Index (OIDC Servlets API)

A B C D F G H I K L N O P R S T U
All Classes and Interfaces|All Packages|Constant Field Values|Serialized Form

A

AbstractAuthorizationFilter - Class in net.ltgt.oidc.servlet: Base class for filters that redirect to the OpenID Provider when the user is not authorized.
AbstractAuthorizationFilter() - Constructor for class net.ltgt.oidc.servlet.AbstractAuthorizationFilter
AbstractAuthorizationFilter(AuthenticationRedirector) - Constructor for class net.ltgt.oidc.servlet.AbstractAuthorizationFilter: Constructs a filter with the given authentication redirector.
acquire(SessionID, String) - Method in class net.ltgt.oidc.servlet.InMemoryLoggedOutSessionStore
acquire(SessionID, String) - Method in interface net.ltgt.oidc.servlet.LoggedOutSessionStore: Associates the OpenID Provider session ID with a new application's HTTP session.
attributeAdded(HttpSessionBindingEvent) - Method in class net.ltgt.oidc.servlet.BackchannelLogoutSessionListener
attributeRemoved(HttpSessionBindingEvent) - Method in class net.ltgt.oidc.servlet.BackchannelLogoutSessionListener
attributeReplaced(HttpSessionBindingEvent) - Method in class net.ltgt.oidc.servlet.BackchannelLogoutSessionListener
AuthenticationRedirector - Class in net.ltgt.oidc.servlet: Responsible for redirecting to the OpenID Provider.
AuthenticationRedirector(Configuration, String) - Constructor for class net.ltgt.oidc.servlet.AuthenticationRedirector

B

BackchannelLogoutServlet - Class in net.ltgt.oidc.servlet: Implements the OpenID Connect Back-Channel Logout URI.
BackchannelLogoutServlet() - Constructor for class net.ltgt.oidc.servlet.BackchannelLogoutServlet
BackchannelLogoutServlet(Configuration, LoggedOutSessionStore) - Constructor for class net.ltgt.oidc.servlet.BackchannelLogoutServlet: Constructs a servlet with the given configuration and logged-out session store.
BackchannelLogoutSessionListener - Class in net.ltgt.oidc.servlet: Removes the OpenID Connect sid from the LoggedOutSessionStore whenever a session is destroyed.
BackchannelLogoutSessionListener() - Constructor for class net.ltgt.oidc.servlet.BackchannelLogoutSessionListener
BackchannelLogoutSessionListener(LoggedOutSessionStore) - Constructor for class net.ltgt.oidc.servlet.BackchannelLogoutSessionListener: Constructs a listener with the given logged-out session store.

C

CallbackServlet - Class in net.ltgt.oidc.servlet: Implements the OpenID Connect Redirect URI for the authorization code flow.
CallbackServlet() - Constructor for class net.ltgt.oidc.servlet.CallbackServlet
CallbackServlet(Configuration, UserPrincipalFactory) - Constructor for class net.ltgt.oidc.servlet.CallbackServlet: Constructs a servlet with the given configuration and UserPrincipal factory, and no HTTP request sender.
CallbackServlet(Configuration, UserPrincipalFactory, HTTPRequestSender) - Constructor for class net.ltgt.oidc.servlet.CallbackServlet: Constructs a servlet with the given configuration and UserPrincipal factory.
Configuration - Class in net.ltgt.oidc.servlet: Contains the OpenID Connect-related configuration.
Configuration(ReadOnlyOIDCProviderMetadata, ClientAuthentication) - Constructor for class net.ltgt.oidc.servlet.Configuration
configureAuthenticationRequest(AuthenticationRequest.Builder) - Method in class net.ltgt.oidc.servlet.AuthenticationRedirector: Called by redirectToAuthenticationEndpoint to configure the authentication request further.
configureAuthenticationRequest(HttpServletRequest, AuthenticationRequest.Builder) - Method in class net.ltgt.oidc.servlet.AbstractAuthorizationFilter: Configures the authentication request when redirecting to the OpenID Provider.
configureAuthenticationRequest(HttpServletRequest, AuthenticationRequest.Builder) - Method in class net.ltgt.oidc.servlet.LoginServlet: Configures the authentication request when redirecting to the OpenID Provider.
CONTEXT_ATTRIBUTE_NAME - Static variable in class net.ltgt.oidc.servlet.AuthenticationRedirector
CONTEXT_ATTRIBUTE_NAME - Static variable in class net.ltgt.oidc.servlet.Configuration
CONTEXT_ATTRIBUTE_NAME - Static variable in interface net.ltgt.oidc.servlet.LoggedOutSessionStore
CONTEXT_ATTRIBUTE_NAME - Static variable in interface net.ltgt.oidc.servlet.OAuthTokensHandler
CONTEXT_ATTRIBUTE_NAME - Static variable in interface net.ltgt.oidc.servlet.UserPrincipalFactory
createUserPrincipal(SessionInfo, HttpSession) - Method in interface net.ltgt.oidc.servlet.UserPrincipalFactory: Called on each request by the UserFilter to create the UserPrincipal for the authenticated user; that will be exposed downward the filter chain as the request's principal.

