com.authlete.common.dto

Class Service

java.lang.Object

com.authlete.common.dto.Service

All Implemented Interfaces:

Serializable

public class Service
extends Object
implements Serializable

Information about a service.

Some properties correspond to the ones listed in OpenID Provider Metadata in OpenID Connect Discovery 1.0

Author:

Takahiko Kawasaki

See Also:

OpenID Connect Discovery 1.0, Serialized Form

Constructor Summary

Constructors

Constructor and Description
Service()

Method Summary

Modifier and Type	Method and Description
long	getAccessTokenDuration() Get the duration of access tokens in seconds; the value of expires_in in access token responses.
String	getAccessTokenType() Get the access token type; the value of token_type in access token responses.
long	getApiKey() Get the API key.
String	getApiSecret() Get the API secret.
String	getAuthenticationCallbackApiKey() Get the API key to access the authentication callback endpoint.
String	getAuthenticationCallbackApiSecret() Get the API secret to access the authentication callback endpoint.
URI	getAuthenticationCallbackEndpoint() Get the URI of the authentication callback endpoint.
URI	getAuthorizationEndpoint() Get the URI of the authorization endpoint.
int	getClientsPerDeveloper() Get the number of client applications that one developer can create.
long	getCreatedAt() Get the time at which this service was created.
String	getDescription() Get the description.
String	getDeveloperAuthenticationCallbackApiKey() Get the API key to access the developer authentication callback endpoint.
String	getDeveloperAuthenticationCallbackApiSecret() Get the API secret to access the developer authentication callback endpoint.
URI	getDeveloperAuthenticationCallbackEndpoint() Get the URI of the developer authentication callback endpoint.
SnsCredentials[]	getDeveloperSnsCredentials() Get the list of SNS credentials that Authlete uses to support social login at the developer console.
long	getIdTokenDuration() Get the duration of ID tokens in seconds.
String	getIdTokenSignatureKeyId() Get the key ID to identify a JWK used for ID token signature using an asymmetric key.
URI	getIssuer() Get the issuer identifier of this OpenID provider.
String	getJwks() Get the JSON Web Key Set of the service.
URI	getJwksUri() Get the URI of the service's JSON Web Key Set.
Pair[]	getMetadata() Get metadata.
long	getModifiedAt() Get the time at which this service was last modified.
int	getNumber() Get the service number.
URI	getPolicyUri() Get the URI of that this OpenID Provider provides to the person registering the client to read about the OP's requirements on how the Relying Party can use the data provided by the OP.
long	getRefreshTokenDuration() Get the duration of refresh tokens in seconds.
URI	getRegistrationEndpoint() Get the URI of the registration endpoint.
URI	getRevocationEndpoint() Get the URI of the token revocation endpoint.
URI	getServiceDocumentation() Get the URI of a page containing human-readable information that developers might want or need to know when using this OpenID Provider.
String	getServiceName() Get the service name.
int	getServiceOwnerNumber() Get the service owner number.
SnsCredentials[]	getSnsCredentials() Get the list of SNS credentials that Authlete uses to support social login.
String[]	getSupportedAcrs() Get the supported ACRs (authentication context class references).
String[]	getSupportedClaimLocales() Get the supported claim locales.
String[]	getSupportedClaims() Get the supported claims.
ClaimType[]	getSupportedClaimTypes() Get the supported claim types.
Sns[]	getSupportedDeveloperSnses() Get the list of supported SNSes for social login at the developer console.
Display[]	getSupportedDisplays() Get the supported values of display parameter passed to the authorization endpoint.
GrantType[]	getSupportedGrantTypes() Get the supported grant types.
ResponseType[]	getSupportedResponseTypes() Get the supported response types.
Scope[]	getSupportedScopes() Get the supported scopes.
Sns[]	getSupportedSnses() Get the list of supported SNSes for social login at the authorization endpoint.
ClientAuthMethod[]	getSupportedTokenAuthMethods() Get the supported client authentication methods at the token endpoint.
String[]	getSupportedUiLocales() Get the supported UI locales.
URI	getTokenEndpoint() Get the URI of the token endpoint.
URI	getTosUri() Get the URI that the OpenID Provider provides to the person registering the client to read about the OP's terms of service.
URI	getUserInfoEndpoint() Get the URI of the user info endpoint.
String	getUserInfoSignatureKeyId() Get the key ID to identify a JWK used for user info signature using an asymmetric key.
boolean	isClientIdAliasEnabled() Get the flag which indicates whether the 'Client ID Alias' feature is enabled or not.
boolean	isDirectAuthorizationEndpointEnabled() Get the flag to indicate whether the direct authorization endpoint is enabled or not.
boolean	isDirectIntrospectionEndpointEnabled() Get the flag to indicate whether the direct introspection endpoint is enabled or not.
boolean	isDirectJwksEndpointEnabled() Get the flag to indicate whether the direct jwks endpoint is enabled or not.
boolean	isDirectRevocationEndpointEnabled() Get the flag to indicate whether the direct revocation endpoint is enabled or not.
boolean	isDirectTokenEndpointEnabled() Get the flag to indicate whether the direct token endpoint is enabled or not.
boolean	isDirectUserInfoEndpointEnabled() Get the flag to indicate whether the direct userinfo endpoint is enabled or not.
boolean	isErrorDescriptionOmitted() Get the flag to indicate whether the error_description response parameter is omitted.
boolean	isErrorUriOmitted() Get the flag to indicate whether the error_uri response parameter is omitted.
boolean	isPkceRequired() Get the flag to indicate whether the use of Proof Key for Code Exchange (PKCE) is always required for authorization requests by Authorization Code Flow.
boolean	isRefreshTokenKept() Get the flag to indicate whether a refresh token remains unchanged or gets renewed after its use.
boolean	isSingleAccessTokenPerSubject() Get the flag to indicate whether the number of access tokens per subject (and per client) is at most one or can be more.
Service	setAccessTokenDuration(long duration) Set the duration of access tokens in seconds; the value of expires_in in access token responses.
Service	setAccessTokenType(String type) Set the access token type; the value of token_type in access token responses.
