Skip to content

Latest commit

 

History

History
 
 

openid-connect-server-spring-boot-config

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 
 
 
 
 

OpenID Connect Spring Boot Config Starter


##Spring Boot Application Properties

Application property name (Configuration Source)requireddefaultdescription
MitreID OpenID Connect (ConfigurationPropertiesBean)
openid.connect.server.issuer X should match public URI for the server
openid.connect.server.regTokenLifeTime
openid.connect.server.rqpTokenLifeTime
openid.connect.server.forceHttps false
openid.connect.server.dualClient false
Spring Datasource (DataSourceProperties)
spring.datasource.initialize X
spring.datasource.schema X E.g. Embedded DB: "classpath:/db/tables/hsql_database_tables.sql,classpath:/db/tables/security-schema.sql"
Cryptography and JWT Signing (CryptoConfig)
openid.connect.crypto.keystore.path X
openid.connect.crypto.signing.defaultSignerKeyId X
openid.connect.crypto.signing.defaultSigningAlgorithmName X
openid.connect.crypto.encrypt.defaultAlgorithm X
openid.connect.crypto.encrypt.defaultDecryptionKeyId X
openid.connect.crypto.encrypt.defaultEncryptionKeyId X
Scheduled Tasks (ScheduledTaskConfig)
openid.connect.scheduling.enabled true
openid.connect.scheduling.corePoolSize 5
openid.connect.scheduling.tasks.clearExpiredTokens.fixedDelay 30000
openid.connect.scheduling.tasks.clearExpiredTokens.initialDelay 60000
openid.connect.scheduling.tasks.clearExpiredSites.fixedDelay 30000
openid.connect.scheduling.tasks.clearExpiredSites.initialDelay 60000
openid.connect.scheduling.tasks.clearExpiredAuthorizationCodes.fixedDelay 30000
openid.connect.scheduling.tasks.clearExpiredAuthorizationCodes.initialDelay 60000
Endpoint Configuration
openid.connect.server.endpoints.api.whitelist.enabled true When set to false the Whitelist API endpoint is not exposed.
openid.connect.server.endpoints.api.approvedsite.enabled true When set to false the ApprovedSite API endpoint is not exposed.
openid.connect.server.endpoints.api.blacklist.enabled true When set to false the Blacklist API endpoint is not exposed.
openid.connect.server.endpoints.api.client.enabled true When set to false the Client API endpoint is not exposed.
openid.connect.server.endpoints.api.data.enabled true When set to false the Data API endpoint is not exposed.
openid.connect.server.endpoints.api.token.enabled true When set to false the Token API endpoint is not exposed.
openid.connect.server.endpoints.api.scope.enabled true When set to false the Scope API endpoint is not exposed.
openid.connect.server.endpoints.api.stats.enabled true When set to false the StatsAPI endpoint is not exposed.
openid.connect.server.endpoints.oidc.dynamicclientregistration.enabled true When set to false the DynamicClientRegistration endpoint is not exposed.
openid.connect.server.endpoints.oidc.jwksetpublishing.enabled true When set to false the JWKSetPublishing endpoint is not exposed.
openid.connect.server.endpoints.oidc.userinfo.enabled true When set to false the UserInfo endpoint is not exposed.
openid.connect.server.endpoints.oidc.discovery.enabled true When set to false the Discovery endpoint is not exposed.
openid.connect.server.endpoints.protectedresourceregistration.enabled true When set to false the ProtectedResourceRegistration endpoint is not exposed.

Sample minimal application.yml

openid:
  connect:
    server:
      issuer: http://localhost:8080/
    crypto:
      keystore:
        path: classpath:keystore.jwks
      signing:
        defaultSignerKeyId: rsa1
        defaultSigningAlgorithmName: RS256
      encrypt:
        defaultAlgorithm: RSA1_5
        defaultDecryptionKeyId: rsa1
        defaultEncryptionKeyId: rsa1                          
spring:
  datasource:
    initialize: true
    schema: classpath:/db/tables/hsql_database_tables.sql,classpath:/db/tables/security-schema.sql