D

doFilter(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class net.ltgt.oidc.servlet.AbstractAuthorizationFilter
doFilter(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class net.ltgt.oidc.servlet.UserFilter
doGet(HttpServletRequest, HttpServletResponse) - Method in class net.ltgt.oidc.servlet.CallbackServlet
doGet(HttpServletRequest, HttpServletResponse) - Method in class net.ltgt.oidc.servlet.LoginServlet
doGet(HttpServletRequest, HttpServletResponse) - Method in class net.ltgt.oidc.servlet.LogoutCallbackServlet
doLogout(Set<String>) - Method in class net.ltgt.oidc.servlet.InMemoryLoggedOutSessionStore: Can be implemented to effectively invalidate sessions.
doPost(HttpServletRequest, HttpServletResponse) - Method in class net.ltgt.oidc.servlet.BackchannelLogoutServlet
doPost(HttpServletRequest, HttpServletResponse) - Method in class net.ltgt.oidc.servlet.CallbackServlet
doPost(HttpServletRequest, HttpServletResponse) - Method in class net.ltgt.oidc.servlet.LoginServlet
doPost(HttpServletRequest, HttpServletResponse) - Method in class net.ltgt.oidc.servlet.LogoutCallbackServlet
doPost(HttpServletRequest, HttpServletResponse) - Method in class net.ltgt.oidc.servlet.LogoutServlet
doRedirectToAuthenticationEndpoint(HttpServletRequest, HttpServletResponse) - Method in class net.ltgt.oidc.servlet.AbstractAuthorizationFilter: This method is called whenever the user is not authorized and the request is a safe navigation request.
doSendUnauthorized(HttpServletRequest, HttpServletResponse) - Method in class net.ltgt.oidc.servlet.AbstractAuthorizationFilter: This method is called whenever the user is not authenticated and the request is not a safe navigation request.

F

FACTORY - Static variable in class net.ltgt.oidc.servlet.KeycloakUserPrincipal
FACTORY - Static variable in class net.ltgt.oidc.servlet.SimpleUserPrincipal

G

getClientAuthentication() - Method in class net.ltgt.oidc.servlet.Configuration
getIDToken() - Method in class net.ltgt.oidc.servlet.SessionInfo
getIDTokenClaims() - Method in class net.ltgt.oidc.servlet.SessionInfo
getName() - Method in interface net.ltgt.oidc.servlet.UserPrincipal: Returns the user's name.
getProviderMetadata() - Method in class net.ltgt.oidc.servlet.Configuration
getRequestUri(HttpServletRequest) - Static method in class net.ltgt.oidc.servlet.Utils: Returns the request's path and query-string, taking into account forwarded requests to return the origin request URI.
getSessionInfo() - Method in class net.ltgt.oidc.servlet.KeycloakUserPrincipal
getSessionInfo() - Method in class net.ltgt.oidc.servlet.SimpleUserPrincipal
getSessionInfo() - Method in interface net.ltgt.oidc.servlet.UserPrincipal
getUserInfo() - Method in class net.ltgt.oidc.servlet.SessionInfo