Service	setApiKey(long apiKey) Set the API key.
Service	setApiSecret(String apiSecret) Set the API secret.
Service	setAuthenticationCallbackApiKey(String apiKey) Set the API key to access the authentication callback endpoint.
Service	setAuthenticationCallbackApiSecret(String apiSecret) Set the API secret to access the authentication callback endpoint.
Service	setAuthenticationCallbackEndpoint(URI endpoint) Set the URI of the authentication callback endpoint.
Service	setAuthorizationEndpoint(URI endpoint) Set the URI of the authorization endpoint.
Service	setClientIdAliasEnabled(boolean enabled) Enable/disable the 'Client ID Alias' feature.
Service	setClientsPerDeveloper(int count) Set the number of client applications that one developer can create.
Service	setCreatedAt(long createdAt) Set the time at which this service was created.
Service	setDescription(String description) Set the description.
Service	setDeveloperAuthenticationCallbackApiKey(String apiKey) Set the API key to access the developer authentication callback endpoint.
Service	setDeveloperAuthenticationCallbackApiSecret(String apiSecret) Set the API secret to access the developer authentication callback endpoint.
Service	setDeveloperAuthenticationCallbackEndpoint(URI endpoint) Set the URI of the developer authentication callback endpoint.
Service	setDeveloperSnsCredentials(SnsCredentials[] snsCredentials) Set the list of SNS credentials that Authlete uses to support social login at the developer console.
Service	setDirectAuthorizationEndpointEnabled(boolean enabled) Set the flag to indicate whether the direct authorization endpoint is enabled or not.
Service	setDirectIntrospectionEndpointEnabled(boolean enabled) Set the flag to indicate whether the direct introspection endpoint is enabled or not.
Service	setDirectJwksEndpointEnabled(boolean enabled) Set the flag to indicate whether the direct jwks endpoint is enabled or not.
Service	setDirectRevocationEndpointEnabled(boolean enabled) Set the flag to indicate whether the direct revocation endpoint is enabled or not.
Service	setDirectTokenEndpointEnabled(boolean enabled) Set the flag to indicate whether the direct token endpoint is enabled or not.
Service	setDirectUserInfoEndpointEnabled(boolean enabled) Set the flag to indicate whether the direct userinfo endpoint is enabled or not.
Service	setErrorDescriptionOmitted(boolean omitted) Omit or embed the error_description response parameter in error responses.
Service	setErrorUriOmitted(boolean omitted) Omit or embed the error_uri response parameter in error responses.
Service	setIdTokenDuration(long duration) Set the duration of ID tokens in seconds.
Service	setIdTokenSignatureKeyId(String keyId) Set the key ID to identify a JWK used for ID token signature using an asymmetric key.
Service	setIssuer(URI issuer) Set the issuer identifier of this OpenID provider.
Service	setJwks(String jwks) Set the JSON Web Key Set of the service.
Service	setJwksUri(URI uri) Set the URI of the service's JSON Web Key Set.
Service	setMetadata(Pair[] metadata) Set metadata.
Service	setModifiedAt(long modifiedAt) Set the time at which this service was last modified.
Service	setNumber(int number) Set the service number.
Service	setPkceRequired(boolean required) Set the flag to indicate whether the use of Proof Key for Code Exchange (PKCE) is always required for authorization requests by Authorization Code Flow.
Service	setPolicyUri(URI uri) Set the URI of that this OpenID Provider provides to the person registering the client to read about the OP's requirements on how the Relying Party can use the data provided by the OP.
Service	setRefreshTokenDuration(long duration) Set the duration of refresh tokens in seconds.
Service	setRefreshTokenKept(boolean kept) Set the flag to indicate whether a refresh token remains unchanged or gets renewed after its use.
Service	setRegistrationEndpoint(URI endpoint) Set the URI of the registration endpoint.
Service	setRevocationEndpoint(URI endpoint) Set the URI of the token revocation endpoint.
Service	setServiceDocumentation(URI uri) Set the URI of a page containing human-readable information that developers might want or need to know when using this OpenID Provider.
Service	setServiceName(String serviceName) Set the service name.
Service	setServiceOwnerNumber(int serviceOwnerNumber) Set the service owner number
Service	setSingleAccessTokenPerSubject(boolean single) Set the flag to indicate whether the number of access tokens per subject (and per client) is at most one or can be more.
Service	setSnsCredentials(SnsCredentials[] snsCredentials) Set the list of SNS credentials that Authlete uses to support social login.
Service	setSupportedAcrs(String[] acrs) Set the supported ACRs (authentication context class references).
Service	setSupportedClaimLocales(String[] supportedClaimLocales) Set the supported claim locales.
Service	setSupportedClaims(String[] supportedClaims) Set the supported claims.
Service	setSupportedClaimTypes(ClaimType[] claimTypes) Set the supported claim types.
Service	setSupportedDeveloperSnses(Sns[] supportedSnses) Set the list of supported SNSes for social login at the developer console.
Service	setSupportedDisplays(Display[] displays) Set the supported values of display parameter passed to the authorization endpoint.
Service	setSupportedGrantTypes(GrantType[] grantTypes) Set the supported grant types.
Service	setSupportedResponseTypes(ResponseType[] responseTypes) Set the supported response types.
Service	setSupportedScopes(Scope[] supportedScopes) Set the supported scopes.
Service	setSupportedSnses(Sns[] supportedSnses) Set the list of supported SNSes for social login at the authorization endpoint.
Service	setSupportedTokenAuthMethods(ClientAuthMethod[] methods) Set the number of client authentication methods at the token endpoint.
Service	setSupportedUiLocales(String[] supportedUiLocales) Set the supported UI locales.
Service	setTokenEndpoint(URI endpoint) Set the URI of the token endpoint.
Service	setTosUri(URI uri) Set the URI that the OpenID Provider provides to the person registering the client to read about the OP's terms of service.
Service	setUserInfoEndpoint(URI endpoint) Set the URI of the user info endpoint.
Service	setUserInfoSignatureKeyId(String keyId) Set the key ID to identify a JWK used for user info signature using an asymmetric key.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Service

