Page Comparison

...

Expand

title	Flow-Specific Properties

The flow-specific properties usable via oidc.properties are:

Property	Default	Description
idp.authn.OAuth2Client.requireAll	false	Whether all validators must succeed or just one
idp.authn.OAuth2Client.removeAfterValidation	true	Whether to remove the object holding the password from the request's active state after validating it (to avoid it being preserved in the session any longer than needed)
idp.authn.OAuth2Client.retainAsPrivateCredential	false	Whether to keep the password around as a private "credential" in the Java Subject for use in later stages such as attribute resolution
idp.authn.OAuth2Client.c14n.postLoginFlows	shibboleth.PostLoginSubjectCanonicalizationFlows	Bean ID of list of subject c14n flow beans used, to allow separation from standard user authentication

Expand

title	General Properties

The general properties configuring this flow via oidc.properties are below. Many of the usual settings applicable to user authentication are hardwired due to the specialized nature of this flow for OAuth client use.

Property	Default	Description
idp.authn.OAuth2Client.order	1000	Flow priority relative to other enabled login flows (lower is "higher" in priority)
idp.authn.OAuth2Client.activationCondition	shibboleth.Conditions.TRUE	Bean ID of Predicate<ProfileRequestContext> determining whether flow is usable for request
idp.authn.OAuth2Client.subjectDecorator		Bean ID of BiConsumer<ProfileRequestContext,Subject> for subject customization
idp.authn.OAuth2Client.supportedPrincipals		Comma-delimited list of protocol-specific Principal strings associated with flow
idp.authn.OAuth2Client.addDefaultPrincipals	true	Whether to auto-attach the preceding set of Principal objects to each Subject produced by this flow

...

Versions Compared

Old Version 5

New Version 6

Key