| /* |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, |
| * software distributed under the License is distributed on an |
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| * KIND, either express or implied. See the License for the |
| * specific language governing permissions and limitations |
| * under the License. |
| */ |
| package org.apache.syncope.common.rest.api.service; |
| |
| import io.swagger.v3.oas.annotations.security.SecurityRequirement; |
| import io.swagger.v3.oas.annotations.security.SecurityRequirements; |
| import io.swagger.v3.oas.annotations.tags.Tag; |
| import javax.ws.rs.POST; |
| import javax.ws.rs.Path; |
| import javax.ws.rs.Produces; |
| import javax.ws.rs.QueryParam; |
| import javax.ws.rs.core.MediaType; |
| import org.apache.syncope.common.lib.oidc.OIDCConstants; |
| import org.apache.syncope.common.lib.oidc.OIDCLoginResponse; |
| import org.apache.syncope.common.lib.oidc.OIDCRequest; |
| import org.apache.syncope.common.rest.api.RESTHeaders; |
| |
| /** |
| * REST operations for OpenID Connect Clients. |
| */ |
| @Tag(name = "OpenID Connect 1.0 C4UI") |
| @SecurityRequirements({ |
| @SecurityRequirement(name = "BasicAuthentication"), |
| @SecurityRequirement(name = "Bearer") }) |
| @Path("oidcc4ui/clients") |
| public interface OIDCC4UIService extends JAXRSService { |
| |
| /** |
| * Generates OpenID Connect authentication request for the Provider matching the provided op. |
| * |
| * @param redirectURI redirect URI |
| * @param op OpenID Connect Provider |
| * @return OpenID Connect authentication request |
| */ |
| @POST |
| @Path("loginRequest") |
| @Produces({ MediaType.APPLICATION_JSON, RESTHeaders.APPLICATION_YAML, MediaType.APPLICATION_XML }) |
| OIDCRequest createLoginRequest( |
| @QueryParam(OIDCConstants.REDIRECT_URI) String redirectURI, |
| @QueryParam(OIDCConstants.OP) String op); |
| |
| /** |
| * Uses the provided authorization code to go through the OpenID Connect tokens process and finally creates JWT for |
| * the matching user, if found. |
| * |
| * @param redirectURI redirect URI |
| * @param authorizationCode authorization code generated by the remote OpenID Connect Provider |
| * @param op OpenID Connect Provider |
| * @return JWT for the matching user plus attributes returned in the response |
| */ |
| @POST |
| @Path("login") |
| @Produces({ MediaType.APPLICATION_JSON, RESTHeaders.APPLICATION_YAML, MediaType.APPLICATION_XML }) |
| OIDCLoginResponse login( |
| @QueryParam(OIDCConstants.REDIRECT_URI) String redirectURI, |
| @QueryParam("authorizationCode") String authorizationCode, |
| @QueryParam(OIDCConstants.OP) String op); |
| |
| /** |
| * Returns the endSession endpoint for the OP matching the requesting access token. |
| * |
| * @param redirectURI redirect URI |
| * @return endSession endpoint for the OP matching the requesting access token |
| */ |
| @POST |
| @Path("logout") |
| @Produces({ MediaType.APPLICATION_JSON, RESTHeaders.APPLICATION_YAML, MediaType.APPLICATION_XML }) |
| OIDCRequest createLogoutRequest(@QueryParam(OIDCConstants.REDIRECT_URI) String redirectURI); |
| } |