public Service()

Method Detail

getNumber

public int getNumber()

Get the service number.

Returns:

The service number.

setNumber

public Service setNumber(int number)

Set the service number.

Parameters:

number - The service number.

Returns:

this object.

getServiceOwnerNumber

public int getServiceOwnerNumber()

Get the service owner number.

Returns:

The service owner number.

setServiceOwnerNumber

public Service setServiceOwnerNumber(int serviceOwnerNumber)

Set the service owner number

Parameters:

serviceOwnerNumber - The service owner number.

Returns:

this object.

getServiceName

public String getServiceName()

Get the service name.

Returns:

The service name.

setServiceName

public Service setServiceName(String serviceName)

Set the service name.

Parameters:

serviceName - The service name.

Returns:

this object.

getApiKey

public long getApiKey()

Get the API key.

Returns:

The API key.

setApiKey

public Service setApiKey(long apiKey)

Set the API key.

Parameters:

apiKey - The API key.

Returns:

this object.

getApiSecret

public String getApiSecret()

Get the API secret.

Returns:

The API secret.

setApiSecret

public Service setApiSecret(String apiSecret)

Set the API secret.

Parameters:

apiSecret - The API secret.

Returns:

this object.

getIssuer

public URI getIssuer()

Get the issuer identifier of this OpenID provider.

Returns:

The issuer identifier.

setIssuer

public Service setIssuer(URI issuer)

Set the issuer identifier of this OpenID provider.

Parameters:

issuer - The issuer identifier.

Returns:

this object.

getAuthorizationEndpoint

public URI getAuthorizationEndpoint()

Get the URI of the authorization endpoint.

Returns:

The URI of the authorization endpoint.

setAuthorizationEndpoint

public Service setAuthorizationEndpoint(URI endpoint)

Set the URI of the authorization endpoint.

Parameters:

endpoint - The URI of the authorization endpoint.

Returns:

this object.

getTokenEndpoint

public URI getTokenEndpoint()

Get the URI of the token endpoint.

Returns:

The URI of the token endpoint.

setTokenEndpoint

public Service setTokenEndpoint(URI endpoint)

Set the URI of the token endpoint.

Parameters:

endpoint - The URI of the token endpoint.

Returns:

this object.

getRevocationEndpoint

public URI getRevocationEndpoint()

Get the URI of the token revocation endpoint.

Returns:

The URI of the token revocation endpoint.

Since:

1.16

See Also:

RFC 7009: OAuth 2.0 Token Revocation

setRevocationEndpoint

public Service setRevocationEndpoint(URI endpoint)

Set the URI of the token revocation endpoint.

Parameters:

endpoint - The URI of the token revocation endpoint.

Returns:

this object.

Since:

1.16

See Also:

RFC 7009: OAuth 2.0 Token Revocation

getUserInfoEndpoint

public URI getUserInfoEndpoint()

Get the URI of the user info endpoint.

Returns:

The URI of the user info endpoint.

setUserInfoEndpoint

public Service setUserInfoEndpoint(URI endpoint)

Set the URI of the user info endpoint.

Parameters:

endpoint - The URI of the user info endpoint.

Returns:

this object.

getJwksUri

public URI getJwksUri()

Get the URI of the service's JSON Web Key Set.

Returns:

The URI of the service's JSON Web Key Set.

setJwksUri

public Service setJwksUri(URI uri)

Set the URI of the service's JSON Web Key Set.

Parameters:

uri - The URI of the service's JSON Web Key Set.

