SigninOidc

java.lang.Object
- play.mvc.Results
- - play.mvc.Controller
  - - auth.gui.SigninOidc

All Implemented Interfaces:

play.mvc.Http.HeaderNames, play.mvc.Http.Status

Direct Known Subclasses:

SigninBasicOidc, SigninOrcid
```
public abstract class SigninOidc
extends play.mvc.Controller
```
OpenID Connect (OIDC) authentication using Authorization Code Flow with Proof Key for Code Exchange (PKCE). OIDC is just used for authentication - authorization and session management are still done with the session cookies from the Play Framework.
This class is meant to be extended by the actual OIDC implementations.
Using library: Nimbus OAuth 2.0 SDK with OpenID Connect extensions https://connect2id.com/products/nimbus-oauth-openid-connect-sdk/guides/java-cookbook-for-openid-connect-public-clients

Nested Class Summary

Nested Classes
Modifier and Type Class and Description

static class SigninOidc.OidcConfig
All configuration needed for an OIDC auth method

Nested Classes
Modifier and Type	Class and Description
`static class`	`SigninOidc.OidcConfig` All configuration needed for an OIDC auth method

Field Summary
- Fields inherited from interface play.mvc.Http.Status
  ACCEPTED, BAD_GATEWAY, BAD_REQUEST, CONFLICT, CONTINUE, CREATED, EXPECTATION_FAILED, FAILED_DEPENDENCY, FORBIDDEN, FOUND, GATEWAY_TIMEOUT, GONE, HTTP_VERSION_NOT_SUPPORTED, IM_A_TEAPOT, INSUFFICIENT_STORAGE, INTERNAL_SERVER_ERROR, LENGTH_REQUIRED, LOCKED, METHOD_NOT_ALLOWED, MOVED_PERMANENTLY, MULTI_STATUS, MULTIPLE_CHOICES, NETWORK_AUTHENTICATION_REQUIRED, NO_CONTENT, NON_AUTHORITATIVE_INFORMATION, NOT_ACCEPTABLE, NOT_FOUND, NOT_IMPLEMENTED, NOT_MODIFIED, OK, PARTIAL_CONTENT, PAYMENT_REQUIRED, PERMANENT_REDIRECT, PRECONDITION_FAILED, PRECONDITION_REQUIRED, PROXY_AUTHENTICATION_REQUIRED, REQUEST_ENTITY_TOO_LARGE, REQUEST_HEADER_FIELDS_TOO_LARGE, REQUEST_TIMEOUT, REQUEST_URI_TOO_LONG, REQUESTED_RANGE_NOT_SATISFIABLE, RESET_CONTENT, SEE_OTHER, SERVICE_UNAVAILABLE, SWITCHING_PROTOCOLS, TEMPORARY_REDIRECT, TOO_MANY_REQUESTS, UNAUTHORIZED, UNPROCESSABLE_ENTITY, UNSUPPORTED_MEDIA_TYPE, UPGRADE_REQUIRED, USE_PROXY
- Fields inherited from interface play.mvc.Http.HeaderNames
  ACCEPT, ACCEPT_CHARSET, ACCEPT_ENCODING, ACCEPT_LANGUAGE, ACCEPT_RANGES, ACCESS_CONTROL_ALLOW_CREDENTIALS, ACCESS_CONTROL_ALLOW_HEADERS, ACCESS_CONTROL_ALLOW_METHODS, ACCESS_CONTROL_ALLOW_ORIGIN, ACCESS_CONTROL_EXPOSE_HEADERS, ACCESS_CONTROL_MAX_AGE, ACCESS_CONTROL_REQUEST_HEADERS, ACCESS_CONTROL_REQUEST_METHOD, AGE, ALLOW, AUTHORIZATION, CACHE_CONTROL, CONNECTION, CONTENT_DISPOSITION, CONTENT_ENCODING, CONTENT_LANGUAGE, CONTENT_LENGTH, CONTENT_LOCATION, CONTENT_MD5, CONTENT_RANGE, CONTENT_SECURITY_POLICY, CONTENT_SECURITY_POLICY_REPORT_ONLY, CONTENT_TRANSFER_ENCODING, CONTENT_TYPE, COOKIE, DATE, ETAG, EXPECT, EXPIRES, FORWARDED, FROM, HOST, IF_MATCH, IF_MODIFIED_SINCE, IF_NONE_MATCH, IF_RANGE, IF_UNMODIFIED_SINCE, LAST_MODIFIED, LINK, LOCATION, MAX_FORWARDS, ORIGIN, PRAGMA, PROXY_AUTHENTICATE, PROXY_AUTHORIZATION, RANGE, REFERER, REFERRER_POLICY, RETRY_AFTER, SERVER, SET_COOKIE, SET_COOKIE2, STRICT_TRANSPORT_SECURITY, TE, TRAILER, TRANSFER_ENCODING, UPGRADE, USER_AGENT, VARY, VIA, WARNING, WWW_AUTHENTICATE, X_CONTENT_SECURITY_POLICY_NONCE_HEADER, X_CONTENT_TYPE_OPTIONS, X_FORWARDED_FOR, X_FORWARDED_HOST, X_FORWARDED_PORT, X_FORWARDED_PROTO, X_FRAME_OPTIONS, X_PERMITTED_CROSS_DOMAIN_POLICIES, X_REQUESTED_WITH, X_XSS_PROTECTION

