Class BackChannelLogoutSpecV1

java.lang.Object

com.kingsrook.qqq.middleware.javalin.specs.AbstractEndpointSpec<BackChannelLogoutInput,BackChannelLogoutResponseV1,BackChannelLogoutExecutor>

com.kingsrook.qqq.middleware.javalin.specs.v1.BackChannelLogoutSpecV1

public class BackChannelLogoutSpecV1
extends AbstractEndpointSpec<BackChannelLogoutInput,BackChannelLogoutResponseV1,BackChannelLogoutExecutor>

Endpoint spec for OIDC Back-Channel Logout. This endpoint receives logout notifications from the Identity Provider (IdP) when a user logs out from the IdP or another application in the SSO ecosystem. Per OIDC Back-Channel Logout spec (https://openid.net/specs/openid-connect-backchannel-1_0.html): - POST request with Content-Type: application/x-www-form-urlencoded - Contains 'logout_token' parameter (a JWT) - No authentication required (the JWT itself authenticates the request) - Returns HTTP 200 on success

Field Summary

Fields inherited from class com.kingsrook.qqq.middleware.javalin.specs.AbstractEndpointSpec

qInstance

Constructor Summary

Constructors

Constructor	Description
BackChannelLogoutSpecV1()

Method Summary

Modifier and Type	Method	Description
BackChannelLogoutInput	buildInput(io.javalin.http.Context context)	build the endpoint's input object from a javalin context
BasicOperation	defineBasicOperation()
BasicResponse	defineBasicSuccessResponse()
Map<String,Schema>	defineComponentSchemas()
boolean	isSecured()	Back-channel logout is not secured by session - the JWT itself is the auth.

Methods inherited from class com.kingsrook.qqq.middleware.javalin.specs.AbstractEndpointSpec

customizeMethod, defineAdditionalBasicResponses, defineCompleteOperation, defineMethod, defineRequestBody, defineRequestParameters, defineResponses, defineRoute, getRequestBodyAsJsonObject, getRequestParam, getRequestParamInteger, getRequestParamMap, handleException, handleOutput, newExecutor, newOutput, serveRequest, setQInstance

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

BackChannelLogoutSpecV1

public BackChannelLogoutSpecV1()

Method Details

defineBasicOperation

public BasicOperation defineBasicOperation()

Overrides:

defineBasicOperation in class AbstractEndpointSpec<BackChannelLogoutInput,BackChannelLogoutResponseV1,BackChannelLogoutExecutor>

isSecured

public boolean isSecured()

Back-channel logout is not secured by session - the JWT itself is the auth.

Overrides:

isSecured in class AbstractEndpointSpec<BackChannelLogoutInput,BackChannelLogoutResponseV1,BackChannelLogoutExecutor>

buildInput

public BackChannelLogoutInput buildInput(io.javalin.http.Context context)
                                  throws Exception

Description copied from class: AbstractEndpointSpec

build the endpoint's input object from a javalin context

Specified by:

buildInput in class AbstractEndpointSpec<BackChannelLogoutInput,BackChannelLogoutResponseV1,BackChannelLogoutExecutor>

Throws:

Exception

defineBasicSuccessResponse

public BasicResponse defineBasicSuccessResponse()

Overrides:

defineBasicSuccessResponse in class AbstractEndpointSpec<BackChannelLogoutInput,BackChannelLogoutResponseV1,BackChannelLogoutExecutor>

defineComponentSchemas

public Map<String,Schema> defineComponentSchemas()

Overrides:

defineComponentSchemas in class AbstractEndpointSpec<BackChannelLogoutInput,BackChannelLogoutResponseV1,BackChannelLogoutExecutor>