Returns:

this object.

getJwks

public String getJwks()

Get the JSON Web Key Set of the service.

Returns:

The JSON Web Key Set of the service.

setJwks

public Service setJwks(String jwks)

Set the JSON Web Key Set of the service.

Parameters:

jwks - The JSON Web Key Set of the service.

Returns:

this object.

getRegistrationEndpoint

public URI getRegistrationEndpoint()

Get the URI of the registration endpoint.

Returns:

The URI of the registration endpoint.

setRegistrationEndpoint

public Service setRegistrationEndpoint(URI endpoint)

Set the URI of the registration endpoint.

Parameters:

endpoint - The URI of the registration endpoint.

Returns:

this object.

getSupportedScopes

public Scope[] getSupportedScopes()

Get the supported scopes.

Returns:

The supported scopes.

setSupportedScopes

public Service setSupportedScopes(Scope[] supportedScopes)

Set the supported scopes.

Parameters:

supportedScopes - The supported scopes.

Returns:

this object.

getSupportedResponseTypes

public ResponseType[] getSupportedResponseTypes()

Get the supported response types.

Returns:

The supported response types.

setSupportedResponseTypes

public Service setSupportedResponseTypes(ResponseType[] responseTypes)

Set the supported response types.

Parameters:

responseTypes - The supported response types.

Returns:

this object.

getSupportedGrantTypes

public GrantType[] getSupportedGrantTypes()

Get the supported grant types.

Returns:

The supported grant types.

setSupportedGrantTypes

public Service setSupportedGrantTypes(GrantType[] grantTypes)

Set the supported grant types.

Parameters:

grantTypes - The supported grant types.

Returns:

this object.

getSupportedAcrs

public String[] getSupportedAcrs()

Get the supported ACRs (authentication context class references).

Returns:

The supported ACRs.

setSupportedAcrs

public Service setSupportedAcrs(String[] acrs)

Set the supported ACRs (authentication context class references).

Parameters:

acrs - The supported ACRs.

Returns:

this object.

getSupportedTokenAuthMethods

public ClientAuthMethod[] getSupportedTokenAuthMethods()

Get the supported client authentication methods at the token endpoint.

Returns:

The supported client authentication methods.

setSupportedTokenAuthMethods

public Service setSupportedTokenAuthMethods(ClientAuthMethod[] methods)

Set the number of client authentication methods at the token endpoint.

Parameters:

methods - The supported client authentication methods.

Returns:

this object.

getSupportedDisplays

public Display[] getSupportedDisplays()

Get the supported values of display parameter passed to the authorization endpoint.

Returns:

The supported values of display parameter.

setSupportedDisplays

public Service setSupportedDisplays(Display[] displays)

Set the supported values of display parameter passed to the authorization endpoint.

Parameters:

displays - The supported values of display parameter.

Returns:

this object.

getSupportedClaimTypes

public ClaimType[] getSupportedClaimTypes()

Get the supported claim types.

Returns:

The supported claim types.

setSupportedClaimTypes

public Service setSupportedClaimTypes(ClaimType[] claimTypes)

Set the supported claim types.

Parameters:

claimTypes - The supported claim types.

Returns:

this object.

getSupportedClaims

public String[] getSupportedClaims()

Get the supported claims.

Returns:

The supported claims.

setSupportedClaims

public Service setSupportedClaims(String[] supportedClaims)

Set the supported claims.

Parameters:

supportedClaims - The supported claims.

Returns:

this object.

getServiceDocumentation

public URI getServiceDocumentation()

Get the URI of a page containing human-readable information that developers might want or need to know when using this OpenID Provider.

Returns:

The URI of the service documentation.

setServiceDocumentation

public Service setServiceDocumentation(URI uri)

Set the URI of a page containing human-readable information that developers might want or need to know when using this OpenID Provider.

Parameters:

uri - The URI of the service documentation.

Returns:

this object.

getSupportedClaimLocales

public String[] getSupportedClaimLocales()

Get the supported claim locales.

Returns:

The supported claim locales.

setSupportedClaimLocales

public Service setSupportedClaimLocales(String[] supportedClaimLocales)

Set the supported claim locales.

Parameters:

supportedClaimLocales - The supported claim locales.

Returns:

this object.

getSupportedUiLocales

public String[] getSupportedUiLocales()

Get the supported UI locales.

Returns:

The supported UI locales.

setSupportedUiLocales

public Service setSupportedUiLocales(String[] supportedUiLocales)

Set the supported UI locales.

Parameters:

supportedUiLocales - The supported UI locales.

Returns:

this object.

getPolicyUri

public URI getPolicyUri()

Get the URI of that this OpenID Provider provides to the person registering the client to read about the OP's requirements on how the Relying Party can use the data provided by the OP.

Returns:

The URI of the policy page.

setPolicyUri

public Service setPolicyUri(URI uri)

Set the URI of that this OpenID Provider provides to the person registering the client to read about the OP's requirements on how the Relying Party can use the data provided by the OP.

Parameters:

uri - The URI of the policy page.

Returns:

this object.

getTosUri

public URI getTosUri()

Get the URI that the OpenID Provider provides to the person registering the client to read about the OP's terms of service.