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`play.mvc.Result`	`callback(play.mvc.Http.Request request)` Callback handed to the OIDC provider to be called after authentication
`play.mvc.Result`	`signin(play.mvc.Http.Request request, java.lang.String realHostUrl, boolean keepSignedin)`

Methods inherited from class play.mvc.Controller
changeLang, changeLang, clearLang, ctx, flash, flash, flash, lang, request, response, session, session, session, TODO, TODO

Methods inherited from class play.mvc.Results
badRequest, badRequest, badRequest, badRequest, badRequest, badRequest, badRequest, badRequest, badRequest, badRequest, badRequest, badRequest, badRequest, badRequest, badRequest, badRequest, badRequest, badRequest, badRequest, badRequest, badRequest, badRequest, badRequest, badRequest, badRequest, badRequest, contentDispositionHeader, created, created, created, created, created, created, created, created, created, created, created, created, created, created, created, created, created, created, created, created, created, created, created, created, created, created, forbidden, forbidden, forbidden, forbidden, forbidden, forbidden, forbidden, forbidden, forbidden, forbidden, forbidden, forbidden, forbidden, forbidden, forbidden, forbidden, forbidden, forbidden, forbidden, forbidden, forbidden, forbidden, forbidden, forbidden, forbidden, forbidden, found, found, internalServerError, internalServerError, internalServerError, internalServerError, internalServerError, internalServerError, internalServerError, internalServerError, internalServerError, internalServerError, internalServerError, internalServerError, internalServerError, internalServerError, internalServerError, internalServerError, internalServerError, internalServerError, internalServerError, internalServerError, internalServerError, internalServerError, internalServerError, internalServerError, internalServerError, internalServerError, movedPermanently, movedPermanently, networkAuthenticationRequired, networkAuthenticationRequired, networkAuthenticationRequired, networkAuthenticationRequired, networkAuthenticationRequired, networkAuthenticationRequired, networkAuthenticationRequired, networkAuthenticationRequired, networkAuthenticationRequired, networkAuthenticationRequired, networkAuthenticationRequired, networkAuthenticationRequired, networkAuthenticationRequired, networkAuthenticationRequired, networkAuthenticationRequired, networkAuthenticationRequired, networkAuthenticationRequired, networkAuthenticationRequired, networkAuthenticationRequired, networkAuthenticationRequired, networkAuthenticationRequired, networkAuthenticationRequired, networkAuthenticationRequired, networkAuthenticationRequired, networkAuthenticationRequired, networkAuthenticationRequired, noContent, notAcceptable, notAcceptable, notAcceptable, notAcceptable, notAcceptable, notAcceptable, notAcceptable, notAcceptable, notAcceptable, notAcceptable, notAcceptable, notAcceptable, notAcceptable, notAcceptable, notAcceptable, notAcceptable, notAcceptable, notAcceptable, notAcceptable, notAcceptable, notAcceptable, notAcceptable, notAcceptable, notAcceptable, notAcceptable, notAcceptable, notFound, notFound, notFound, notFound, notFound, notFound, notFound, notFound, notFound, notFound, notFound, notFound, notFound, notFound, notFound, notFound, notFound, notFound, notFound, notFound, notFound, notFound, notFound, notFound, notFound, notFound, ok, ok, ok, ok, ok, ok, ok, ok, ok, ok, ok, ok, ok, ok, ok, ok, ok, ok, ok, ok, ok, ok, ok, ok, ok, ok, paymentRequired, paymentRequired, paymentRequired, paymentRequired, paymentRequired, paymentRequired, paymentRequired, paymentRequired, paymentRequired, paymentRequired, paymentRequired, paymentRequired