Class: OmniauthOpenidFederation::FederationEndpoint::Configuration

Inherits:

Object

• Object
• OmniauthOpenidFederation::FederationEndpoint::Configuration

Defined in:

lib/omniauth_openid_federation/federation_endpoint.rb

Overview

Configuration class for FederationEndpoint Supports automatic key provisioning with separate signing and encryption keys Supports both openid_provider (OP) and openid_relying_party (RP) entity types

Instance Attribute Summary

• #authority_hints ⇒ Object

  Authority hints configuration (for Entity Configuration).

• #auto_provision_keys ⇒ Object

  Automatic key provisioning configuration.

• #current_jwks ⇒ Object

  JWKS endpoint configuration.

• #current_jwks_proc ⇒ Object

  JWKS endpoint configuration.

• #encryption_key ⇒ Object

  Automatic key provisioning configuration.

• #entity_statement_path ⇒ Object

  Automatic key provisioning configuration.

• #entity_type ⇒ Object

  Entity type configuration.

• #expiration_seconds ⇒ Object

  Returns the value of attribute expiration_seconds.

• #issuer ⇒ Object

  Returns the value of attribute issuer.

• #jwks ⇒ Object

  Returns the value of attribute jwks.

• #jwks_cache_ttl ⇒ Object

  Caching configuration.

• #key_rotation_period ⇒ Object

  Automatic key provisioning configuration.

• #kid ⇒ Object

  Returns the value of attribute kid.

• #metadata ⇒ Object

  Returns the value of attribute metadata.

• #private_key ⇒ Object

  Returns the value of attribute private_key.

• #signed_jwks_expiration_seconds ⇒ Object

  Signed JWKS endpoint configuration.

• #signed_jwks_payload ⇒ Object

  Signed JWKS endpoint configuration.

• #signed_jwks_payload_proc ⇒ Object

  Signed JWKS endpoint configuration.

• #signed_jwks_signing_kid ⇒ Object

  Signed JWKS endpoint configuration.

• #signing_key ⇒ Object

  Automatic key provisioning configuration.

• #subject ⇒ Object

  Returns the value of attribute subject.

• #subordinate_statements ⇒ Object

  Fetch Endpoint configuration (for serving Subordinate Statements).

• #subordinate_statements_proc ⇒ Object

  Fetch Endpoint configuration (for serving Subordinate Statements).

Instance Method Summary

• #initialize ⇒ Configuration constructor

  A new instance of Configuration.

Constructor Details

#initialize ⇒ Configuration

Returns a new instance of Configuration.

# File 'lib/omniauth_openid_federation/federation_endpoint.rb', line 762

def initialize
  @issuer = nil
  @subject = nil
  @private_key = nil # Signing key (DEV/TESTING: can be same as encryption, PRODUCTION: use separate signing_key)
  @jwks = nil
  @metadata = nil
  @expiration_seconds = 86400 # 24 hours
  @kid = nil
  # Entity type configuration
  @entity_type = :openid_relying_party # Default to RP (primary use case)
  # Automatic key provisioning defaults
  @signing_key = nil # RECOMMENDED: Separate signing key for production
  @encryption_key = nil # RECOMMENDED: Separate encryption key for production
  @auto_provision_keys = true # Enable automatic key provisioning
  @entity_statement_path = nil # Path to cached entity statement (supports automatic key rotation)
  @key_rotation_period = nil # Key rotation period in seconds (nil = no automatic rotation)
  # JWKS endpoint defaults
  @current_jwks = nil
  @current_jwks_proc = nil
  # Signed JWKS endpoint defaults
  @signed_jwks_payload = nil
  @signed_jwks_payload_proc = nil
  @signed_jwks_expiration_seconds = 86400 # 24 hours
  @signed_jwks_signing_kid = nil
  # Caching defaults
  @jwks_cache_ttl = 3600 # 1 hour
  # Fetch Endpoint defaults
  @subordinate_statements = nil # Hash of subject_entity_id => {metadata, metadata_policy, constraints}
  @subordinate_statements_proc = nil # Proc that takes subject_entity_id and returns Subordinate Statement JWT
end

Instance Attribute Details

#authority_hints ⇒ Object

Authority hints configuration (for Entity Configuration)