Returns:

The URI of the Terms-of-Service page.

setTosUri

public Service setTosUri(URI uri)

Set the URI that the OpenID Provider provides to the person registering the client to read about the OP's terms of service.

Parameters:

uri - The URI of the Terms-of-Service page.

Returns:

this object.

getDescription

public String getDescription()

Get the description.

Returns:

The description.

setDescription

public Service setDescription(String description)

Set the description.

Parameters:

description - The description.

Returns:

this object.

getAccessTokenType

public String getAccessTokenType()

Get the access token type; the value of token_type in access token responses.

Returns:

The access token type.

See Also:

RFC 6749 (OAuth 2.0), 7.1. Access Token Types, RFC 6749 (OAuth 2.0), 5.1. Successful Response, RFC 6750 (OAuth 2.0 Bearer Token Usage)

setAccessTokenType

public Service setAccessTokenType(String type)

Set the access token type; the value of token_type in access token responses.

Parameters:

type - The access token type.

Returns:

this object.

See Also:

RFC 6749 (OAuth 2.0), 7.1. Access Token Types, RFC 6749 (OAuth 2.0), 5.1. Successful Response, RFC 6750 (OAuth 2.0 Bearer Token Usage)

getAccessTokenDuration

public long getAccessTokenDuration()

Get the duration of access tokens in seconds; the value of expires_in in access token responses.

Returns:

The duration of access tokens in seconds.

See Also:

RFC 6749 (OAuth 2.0), 5.1. Successful Response

setAccessTokenDuration

public Service setAccessTokenDuration(long duration)

Set the duration of access tokens in seconds; the value of expires_in in access token responses.

Parameters:

duration - The duration of access tokens in seconds.

Returns:

this object.

See Also:

RFC 6749 (OAuth 2.0), 5.1. Successful Response

getRefreshTokenDuration

public long getRefreshTokenDuration()

Get the duration of refresh tokens in seconds.

Returns:

The duration of refresh tokens in seconds.

setRefreshTokenDuration

public Service setRefreshTokenDuration(long duration)

Set the duration of refresh tokens in seconds.

Parameters:

duration - The duration of refresh tokens in seconds.

Returns:

this object.

getIdTokenDuration

public long getIdTokenDuration()

Get the duration of ID tokens in seconds.

Returns:

The duration of ID tokens in seconds.

setIdTokenDuration

public Service setIdTokenDuration(long duration)

Set the duration of ID tokens in seconds.

Parameters:

duration - The duration of ID tokens in seconds.

Returns:

this object.

getAuthenticationCallbackEndpoint

public URI getAuthenticationCallbackEndpoint()

Get the URI of the authentication callback endpoint.

Returns:

The URI of the authentication callback endpoint.

Since:

1.1

setAuthenticationCallbackEndpoint

public Service setAuthenticationCallbackEndpoint(URI endpoint)

Set the URI of the authentication callback endpoint.

Parameters:

endpoint - The URI of the authentication callback endpoint.

Returns:

this object.

Since:

1.1

getAuthenticationCallbackApiKey

public String getAuthenticationCallbackApiKey()

Get the API key to access the authentication callback endpoint.

Returns:

The API key to access the authentication callback endpoint.

Since:

1.1

setAuthenticationCallbackApiKey

public Service setAuthenticationCallbackApiKey(String apiKey)

Set the API key to access the authentication callback endpoint.

Parameters:

apiKey - The API key to access the authentication callback endpoint.

Returns:

this object.

Since:

1.1

getAuthenticationCallbackApiSecret

public String getAuthenticationCallbackApiSecret()

Get the API secret to access the authentication callback endpoint.

Returns:

The API secret to access the authentication callback endpoint.

Since:

1.1

setAuthenticationCallbackApiSecret

public Service setAuthenticationCallbackApiSecret(String apiSecret)

Set the API secret to access the authentication callback endpoint.

Parameters:

apiSecret - The API secret to access the authentication callback endpoint.

Returns:

this object.

Since:

1.1

getSupportedSnses

public Sns[] getSupportedSnses()

Get the list of supported SNSes for social login at the authorization endpoint.

Returns:

The list of SNSes.

Since:

1.3

setSupportedSnses

public Service setSupportedSnses(Sns[] supportedSnses)

Set the list of supported SNSes for social login at the authorization endpoint.

Parameters:

supportedSnses - The list of SNSes.

Returns:

this object.

Since:

1.3

getSnsCredentials

public SnsCredentials[] getSnsCredentials()

Get the list of SNS credentials that Authlete uses to support social login.

Returns:

The list of SNS credentials.

Since:

1.3

setSnsCredentials

public Service setSnsCredentials(SnsCredentials[] snsCredentials)

Set the list of SNS credentials that Authlete uses to support social login.

Parameters:

snsCredentials - The list of SNS credentials.

Returns:

this object.

Since:

1.3

getCreatedAt

public long getCreatedAt()

Get the time at which this service was created.

Returns:

The time at which this service was created. The value is represented as milliseconds since the UNIX epoch (1970-01-01).

Since:

1.6

setCreatedAt

public Service setCreatedAt(long createdAt)

Set the time at which this service was created.

Parameters:

createdAt - The time at which this service was created.

Returns:

this object.