, paymentRequired, paymentRequired, paymentRequired, paymentRequired, paymentRequired, paymentRequired, paymentRequired, paymentRequired, paymentRequired, paymentRequired, paymentRequired, paymentRequired, paymentRequired, paymentRequired, permanentRedirect, permanentRedirect, preconditionRequired, preconditionRequired, preconditionRequired, preconditionRequired, preconditionRequired, preconditionRequired, preconditionRequired, preconditionRequired, preconditionRequired, preconditionRequired, preconditionRequired, preconditionRequired, preconditionRequired, preconditionRequired, preconditionRequired, preconditionRequired, preconditionRequired, preconditionRequired, preconditionRequired, preconditionRequired, preconditionRequired, preconditionRequired, preconditionRequired, preconditionRequired, preconditionRequired, preconditionRequired, redirect, redirect, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, requestHeaderFieldsTooLarge, seeOther, seeOther, status, status, status, status, status, status, status, status, status, status, status, status, status, status, status, status, status, status, status, status, status, status, status, status, status, status, status, temporaryRedirect, temporaryRedirect, tooManyRequests, tooManyRequests, tooManyRequests, tooManyRequests, tooManyRequests, tooManyRequests, tooManyRequests, tooManyRequests, tooManyRequests, tooManyRequests, tooManyRequests, tooManyRequests, tooManyRequests, tooManyRequests, tooManyRequests, tooManyRequests, tooManyRequests, tooManyRequests, tooManyRequests, tooManyRequests, tooManyRequests, tooManyRequests, tooManyRequests, tooManyRequests, tooManyRequests, tooManyRequests, unauthorized, unauthorized, unauthorized, unauthorized, unauthorized, unauthorized, unauthorized, unauthorized, unauthorized, unauthorized, unauthorized, unauthorized, unauthorized, unauthorized, unauthorized, unauthorized, unauthorized, unauthorized, unauthorized, unauthorized, unauthorized, unauthorized, unauthorized, unauthorized, unauthorized, unauthorized, unsupportedMediaType, unsupportedMediaType, unsupportedMediaType, unsupportedMediaType, unsupportedMediaType, unsupportedMediaType, unsupportedMediaType, unsupportedMediaType, unsupportedMediaType, unsupportedMediaType, unsupportedMediaType, unsupportedMediaType, unsupportedMediaType, unsupportedMediaType, unsupportedMediaType, unsupportedMediaType, unsupportedMediaType, unsupportedMediaType, unsupportedMediaType, unsupportedMediaType, unsupportedMediaType, unsupportedMediaType, unsupportedMediaType, unsupportedMediaType, unsupportedMediaType, unsupportedMediaType

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

signin

public final play.mvc.Result signin(play.mvc.Http.Request request,
                                    java.lang.String realHostUrl,
                                    boolean keepSignedin)
                             throws java.net.URISyntaxException,
                                    java.io.IOException,
                                    com.nimbusds.oauth2.sdk.ParseException,
                                    AuthException

Throws:: java.net.URISyntaxException; java.io.IOException; com.nimbusds.oauth2.sdk.ParseException; AuthException

callback
```
public final play.mvc.Result callback(play.mvc.Http.Request request)
```
Callback handed to the OIDC provider to be called after authentication

Class SigninOidc

Nested Class Summary

Field Summary

Fields inherited from interface play.mvc.Http.Status

Fields inherited from interface play.mvc.Http.HeaderNames

Method Summary

Methods inherited from class play.mvc.Controller

Methods inherited from class play.mvc.Results

Methods inherited from class java.lang.Object

Method Detail

signin

callback