Class ScimClientFactory

java.lang.Object
gluu.scim2.client.factory.ScimClientFactory

public class ScimClientFactory extends Object
A factory class to obtain "client" objects that allow interaction with the SCIM service.
  • Constructor Details

    • ScimClientFactory

      public ScimClientFactory()
  • Method Details

    • getClient

      public static <T> T getClient(Class<T> interfaceClass, String domain, String umaAatClientId, String umaAatClientJksPath, String umaAatClientJksPassword, String umaAatClientKeyId)
      Constructs an object that allows direct interaction with the SCIM API assuming it is protected by UMA. This method hides the complexity of authorization steps required at both the resource and authorization server in an UMA setting. The parameters needed as well as examples can be found at the SCIM 2.0 docs page.
      Type Parameters:
      T - The type the object returned will belong to.
      Parameters:
      interfaceClass - The Class to which the object returned will belong to. Normally it will be an interface inside package gluu.scim2.client.rest or gluu.scim2.ws.rs
      domain - The root URL of the SCIM service. Usually in the form https://your.gluu-server.com/identity/restv1
      umaAatClientId - Requesting party Client Id
      umaAatClientJksPath - Path to requesting party jks file
      umaAatClientJksPassword - Keystore password
      umaAatClientKeyId - Key Id in the keystore. Pass an empty string to use the first key in keystore
      Returns:
      An object that allows to invoke service methods
    • getClient

      public static ClientSideService getClient(String domain, String umaAatClientId, String umaAatClientJksPath, String umaAatClientJksPassword, String umaAatClientKeyId)
      Parameters:
      domain - The root URL of the SCIM service. Usually in the form https://your.gluu-server.com/identity/restv1
      umaAatClientId - Requesting party Client Id
      umaAatClientJksPath - Path to requesting party jks file in local filesystem
      umaAatClientJksPassword - Keystore password
      umaAatClientKeyId - Key Id in the keystore. Pass an empty string to use the first key in keystore
      Returns:
      An object that allows calling User, Group, and FidoDevices operations. It also has some support to call service provider configuration endpoints (see section 4 of RFC 7644)
    • getTestClient

      public static <T> T getTestClient(Class<T> interfaceClass, String domain, String OIDCMetadataUrl) throws Exception
      Constructs an object that allows direct interaction with the SCIM API assuming it is protected by test mode. This method hides the complexity of steps required at the authorization server in a test-mode setting. Usage examples of this type of client can be found at the SCIM 2.0 docs page.
      Type Parameters:
      T - The type the object returned will belong to.
      Parameters:
      interfaceClass - The Class to which the object returned will belong to. Normally it will be an interface inside package gluu.scim2.client.rest or gluu.scim2.ws.rs
      domain - The root URL of the SCIM service. Usually in the form https://your.gluu-server.com/identity/restv1
      OIDCMetadataUrl - URL of authorization servers' metadata document. Usually in the form https://your.gluu-server.com/.well-known/openid-configuration
      Returns:
      An object that allows to invoke service methods
      Throws:
      Exception - If there is initialization problem
    • getTestClient

      public static <T> T getTestClient(Class<T> interfaceClass, String domain, String OIDCMetadataUrl, String clientId, String clientSecret) throws Exception
      Constructs an object that allows direct interaction with the SCIM API assuming it is protected by test mode. Usage examples of this type of client can be found at the SCIM 2.0 docs page.
      Type Parameters:
      T - The type the object returned will belong to.
      Parameters:
      interfaceClass - The Class to which the object returned will belong to. Normally it will be an interface inside package gluu.scim2.client.rest or gluu.scim2.ws.rs
      domain - The root URL of the SCIM service. Usually in the form https://your.gluu-server.com/identity/restv1
      OIDCMetadataUrl - URL of authorization servers' metadata document. Usually in the form https://your.gluu-server.com/.well-known/openid-configuration
      clientId - ID of an already registered OIDC client in the Gluu Server
      clientSecret - Secret of the corresponding client (see clientID parameter)
      Returns:
      An object that allows to invoke service methods
      Throws:
      Exception - If there is initialization problem
    • getTestClient

