWTToken(java.lang.String subject, java.lang.String secret, java.util.Date date, long duration) throws java.lang.IllegalArgumentExceptionCreate a JWT token with specified secret, issued at date and duration- Parameters:
subject- Subjectsecret- Secretdate- Issued at dateduration- Duration in seconds- Returns:
- JWT token
- Throws:
java.lang.IllegalArgumentException
-
createJWTToken
public static java.lang.String createJWTToken(java.lang.String subject, java.lang.String secret, java.util.Date date, long duration, java.util.Map<java.lang.String,?> payload) throws java.lang.IllegalArgumentExceptionCreate a JWT token with specified secret, issued at date and duration- Parameters:
subject- Subjectsecret- Secretdate- Issued at dateduration- Duration in secondspayload- Payload- Returns:
- JWT token
- Throws:
java.lang.IllegalArgumentException
-
refreshToken
public static org.json.JSONObject refreshToken(java.lang.String provider, java.lang.String refreshToken) throws AuthenticationExceptionRefresh OAuth2 token- Parameters:
provider- ProviderrefreshToken- Refresh token- Returns:
- JSON object with refreshed tokens
- Throws:
AuthenticationException
-
generateTOPTSecret
public static java.lang.String generateTOPTSecret(int length)
Generate a TOPT secret- Parameters:
length- Secret length (e.g. 32 or 64)- Returns:
- TOPT secret
-
generateTOPTQRCode
public static byte[] generateTOPTQRCode(java.lang.String label, java.lang.String secret, java.lang.String issuer, int length, int period)Generate a TOPT QR code (PNG)- Parameters:
label- Labelsecret- Secretissuer- Issuerlength- TOPT code length (e.g. 6)period- Refresh period in seconds (e.g. 30)- Returns:
- QR code image (PNG) or null
-
checkTOPT
public static boolean checkTOPT(java.lang.String secret, java.lang.String code)Check TOPT code- Parameters:
secret- Secretcode- TOPT code- Returns:
- True if TOPT code is valid
-
getTOTPQRCode
public static java.lang.String getTOTPQRCode(Grant g)
Generate TOTP QR code data image URL for specified grant.- Parameters:
g- Grant- Returns:
- Image data URL
-
getTOTPQRCode
public static java.lang.String getTOTPQRCode(java.lang.String login, org.json.JSONObject settings)Generate TOTP QR code data image URL for specified login and sesstings.- Parameters:
login- Loginsettings- MFA settings- Returns:
- Image data URL (or null if login or settings are invalid)
-
-