H

handleError(HTTPResponse) - Method in class net.ltgt.oidc.servlet.RevokingOAuthTokensHandler: Handles an unsuccessful response to the token revocation request.
handleError(Exception) - Method in class net.ltgt.oidc.servlet.RevokingOAuthTokensHandler: Handles an exception happening in the asynchronous revocation task.
hasRole(String) - Method in class net.ltgt.oidc.servlet.KeycloakUserPrincipal
hasRole(String) - Method in class net.ltgt.oidc.servlet.SimpleUserPrincipal
hasRole(String) - Method in interface net.ltgt.oidc.servlet.UserPrincipal: Returns whether the user has a given role.
HasRoleFilter - Class in net.ltgt.oidc.servlet: Ensures the user has a given role.
HasRoleFilter() - Constructor for class net.ltgt.oidc.servlet.HasRoleFilter
HasRoleFilter(String) - Constructor for class net.ltgt.oidc.servlet.HasRoleFilter: Constructs a filter that checks for the given role.
HasRoleFilter(AuthenticationRedirector) - Constructor for class net.ltgt.oidc.servlet.HasRoleFilter: Constructs a filter with the given authentication redirector.
HasRoleFilter(AuthenticationRedirector, String) - Constructor for class net.ltgt.oidc.servlet.HasRoleFilter: Constructs a filter with the given authentication redirector and role.
HTTP_REQUEST_SENDER_CONTEXT_ATTRIBUTE_NAME - Static variable in class net.ltgt.oidc.servlet.Utils: The name of the servlet context attribute to register a HTTPRequestSender to be used to send requests to the OpenID Provider.

I

init() - Method in class net.ltgt.oidc.servlet.AbstractAuthorizationFilter
init() - Method in class net.ltgt.oidc.servlet.BackchannelLogoutServlet
init() - Method in class net.ltgt.oidc.servlet.CallbackServlet
init() - Method in class net.ltgt.oidc.servlet.HasRoleFilter
init() - Method in class net.ltgt.oidc.servlet.LoginServlet
init() - Method in class net.ltgt.oidc.servlet.LogoutServlet
init() - Method in class net.ltgt.oidc.servlet.UserFilter
InMemoryLoggedOutSessionStore - Class in net.ltgt.oidc.servlet: An implementation of LoggedOutSessionStore that stores session IDs in memory.
InMemoryLoggedOutSessionStore() - Constructor for class net.ltgt.oidc.servlet.InMemoryLoggedOutSessionStore
IS_PRIVATE_REQUEST_ATTRIBUTE_NAME - Static variable in class net.ltgt.oidc.servlet.AbstractAuthorizationFilter
IsAuthenticatedFilter - Class in net.ltgt.oidc.servlet: Ensures the user is authenticated.
IsAuthenticatedFilter() - Constructor for class net.ltgt.oidc.servlet.IsAuthenticatedFilter
IsAuthenticatedFilter(AuthenticationRedirector) - Constructor for class net.ltgt.oidc.servlet.IsAuthenticatedFilter: Constructs a filter with the given authentication redirector.
isAuthorized(HttpServletRequest) - Method in class net.ltgt.oidc.servlet.AbstractAuthorizationFilter: Returns whether the user is authorized.
isAuthorized(HttpServletRequest) - Method in class net.ltgt.oidc.servlet.HasRoleFilter
isAuthorized(HttpServletRequest) - Method in class net.ltgt.oidc.servlet.IsAuthenticatedFilter
isCallbackServlet(HttpServletRequest) - Method in class net.ltgt.oidc.servlet.AbstractAuthorizationFilter: Returns whether the request targets a callback servlet, that should be exempted from authorization check.
isLoggedOut(SessionID) - Method in class net.ltgt.oidc.servlet.InMemoryLoggedOutSessionStore
isLoggedOut(SessionID) - Method in interface net.ltgt.oidc.servlet.LoggedOutSessionStore: Returns whether the given session ID has been logged out.

