com.oracle.bmc.containerengine.model

Class OpenIdConnectTokenAuthenticationConfig.Builder

java.lang.Object

com.oracle.bmc.containerengine.model.OpenIdConnectTokenAuthenticationConfig.Builder

Enclosing class:

OpenIdConnectTokenAuthenticationConfig

public static class OpenIdConnectTokenAuthenticationConfig.Builder
extends Object

Constructor Summary

Constructors

Constructor and Description
Builder()

Method Summary

Modifier and Type	Method and Description
OpenIdConnectTokenAuthenticationConfig	build()
OpenIdConnectTokenAuthenticationConfig.Builder	caCertificate(String caCertificate) A Base64 encoded public RSA or ECDSA certificates used to signed your identity provider’s web certificate.
OpenIdConnectTokenAuthenticationConfig.Builder	clientId(String clientId) A client id that all tokens must be issued for.
OpenIdConnectTokenAuthenticationConfig.Builder	copy(OpenIdConnectTokenAuthenticationConfig model)
OpenIdConnectTokenAuthenticationConfig.Builder	groupsClaim(String groupsClaim) JWT claim to use as the user’s group.
OpenIdConnectTokenAuthenticationConfig.Builder	groupsPrefix(String groupsPrefix) Prefix prepended to group claims to prevent clashes with existing names (such as system:groups).
OpenIdConnectTokenAuthenticationConfig.Builder	isOpenIdConnectAuthEnabled(Boolean isOpenIdConnectAuthEnabled) Whether the cluster has OIDC Auth Config enabled.
OpenIdConnectTokenAuthenticationConfig.Builder	issuerUrl(String issuerUrl) URL of the provider that allows the API server to discover public signing keys.
OpenIdConnectTokenAuthenticationConfig.Builder	requiredClaims(List<KeyValue> requiredClaims) A key=value pair that describes a required claim in the ID Token.
OpenIdConnectTokenAuthenticationConfig.Builder	signingAlgorithms(List<String> signingAlgorithms) The signing algorithms accepted.
OpenIdConnectTokenAuthenticationConfig.Builder	usernameClaim(String usernameClaim) JWT claim to use as the user name.
OpenIdConnectTokenAuthenticationConfig.Builder	usernamePrefix(String usernamePrefix) Prefix prepended to username claims to prevent clashes with existing names (such as system:users).

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Builder

public Builder()

Method Detail

issuerUrl

public OpenIdConnectTokenAuthenticationConfig.Builder issuerUrl(String issuerUrl)

URL of the provider that allows the API server to discover public signing keys. Only URLs that use the https:// scheme are accepted. This is typically the provider’s discovery URL, changed to have an empty path.

Parameters:

issuerUrl - the value to set

Returns:

this builder

clientId

public OpenIdConnectTokenAuthenticationConfig.Builder clientId(String clientId)

A client id that all tokens must be issued for.

Parameters:

clientId - the value to set

Returns:

this builder

usernameClaim

public OpenIdConnectTokenAuthenticationConfig.Builder usernameClaim(String usernameClaim)

JWT claim to use as the user name. By default sub, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as email or name, depending on their provider. However, claims other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins.

Parameters:

usernameClaim - the value to set

Returns:

this builder

usernamePrefix

public OpenIdConnectTokenAuthenticationConfig.Builder usernamePrefix(String usernamePrefix)

Prefix prepended to username claims to prevent clashes with existing names (such as system:users). For example, the value oidc: will create usernames like oidc:jane.doe. If this flag isn’t provided and –oidc-username-claim is a value other than email the prefix defaults to ( Issuer URL )# where ( Issuer URL ) is the value of –oidc-issuer-url. The value - can be used to disable all prefixing.

Parameters:

usernamePrefix - the value to set

Returns:

this builder

groupsClaim

public OpenIdConnectTokenAuthenticationConfig.Builder groupsClaim(String groupsClaim)

JWT claim to use as the user’s group. If the claim is present it must be an array of strings.

Parameters:

groupsClaim - the value to set

Returns:

this builder

groupsPrefix

public OpenIdConnectTokenAuthenticationConfig.Builder groupsPrefix(String groupsPrefix)

Prefix prepended to group claims to prevent clashes with existing names (such as system:groups).

Parameters:

groupsPrefix - the value to set

Returns:

this builder

requiredClaims

public OpenIdConnectTokenAuthenticationConfig.Builder requiredClaims(List<KeyValue> requiredClaims)

A key=value pair that describes a required claim in the ID Token. If set, the claim is verified to be present in the ID Token with a matching value. Repeat this flag to specify multiple claims.

Parameters:

requiredClaims - the value to set

Returns:

this builder

caCertificate

public OpenIdConnectTokenAuthenticationConfig.Builder caCertificate(String caCertificate)

A Base64 encoded public RSA or ECDSA certificates used to signed your identity provider’s web certificate.

Parameters:

caCertificate - the value to set

Returns:

this builder

signingAlgorithms

public OpenIdConnectTokenAuthenticationConfig.Builder signingAlgorithms(List<String> signingAlgorithms)

The signing algorithms accepted. Default is [“RS256”].

Parameters:

signingAlgorithms - the value to set

Returns:

this builder

isOpenIdConnectAuthEnabled

public OpenIdConnectTokenAuthenticationConfig.Builder isOpenIdConnectAuthEnabled(Boolean isOpenIdConnectAuthEnabled)

Whether the cluster has OIDC Auth Config enabled. Defaults to false.

Parameters:

isOpenIdConnectAuthEnabled - the value to set

Returns:

this builder

build

public OpenIdConnectTokenAuthenticationConfig build()

copy

public OpenIdConnectTokenAuthenticationConfig.Builder copy(OpenIdConnectTokenAuthenticationConfig model)