Since:

1.6

getModifiedAt

public long getModifiedAt()

Get the time at which this service was last modified.

Returns:

The time at which this service was last modified. The value is represented as milliseconds since the UNIX epoch (1970-01-01).

Since:

1.6

setModifiedAt

public Service setModifiedAt(long modifiedAt)

Set the time at which this service was last modified.

Parameters:

modifiedAt - The time at which this service was modified.

Returns:

this object.

Since:

1.6

getMetadata

public Pair[] getMetadata()

Get metadata.

The content of the returned array depends on contexts.

Predefined Service Metadata

Key	Description
"clientCount"	The number of client applications which belong to this service.

Returns:

Metadata. The type is an array of Pair.

Since:

1.39

setMetadata

public Service setMetadata(Pair[] metadata)

Set metadata.

Parameters:

metadata - Metadata. The type is an array of Pair. null may be returned.

Returns:

this object.

Since:

1.39

getDeveloperAuthenticationCallbackEndpoint

public URI getDeveloperAuthenticationCallbackEndpoint()

Get the URI of the developer authentication callback endpoint.

Returns:

The URI of the developer authentication callback endpoint.

Since:

1.9

setDeveloperAuthenticationCallbackEndpoint

public Service setDeveloperAuthenticationCallbackEndpoint(URI endpoint)

Set the URI of the developer authentication callback endpoint.

Parameters:

endpoint - The URI of the developer authentication callback endpoint.

Returns:

this object.

Since:

1.9

getDeveloperAuthenticationCallbackApiKey

public String getDeveloperAuthenticationCallbackApiKey()

Get the API key to access the developer authentication callback endpoint.

Returns:

The API key to access the developer authentication callback endpoint.

Since:

1.9

setDeveloperAuthenticationCallbackApiKey

public Service setDeveloperAuthenticationCallbackApiKey(String apiKey)

Set the API key to access the developer authentication callback endpoint.

Parameters:

apiKey - The API key to access the developer authentication callback endpoint.

Returns:

this object.

Since:

1.9

getDeveloperAuthenticationCallbackApiSecret

public String getDeveloperAuthenticationCallbackApiSecret()

Get the API secret to access the developer authentication callback endpoint.

Returns:

The API secret to access the developer authentication callback endpoint.

Since:

1.9

setDeveloperAuthenticationCallbackApiSecret

public Service setDeveloperAuthenticationCallbackApiSecret(String apiSecret)

Set the API secret to access the developer authentication callback endpoint.

Parameters:

apiSecret - The API secret to access the developer authentication callback endpoint.

Returns:

this object.

Since:

1.9

getSupportedDeveloperSnses

public Sns[] getSupportedDeveloperSnses()

Get the list of supported SNSes for social login at the developer console.

Returns:

The list of SNSes.

Since:

1.10

setSupportedDeveloperSnses

public Service setSupportedDeveloperSnses(Sns[] supportedSnses)

Set the list of supported SNSes for social login at the developer console.

Parameters:

supportedSnses - The list of SNSes.

Returns:

this object.

Since:

1.10

getDeveloperSnsCredentials

public SnsCredentials[] getDeveloperSnsCredentials()

Get the list of SNS credentials that Authlete uses to support social login at the developer console.

Returns:

The list of SNS credentials.

Since:

1.10

setDeveloperSnsCredentials

public Service setDeveloperSnsCredentials(SnsCredentials[] snsCredentials)

Set the list of SNS credentials that Authlete uses to support social login at the developer console.

Parameters:

snsCredentials - The list of SNS credentials.

Returns:

this object.

Since:

1.10

getClientsPerDeveloper

public int getClientsPerDeveloper()

Get the number of client applications that one developer can create. 0 means that developers can create as many client applications as they want.

Returns:

The number of client applications that one developer can create. 0 means no limit.

Since:

1.16

setClientsPerDeveloper

public Service setClientsPerDeveloper(int count)

Set the number of client applications that one developer can create. 0 means that developers can create as many client applications as they want.

Parameters:

count - The number of client applications that one developer can create. 0 means no limit.

Returns:

this object.

Since:

1.16

isDirectAuthorizationEndpointEnabled

public boolean isDirectAuthorizationEndpointEnabled()

Get the flag to indicate whether the direct authorization endpoint is enabled or not. The path of the endpoint is /api/auth/authorization/direct/{serviceApiKey}

Returns:

true if enabled.

Since:

1.16

setDirectAuthorizationEndpointEnabled

public Service setDirectAuthorizationEndpointEnabled(boolean enabled)

Set the flag to indicate whether the direct authorization endpoint is enabled or not. The path of the endpoint is /api/auth/authorization/direct/{serviceApiKey}

Parameters:

enabled - true to enable the direct endpoint.

Returns:

this object.

Since:

1.16

isDirectTokenEndpointEnabled

public boolean isDirectTokenEndpointEnabled()

Get the flag to indicate whether the direct token endpoint is enabled or not. The path of the endpoint is /api/auth/token/direct/{serviceApiKey}

Returns:

true if enabled.

Since:

1.16

setDirectTokenEndpointEnabled

public Service setDirectTokenEndpointEnabled(boolean enabled)

Set the flag to indicate whether the direct token endpoint is enabled or not. The path of the endpoint is /api/auth/token/direct/{serviceApiKey}

Parameters:

enabled - true to enable the direct endpoint.