K

KeycloakUserPrincipal - Class in net.ltgt.oidc.servlet: A UserPrincipal that extracts Keycloak realm roles from the user information.
KeycloakUserPrincipal(SessionInfo) - Constructor for class net.ltgt.oidc.servlet.KeycloakUserPrincipal

L

LoggedOutSessionStore - Interface in net.ltgt.oidc.servlet: Tracks SessionID values of sessions logged out with the OpenID Connect Back-Channel Logout protocol through the BackchannelLogoutServlet.
LoginServlet - Class in net.ltgt.oidc.servlet: This servlet starts the authentication workflow and redirects back to a given URL afterward.
LoginServlet() - Constructor for class net.ltgt.oidc.servlet.LoginServlet
LoginServlet(AuthenticationRedirector) - Constructor for class net.ltgt.oidc.servlet.LoginServlet: Constructs a servlet with the given authentication redirector.
logout(SessionID) - Method in class net.ltgt.oidc.servlet.InMemoryLoggedOutSessionStore
logout(SessionID) - Method in interface net.ltgt.oidc.servlet.LoggedOutSessionStore: Records the given session ID as having been logged out at the OpenID Provider.
LogoutCallbackServlet - Class in net.ltgt.oidc.servlet: Implements a post-logout redirect URI for use with OpenID Connect RP-Initiated Logout
LogoutCallbackServlet() - Constructor for class net.ltgt.oidc.servlet.LogoutCallbackServlet
LogoutServlet - Class in net.ltgt.oidc.servlet: This servlet starts the logout workflow and possibly redirects back to a given URL afterward.
LogoutServlet() - Constructor for class net.ltgt.oidc.servlet.LogoutServlet
LogoutServlet(String) - Constructor for class net.ltgt.oidc.servlet.LogoutServlet: Constructs a logout servlet with the given post-logout redirect path.
LogoutServlet(String, boolean) - Constructor for class net.ltgt.oidc.servlet.LogoutServlet: Constructs a logout servlet with the given post-logout redirect path and whether to use logout state.
LogoutServlet(Configuration, String) - Constructor for class net.ltgt.oidc.servlet.LogoutServlet: Constructs a logout servlet with the given configuration and post-logout redirect path.
LogoutServlet(Configuration, String, boolean) - Constructor for class net.ltgt.oidc.servlet.LogoutServlet: Constructs a logout servlet with the given configuration and post-logout redirect path, and whether to use logout state.

N

net.ltgt.oidc.servlet - package net.ltgt.oidc.servlet

O

OAuthTokensHandler - Interface in net.ltgt.oidc.servlet: Handles OAuth tokens acquired at authentication time (by the CallbackServlet) once they're no longer needed.

P

POST_LOGOUT_REDIRECT_PATH - Static variable in class net.ltgt.oidc.servlet.LogoutServlet

R

redirectToAuthenticationEndpoint(HttpServletRequest, HttpServletResponse) - Method in class net.ltgt.oidc.servlet.AbstractAuthorizationFilter: This method is called whenever the user is not authorized and the request is a safe navigation request.
redirectToAuthenticationEndpoint(HttpServletRequest, HttpServletResponse, String) - Method in class net.ltgt.oidc.servlet.AuthenticationRedirector: Redirects to the OpenID Provider, returning to the given page when coming back.
redirectToAuthenticationEndpoint(HttpServletRequest, HttpServletResponse, String, Consumer<AuthenticationRequest.Builder>) - Method in class net.ltgt.oidc.servlet.AuthenticationRedirector: Redirects to the OpenID Provider, returning to the given page when coming back, and possibly configuring the authentication request further.
redirectToAuthenticationEndpoint(HttpSession, String, Consumer<AuthenticationRequest.Builder>, URI, Consumer<URI>) - Method in class net.ltgt.oidc.servlet.AuthenticationRedirector
release(SessionID, String) - Method in class net.ltgt.oidc.servlet.InMemoryLoggedOutSessionStore
release(SessionID, String) - Method in interface net.ltgt.oidc.servlet.LoggedOutSessionStore: Dissociates the OpenID Provider session ID from an application's HTTP session.
renew(SessionID, String, String) - Method in class net.ltgt.oidc.servlet.InMemoryLoggedOutSessionStore
renew(SessionID, String, String) - Method in interface net.ltgt.oidc.servlet.LoggedOutSessionStore: Notifies the store that the application's HTTP session, associated with a given OpenID Provider session ID, has changed ID.
RETURN_TO_PARAMETER_NAME - Static variable in class net.ltgt.oidc.servlet.Utils: The name of the form parameter to pass a page's path to return to after login or logout.
RevokingOAuthTokensHandler - Class in net.ltgt.oidc.servlet: An OAuthTokensHandler that immediately (though asynchronously) revokes the access token.
RevokingOAuthTokensHandler(Configuration) - Constructor for class net.ltgt.oidc.servlet.RevokingOAuthTokensHandler: Constructs a revoking token handler with the given configuration.
RevokingOAuthTokensHandler(Configuration, HTTPRequestSender) - Constructor for class net.ltgt.oidc.servlet.RevokingOAuthTokensHandler: Constructs a revoking token handler with the given configuration and HTTP request sender.
RevokingOAuthTokensHandler(Configuration, HTTPRequestSender, Executor) - Constructor for class net.ltgt.oidc.servlet.RevokingOAuthTokensHandler: Constructs a revoking token handler with the given configuration, HTTP executor sender, and executor.
RevokingOAuthTokensHandler(Configuration, Executor) - Constructor for class net.ltgt.oidc.servlet.RevokingOAuthTokensHandler: Constructs a revoking token handler with the given configuration and executor, and no HTTP executor sender.
ROLE - Static variable in class net.ltgt.oidc.servlet.HasRoleFilter: Name of the init parameter used to configure the expected user role.