      public static ClientSideService getTestClient(String domain, String OIDCMetadataUrl) throws Exception
      Parameters:
      domain - The root URL of the SCIM service. Usually in the form https://your.gluu-server.com/identity/restv1
      OIDCMetadataUrl - URL of authorization servers' metadata document. Usually in the form https://your.gluu-server.com/.well-known/openid-configuration
      Returns:
      An object that allows calling User, Group, and FidoDevices operations. It also has some support to call service provider configuration endpoints (see section 4 of RFC 7644)
      Throws:
      Exception - If there is initialization problem
    • getTestClient

      public static ClientSideService getTestClient(String domain, String OIDCMetadataUrl, String clientId, String clientSecret) throws Exception
      Parameters:
      domain - The root URL of the SCIM service. Usually in the form https://your.gluu-server.com/identity/restv1
      OIDCMetadataUrl - URL of authorization servers' metadata document. Usually in the form https://your.gluu-server.com/.well-known/openid-configuration
      clientId - ID of an already registered OIDC client in the Gluu Server
      clientSecret - Secret of the corresponding client (see clientID parameter)
      Returns:
      An object that allows calling User, Group, and FidoDevices operations. It also has some support to call service provider configuration endpoints (see section 4 of RFC 7644)
      Throws:
      Exception - If there is initialization problem
    • getOAuthClient

      public static <T> T getOAuthClient(Class<T> interfaceClass, String domain, String OIDCMetadataUrl, String clientId, String clientSecret, boolean secretPostAuthnMethod) throws Exception
      Constructs an object that allows direct interaction with the SCIM API assuming it is protected by oauth mode. Usage examples of this type of client can be found at the SCIM 2.0 docs page.
      Type Parameters:
      T - The type the object returned will belong to.
      Parameters:
      interfaceClass - The Class to which the object returned will belong to. Normally it will be an interface inside package gluu.scim2.client.rest or gluu.scim2.ws.rs
      domain - The root URL of the SCIM service. Usually in the form https://your.gluu-server.com/identity/restv1
      OIDCMetadataUrl - URL of authorization servers' metadata document. Usually in the form https://your.gluu-server.com/.well-known/openid-configuration
      clientId - ID of an already registered OIDC client in the Gluu Server
      clientSecret - Secret of the corresponding client (see clientID parameter)
      secretPostAuthnMethod - Whether the client uses client_secret_post (true) or client_secret_basic (false) to authenticate to the token endpoint
      Returns:
      An object that allows to invoke service methods
      Throws:
      Exception - If there is initialization problem
    • getOAuthClient

      public static <T> T getOAuthClient(Class<T> interfaceClass, String domain, String OIDCMetadataUrl, String clientId, Path keyStorePath, String keyStorePassword, String keyId) throws Exception
      Throws:
      Exception
    • getOAuthClient

      public static ClientSideService getOAuthClient(String domain, String OIDCMetadataUrl, String clientId, String clientSecret, boolean secretPostAuthnMethod) throws Exception
      Parameters:
      domain - The root URL of the SCIM service. Usually in the form https://your.gluu-server.com/identity/restv1
      OIDCMetadataUrl - URL of authorization servers' metadata document. Usually in the form https://your.gluu-server.com/.well-known/openid-configuration
      clientId - ID of an already registered OIDC client in the Gluu Server
      clientSecret - Secret of the corresponding client (see clientID parameter)
      secretPostAuthnMethod - Whether the client uses client_secret_post (true) or client_secret_basic (false) to authenticate to the token endpoint
      Returns:
      An object that allows calling User, Group, and FidoDevices operations. It also has some support to call service provider configuration endpoints (see section 4 of RFC 7644)
      Throws:
      Exception - If there is initialization problem
    • getOAuthClient

      public static ClientSideService getOAuthClient(String domain, String OIDCMetadataUrl, String clientId, Path keyStorePath, String keyStorePassword, String keyId) throws Exception
      Throws:
      Exception