Returns:

this object.

Since:

1.16

isDirectRevocationEndpointEnabled

public boolean isDirectRevocationEndpointEnabled()

Get the flag to indicate whether the direct revocation endpoint is enabled or not. The path of the endpoint is /api/auth/revocation/direct/{serviceApiKey}

Returns:

true if enabled.

Since:

1.16

setDirectRevocationEndpointEnabled

public Service setDirectRevocationEndpointEnabled(boolean enabled)

Set the flag to indicate whether the direct revocation endpoint is enabled or not. The path of the endpoint is /api/auth/revocation/direct/{serviceApiKey}

Parameters:

enabled - true to enable the direct endpoint.

Returns:

this object.

Since:

1.16

isDirectUserInfoEndpointEnabled

public boolean isDirectUserInfoEndpointEnabled()

Get the flag to indicate whether the direct userinfo endpoint is enabled or not. The path of the endpoint is /api/auth/userinfo/direct/{serviceApiKey}

Returns:

true if enabled.

Since:

1.16

setDirectUserInfoEndpointEnabled

public Service setDirectUserInfoEndpointEnabled(boolean enabled)

Set the flag to indicate whether the direct userinfo endpoint is enabled or not. The path of the endpoint is /api/auth/userinfo/direct/{serviceApiKey}

Parameters:

enabled - true to enable the direct endpoint.

Returns:

this object.

Since:

1.16

isDirectJwksEndpointEnabled

public boolean isDirectJwksEndpointEnabled()

Get the flag to indicate whether the direct jwks endpoint is enabled or not. The path of the endpoint is /api/service/jwks/get/direct/{serviceApiKey}

Returns:

true if enabled.

Since:

1.16

setDirectJwksEndpointEnabled

public Service setDirectJwksEndpointEnabled(boolean enabled)

Set the flag to indicate whether the direct jwks endpoint is enabled or not. The path of the endpoint is /api/service/jwks/get/direct/{serviceApiKey}

Parameters:

enabled - true to enable the direct endpoint.

Returns:

this object.

Since:

1.16

isDirectIntrospectionEndpointEnabled

public boolean isDirectIntrospectionEndpointEnabled()

Get the flag to indicate whether the direct introspection endpoint is enabled or not. The path of the endpoint is /api/auth/introspection/direct/{serviceApiKey}

Returns:

true if enabled.

Since:

1.39

setDirectIntrospectionEndpointEnabled

public Service setDirectIntrospectionEndpointEnabled(boolean enabled)

Set the flag to indicate whether the direct introspection endpoint is enabled or not. The path of the endpoint is /api/auth/introspection/direct/{serviceApiKey}

Parameters:

enabled - true to enable the direct endpoint.

Returns:

this object.

Since:

1.39

isSingleAccessTokenPerSubject

public boolean isSingleAccessTokenPerSubject()

Get the flag to indicate whether the number of access tokens per subject (and per client) is at most one or can be more.

If this flag is true, an attempt to issue a new access token invalidates existing access tokens associated with the same subject and the same client.

Note that, however, attempts by Client Credentials Flow do not invalidate existing access tokens because access tokens issued by Client Credentials Flow are not associated with any end-user's subject. Also note that an attempt by Refresh Token Flow invalidates the coupled access token only and this invalidation is always performed regardless of whether this flag is true or false.

Returns:

true if the number of access tokens per subject (and per client) is at most one.

Since:

1.20

setSingleAccessTokenPerSubject

public Service setSingleAccessTokenPerSubject(boolean single)

Set the flag to indicate whether the number of access tokens per subject (and per client) is at most one or can be more.

If true is set, an attempt to issue a new access token invalidates existing access tokens associated with the same subject and the same client.

Note that, however, attempts by Client Credentials Flow do not invalidate existing access tokens because access tokens issued by Client Credentials Flow are not associated with any end-user's subject. Also note that an attempt by Refresh Token Flow invalidates the coupled access token only and this invalidation is always performed regardless of whether this flag is true or false.

Parameters:

single - true to set the maximum number of access tokens per subject (and per client) to 1.

Returns:

this object.

Since:

1.20

isPkceRequired

public boolean isPkceRequired()

Get the flag to indicate whether the use of Proof Key for Code Exchange (PKCE) is always required for authorization requests by Authorization Code Flow. See RFC 7636 (Proof Key for Code Exchange by OAuth Public Clients for details.

Returns:

true if PKCE is always required for authorization requests by Authorization Code Flow.

Since:

1.21

See Also:

RFC 7636

setPkceRequired

public Service setPkceRequired(boolean required)

Set the flag to indicate whether the use of Proof Key for Code Exchange (PKCE) is always required for authorization requests by Authorization Code Flow. See RFC 7636 (Proof Key for Code Exchange by OAuth Public Clients for details.

Parameters:

required - true to always require PKCE for authorization requests by Authorization Code Flow.

Returns:

this object.

Since:

1.21

isRefreshTokenKept

public boolean isRefreshTokenKept()

Get the flag to indicate whether a refresh token remains unchanged or gets renewed after its use.