S

sendError(HttpServletResponse, int, String, Throwable) - Method in class net.ltgt.oidc.servlet.CallbackServlet
sendForbidden(HttpServletRequest, HttpServletResponse) - Method in class net.ltgt.oidc.servlet.AbstractAuthorizationFilter: This method is called whenever the user is authenticated but not authorized.
sendUnauthorized(HttpServletRequest, HttpServletResponse) - Method in class net.ltgt.oidc.servlet.AbstractAuthorizationFilter: This method is called whenever the user is not authorized and the request is not a safe navigation request.
sessionIdChanged(HttpSessionEvent, String) - Method in class net.ltgt.oidc.servlet.BackchannelLogoutSessionListener
SessionInfo - Class in net.ltgt.oidc.servlet
SessionInfo(JWT, IDTokenClaimsSet, UserInfo) - Constructor for class net.ltgt.oidc.servlet.SessionInfo
SimpleUserPrincipal - Class in net.ltgt.oidc.servlet: A simple UserPrincipal implementation with no role at all.
SimpleUserPrincipal(SessionInfo) - Constructor for class net.ltgt.oidc.servlet.SimpleUserPrincipal

T

tokensAcquired(AccessTokenResponse, HttpSession) - Method in interface net.ltgt.oidc.servlet.OAuthTokensHandler: Called by the CallbackServlet before it forgets about the tokens.
tokensAcquired(AccessTokenResponse, HttpSession) - Method in class net.ltgt.oidc.servlet.RevokingOAuthTokensHandler

U

USE_LOGOUT_STATE - Static variable in class net.ltgt.oidc.servlet.LogoutServlet
userAuthenticated(SessionInfo, HttpSession) - Method in interface net.ltgt.oidc.servlet.UserPrincipalFactory: Called by the CallbackServlet when the user is successfully authenticated.
UserFilter - Class in net.ltgt.oidc.servlet: Checks whether the user is authenticated.
UserFilter() - Constructor for class net.ltgt.oidc.servlet.UserFilter
UserFilter(UserPrincipalFactory) - Constructor for class net.ltgt.oidc.servlet.UserFilter: Constructs a filter with the given UserPrincipal factory and no logged-out session store.
UserFilter(UserPrincipalFactory, LoggedOutSessionStore) - Constructor for class net.ltgt.oidc.servlet.UserFilter: Constructs a filter with the given UserPrincipal factory and (optional) logged-out session store.
UserPrincipal - Interface in net.ltgt.oidc.servlet: An authenticated user.
UserPrincipalFactory - Interface in net.ltgt.oidc.servlet: Creates instances of UserPrincipal to be exposed as requests' principal.
Utils - Class in net.ltgt.oidc.servlet

A B C D F G H I K L N O P R S T U
All Classes and Interfaces|All Packages|Constant Field Values|Serialized Form