# File 'lib/omniauth_openid_federation/federation_endpoint.rb', line 760

def authority_hints
  @authority_hints
end

#auto_provision_keys ⇒ Object

Automatic key provisioning configuration

# File 'lib/omniauth_openid_federation/federation_endpoint.rb', line 750

def auto_provision_keys
  @auto_provision_keys
end

#current_jwks ⇒ Object

JWKS endpoint configuration

# File 'lib/omniauth_openid_federation/federation_endpoint.rb', line 752

def current_jwks
  @current_jwks
end

#current_jwks_proc ⇒ Object

JWKS endpoint configuration

# File 'lib/omniauth_openid_federation/federation_endpoint.rb', line 752

def current_jwks_proc
  @current_jwks_proc
end

#encryption_key ⇒ Object

Automatic key provisioning configuration

# File 'lib/omniauth_openid_federation/federation_endpoint.rb', line 750

def encryption_key
  @encryption_key
end

#entity_statement_path ⇒ Object

Automatic key provisioning configuration

# File 'lib/omniauth_openid_federation/federation_endpoint.rb', line 750

def entity_statement_path
  @entity_statement_path
end

#entity_type ⇒ Object

Entity type configuration

# File 'lib/omniauth_openid_federation/federation_endpoint.rb', line 748

def entity_type
  @entity_type
end

#expiration_seconds ⇒ Object

Returns the value of attribute expiration_seconds.

# File 'lib/omniauth_openid_federation/federation_endpoint.rb', line 746

def expiration_seconds
  @expiration_seconds
end

#issuer ⇒ Object

Returns the value of attribute issuer.

# File 'lib/omniauth_openid_federation/federation_endpoint.rb', line 746

def issuer
  @issuer
end

#jwks ⇒ Object

Returns the value of attribute jwks.

# File 'lib/omniauth_openid_federation/federation_endpoint.rb', line 746

def jwks
  @jwks
end

#jwks_cache_ttl ⇒ Object

Caching configuration

# File 'lib/omniauth_openid_federation/federation_endpoint.rb', line 756

def jwks_cache_ttl
  @jwks_cache_ttl
end

#key_rotation_period ⇒ Object

Automatic key provisioning configuration

# File 'lib/omniauth_openid_federation/federation_endpoint.rb', line 750

def key_rotation_period
  @key_rotation_period
end

#kid ⇒ Object

Returns the value of attribute kid.

# File 'lib/omniauth_openid_federation/federation_endpoint.rb', line 746

def kid
  @kid
end

#metadata ⇒ Object

Returns the value of attribute metadata.

# File 'lib/omniauth_openid_federation/federation_endpoint.rb', line 746

def metadata
  @metadata
end

#private_key ⇒ Object

Returns the value of attribute private_key.

# File 'lib/omniauth_openid_federation/federation_endpoint.rb', line 746

def private_key
  @private_key
end

#signed_jwks_expiration_seconds ⇒ Object

Signed JWKS endpoint configuration

# File 'lib/omniauth_openid_federation/federation_endpoint.rb', line 754

def signed_jwks_expiration_seconds
  @signed_jwks_expiration_seconds
end

#signed_jwks_payload ⇒ Object

Signed JWKS endpoint configuration

# File 'lib/omniauth_openid_federation/federation_endpoint.rb', line 754

def signed_jwks_payload
  @signed_jwks_payload
end

#signed_jwks_payload_proc ⇒ Object

Signed JWKS endpoint configuration

# File 'lib/omniauth_openid_federation/federation_endpoint.rb', line 754

def signed_jwks_payload_proc
  @signed_jwks_payload_proc
end

#signed_jwks_signing_kid ⇒ Object

Signed JWKS endpoint configuration

# File 'lib/omniauth_openid_federation/federation_endpoint.rb', line 754

def signed_jwks_signing_kid
  @signed_jwks_signing_kid
end

#signing_key ⇒ Object

Automatic key provisioning configuration

# File 'lib/omniauth_openid_federation/federation_endpoint.rb', line 750

def signing_key
  @signing_key
end

#subject ⇒ Object

Returns the value of attribute subject.

# File 'lib/omniauth_openid_federation/federation_endpoint.rb', line 746

def subject
  @subject
end

#subordinate_statements ⇒ Object

Fetch Endpoint configuration (for serving Subordinate Statements)

# File 'lib/omniauth_openid_federation/federation_endpoint.rb', line 758

def subordinate_statements
  @subordinate_statements
end

#subordinate_statements_proc ⇒ Object

Fetch Endpoint configuration (for serving Subordinate Statements)

# File 'lib/omniauth_openid_federation/federation_endpoint.rb', line 758

def subordinate_statements_proc
  @subordinate_statements_proc
end