Skip to content

Files

Latest commit

author
Angel Garcia
Jul 26, 2019
e69259b · Jul 26, 2019

History

History

openid-connect-server-spring-boot-config

OpenID Connect Spring Boot Config Starter


##Spring Boot Application Properties

Application property name (Configuration Source)requireddefaultdescription
MitreID OpenID Connect (ConfigurationPropertiesBean)
openid.connect.server.issuer X should match public URI for the server
openid.connect.server.regTokenLifeTime
openid.connect.server.rqpTokenLifeTime
openid.connect.server.forceHttps false
openid.connect.server.dualClient false
Spring Datasource (DataSourceProperties)
spring.datasource.initialize X
spring.datasource.schema X E.g. Embedded DB: "classpath:/db/tables/hsql_database_tables.sql,classpath:/db/tables/security-schema.sql"
Cryptography and JWT Signing (CryptoConfig)
openid.connect.crypto.keystore.path X
openid.connect.crypto.signing.defaultSignerKeyId X
openid.connect.crypto.signing.defaultSigningAlgorithmName X
openid.connect.crypto.encrypt.defaultAlgorithm X
openid.connect.crypto.encrypt.defaultDecryptionKeyId X
openid.connect.crypto.encrypt.defaultEncryptionKeyId X
Scheduled Tasks (ScheduledTaskConfig)
openid.connect.scheduling.enabled true
openid.connect.scheduling.corePoolSize 5
openid.connect.scheduling.tasks.clearExpiredTokens.fixedDelay 30000
openid.connect.scheduling.tasks.clearExpiredTokens.initialDelay 60000
openid.connect.scheduling.tasks.clearExpiredSites.fixedDelay 30000
openid.connect.scheduling.tasks.clearExpiredSites.initialDelay 60000
openid.connect.scheduling.tasks.clearExpiredAuthorizationCodes.fixedDelay 30000
openid.connect.scheduling.tasks.clearExpiredAuthorizationCodes.initialDelay 60000
Endpoint Configuration
openid.connect.server.endpoints.api.whitelist.enabled true When set to false the Whitelist API endpoint is not exposed.
openid.connect.server.endpoints.api.approvedsite.enabled true When set to false the ApprovedSite API endpoint is not exposed.
openid.connect.server.endpoints.api.blacklist.enabled true When set to false the Blacklist API endpoint is not exposed.
openid.connect.server.endpoints.api.client.enabled true When set to false the Client API endpoint is not exposed.
openid.connect.server.endpoints.api.data.enabled true When set to false the Data API endpoint is not exposed.
openid.connect.server.endpoints.api.token.enabled true When set to false the Token API endpoint is not exposed.
openid.connect.server.endpoints.api.scope.enabled true When set to false the Scope API endpoint is not exposed.
openid.connect.server.endpoints.api.stats.enabled true When set to false the StatsAPI endpoint is not exposed.
openid.connect.server.endpoints.oidc.dynamicclientregistration.enabled true When set to false the DynamicClientRegistration endpoint is not exposed.
openid.connect.server.endpoints.oidc.jwksetpublishing.enabled true When set to false the JWKSetPublishing endpoint is not exposed.
openid.connect.server.endpoints.oidc.userinfo.enabled true When set to false the UserInfo endpoint is not exposed.
openid.connect.server.endpoints.oidc.discovery.enabled true When set to false the Discovery endpoint is not exposed.
openid.connect.server.endpoints.protectedresourceregistration.enabled true When set to false the ProtectedResourceRegistration endpoint is not exposed.

Sample minimal application.yml

openid:
  connect:
    server:
      issuer: http://localhost:8080/
    crypto:
      keystore:
        path: classpath:keystore.jwks
      signing:
        defaultSignerKeyId: rsa1
        defaultSigningAlgorithmName: RS256
      encrypt:
        defaultAlgorithm: RSA1_5
        defaultDecryptionKeyId: rsa1
        defaultEncryptionKeyId: rsa1                          
spring:
  datasource:
    initialize: true
    schema: classpath:/db/tables/hsql_database_tables.sql,classpath:/db/tables/security-schema.sql