Returns:

true if a refresh token remains unchanged after its use. false if a new refresh token is issued after its use.

Since:

1.33

setRefreshTokenKept

public Service setRefreshTokenKept(boolean kept)

Set the flag to indicate whether a refresh token remains unchanged or gets renewed after its use.

Parameters:

kept - true to keep a refresh token valid after its use. false to renew a refresh token after its use.

Returns:

this object.

Since:

1.33

isErrorDescriptionOmitted

public boolean isErrorDescriptionOmitted()

Get the flag to indicate whether the error_description response parameter is omitted.

According to RFC 6749, an authorization server may include the error_description response parameter in error responses. When this errorDescriptionOmitted property is true, Authlete does not embed the error_description response parameter in error responses.

Returns:

true if the error_description response parameter is omitted. false if the error_description response parameter is included in error responses from the authorization server.

Since:

1.39

setErrorDescriptionOmitted

public Service setErrorDescriptionOmitted(boolean omitted)

Omit or embed the error_description response parameter in error responses.

Parameters:

omitted - true to omit the error_description response parameter. false to embed the parameter.

Returns:

this object.

Since:

1.39

isErrorUriOmitted

public boolean isErrorUriOmitted()

Get the flag to indicate whether the error_uri response parameter is omitted.

According to RFC 6749, an authorization server may include the error_uri response parameter in error responses. When this errorUriOmitted property is true, Authlete does not embed the error_uri response parameter in error responses.

Returns:

true if the error_uri response parameter is omitted. false if the error_uri response parameter is included in error responses from the authorization server.

Since:

1.39

setErrorUriOmitted

public Service setErrorUriOmitted(boolean omitted)

Omit or embed the error_uri response parameter in error responses.

Parameters:

omitted - true to omit the error_uri response parameter. false to embed the parameter.

Returns:

this object.

Since:

1.39

isClientIdAliasEnabled

public boolean isClientIdAliasEnabled()

Get the flag which indicates whether the 'Client ID Alias' feature is enabled or not.

Returns:

true if the 'Client ID Alias' feature is enabled. false if the feature is disabled.

Since:

2.2

setClientIdAliasEnabled

public Service setClientIdAliasEnabled(boolean enabled)

Enable/disable the 'Client ID Alias' feature.

When a new client is created, Authlete generates a numeric value and assigns it as a client ID to the newly created client. In addition to the client ID, each client can have a client ID alias. The client ID alias is, however, recognized only when this property (clientIdAliasEnabled) is true.

Parameters:

enabled - true to enable the 'Client ID Alias' feature. false to disable it.

Returns:

this object.

Since:

2.2

getIdTokenSignatureKeyId

public String getIdTokenSignatureKeyId()

Get the key ID to identify a JWK used for ID token signature using an asymmetric key.

A JWK Set can be registered as a property of a Service. A JWK Set can contain 0 or more JWKs (See RFC 7517 for details about JWK). Authlete Server has to pick up one JWK for signature from the JWK Set when it generates an ID token and signature using an asymmetric key is required. Authlete Server searches the registered JWK Set for a JWK which satisfies conditions for ID token signature. If the number of JWK candidates which satisfy the conditions is 1, there is no problem. On the other hand, if there exist multiple candidates, a Key ID is needed to be specified so that Authlete Server can pick up one JWK from among the JWK candidates.

This idTokenSignatureKeyId property exists for the purpose described above. For key rotation (OpenID Connect Core 1.0, 10.1.1. Rotation of Asymmetric Signing Keys), this mechanism is needed.

Returns:

A key ID of a JWK. This may be null.

Since:

2.1

setIdTokenSignatureKeyId

public Service setIdTokenSignatureKeyId(String keyId)

Set the key ID to identify a JWK used for ID token signature using an asymmetric key.

See the description of getIdTokenSignatureKeyId() for details.

Parameters:

keyId - A key ID of a JWK. This may be null.

Returns:

this object.

Since:

2.1

getUserInfoSignatureKeyId

public String getUserInfoSignatureKeyId()

Get the key ID to identify a JWK used for user info signature using an asymmetric key.

A JWK Set can be registered as a property of a Service. A JWK Set can contain 0 or more JWKs (See RFC 7517 for details about JWK). Authlete Server has to pick up one JWK for signature from the JWK Set when it is required to sign user info (which is returned from UserInfo Endpoint) using an asymmetric key. Authlete Server searches the registered JWK Set for a JWK which satisfies conditions for user info signature. If the number of JWK candidates which satisfy the conditions is 1, there is no problem. On the other hand, if there exist multiple candidates, a Key ID is needed to be specified so that Authlete Server can pick up one JWK from among the JWK candidates.

This userInfoSignatureKeyId property exists for the purpose described above. For key rotation (OpenID Connect Core 1.0, 10.1.1. Rotation of Asymmetric Signing Keys), this mechanism is needed.

Returns:

A key ID of a JWK. This may be null.

Since:

2.1

setUserInfoSignatureKeyId

public Service setUserInfoSignatureKeyId(String keyId)

Set the key ID to identify a JWK used for user info signature using an asymmetric key.

See the description of getUserInfoSignatureKeyId() for details.

Parameters:

keyId - A key ID of a JWK. This may be null.

Returns:

this object.

Since:

2.1