Package com.okta.sdk.impl.client

Class DefaultClientBuilder

java.lang.Object
com.okta.sdk.impl.client.DefaultClientBuilder
All Implemented Interfaces:
ClientBuilder
public class DefaultClientBuilder extends Object implements ClientBuilder

The default ClientBuilder implementation. This looks for configuration files in the following locations and order of precedence (last one wins).

  • classpath:com/okta/sdk/config/okta.properties
  • classpath:com/okta/sdk/config/okta.yaml
  • classpath:okta.properties
  • classpath:okta.yaml
  • ~/.okta/okta.yaml
  • Environment Variables (with dot notation converted to uppercase + underscores)
  • System Properties
  • Programmatically
Please be aware that, in general, loading secrets (such as api-keys or PEM-content) from environment variables or system properties can lead to those secrets being leaked.
Since:
0.5.0

  • Constructor Details

    • DefaultClientBuilder

      public DefaultClientBuilder()

  • Method Details

    • setProxy

      public ClientBuilder setProxy(com.okta.commons.http.config.Proxy proxy)
      Description copied from interface: ClientBuilder
      Sets the HTTP proxy to be used when communicating with the Okta API server. For example: 
       Proxy proxy = new Proxy("whatever.domain.com", 443);
 Client client = Clients.builder().setProxy(proxy).build();
      Specified by:
      setProxy in interface ClientBuilder
      Parameters:
      proxy - the Proxy you need to use.
      Returns:
      the ClientBuilder instance for method chaining.

    • setCacheManager

      public ClientBuilder setCacheManager(CacheManager cacheManager)
      Description copied from interface: ClientBuilder
      Sets the CacheManager that should be used to cache Okta REST resources, reducing round-trips to the Okta API server and enhancing application performance. Single JVM Applications

      If your application runs on a single JVM-based applications, the CacheManagerBuilder should be sufficient for your needs. You create a CacheManagerBuilder by using the Caches utility class, for example:

       import static com.okta.sdk.cache.Caches.*;

 ...

 ApiClient client = Clients.builder()...
     .setCacheManager(
         newCacheManager()
         .withDefaultTimeToLive(1, TimeUnit.DAYS) //general default
         .withDefaultTimeToIdle(2, TimeUnit.HOURS) //general default
         .withCache(forResource(User.class) //User-specific cache settings
             .withTimeToLive(1, TimeUnit.HOURS)
             .withTimeToIdle(30, TimeUnit.MINUTES))
         .withCache(forResource(Group.class) //Group-specific cache settings
             .withTimeToLive(2, TimeUnit.HOURS))
         .build() //build the CacheManager
     )
     .build(); //build the Client

      The above TTL and TTI times are just examples showing API usage - the times themselves are not recommendations. Choose TTL and TTI times based on your application requirements.

      Multi-JVM / Clustered Applications

      The default CacheManager instances returned by the CacheManagerBuilder might not be sufficient for a multi-instance application that runs on multiple JVMs and/or hosts/servers, as there could be cache-coherency problems across the JVMs. See the CacheManagerBuilder JavaDoc for additional information.

      In these multi-JVM environments, you will likely want to create a simple CacheManager implementation that wraps your distributed Caching API/product of choice and then plug that implementation in to the Okta SDK via this method. Hazelcast is one known cluster-safe caching product, and the Okta SDK has out-of-the-box support for this as an extension module. See the top-level class JavaDoc for a Hazelcast configuration example.

      Specified by:
      setCacheManager in interface ClientBuilder
      Parameters:
      cacheManager - the CacheManager that should be used to cache Okta REST resources, reducing round-trips to the Okta API server and enhancing application performance.
      Returns:
      the ClientBuilder instance for method chaining

    • setConnectionTimeout

      public ClientBuilder setConnectionTimeout(int timeout)
      Description copied from interface: ClientBuilder
      Sets both the timeout until a connection is established and the socket timeout (i.e. a maximum period of inactivity between two consecutive data packets). A timeout value of zero is interpreted as an infinite timeout.
      Specified by:
      setConnectionTimeout in interface ClientBuilder
      Parameters:
      timeout - connection and socket timeout in seconds
      Returns:
      the ClientBuilder instance for method chaining

    • setClientCredentials

      public ClientBuilder setClientCredentials(ClientCredentials clientCredentials)
      Description copied from interface: ClientBuilder
      Allows specifying an ApiKey instance directly instead of relying on the default location + override/fallback behavior defined in the documentation above. Currently you should use a com.okta.sdk.impl.api.TokenClientCredentials (if you are NOT using an okta.yaml file)
      Specified by:
      setClientCredentials in interface ClientBuilder
      Parameters:
      clientCredentials - the token to use to authenticate requests to the Okta API server.
      Returns:
      the ClientBuilder instance for method chaining.

    • setRetryMaxElapsed

      public ClientBuilder setRetryMaxElapsed(int maxElapsed)
      Description copied from interface: ClientBuilder
      Sets the maximum number of seconds to wait when retrying before giving up.
      Specified by:
      setRetryMaxElapsed in interface ClientBuilder
      Parameters:
      maxElapsed - retry max elapsed duration in seconds
      Returns:
      the ClientBuilder instance for method chaining

    • setRetryMaxAttempts

      public ClientBuilder setRetryMaxAttempts(int maxAttempts)
      Description copied from interface: ClientBuilder
      Sets the maximum number of attempts to retrying before giving up.
      Specified by:
      setRetryMaxAttempts in interface ClientBuilder
      Parameters:
      maxAttempts - retry max attempts
      Returns:
      the ClientBuilder instance for method chaining

    • build

      public ApiClient build()
      Description copied from interface: ClientBuilder
      Constructs a new ApiClient instance based on the ClientBuilder's current configuration state.
      Specified by:
      build in interface ClientBuilder
      Returns:
      a new ApiClient instance based on the ClientBuilder's current configuration state.

    • setOrgUrl

      public ClientBuilder setOrgUrl(String baseUrl)
      Description copied from interface: ClientBuilder
      Sets the base URL of the Okta REST API to use. If unspecified, this value defaults to https://api.okta.com/v1 - the most common use case for Okta's public SaaS cloud.

      Customers using Okta's Enterprise HA cloud might need to configure this to be https://enterprise.okta.io/v1 for example.

      Specified by:
      setOrgUrl in interface ClientBuilder
      Parameters:
      baseUrl - the base URL of the Okta REST API to use.
      Returns:
      the ClientBuilder instance for method chaining

    • setAuthorizationMode

      public ClientBuilder setAuthorizationMode(AuthorizationMode authorizationMode)
      Description copied from interface: ClientBuilder
      Overrides the default (very secure) Okta SSWS Digest Authentication Scheme used to authenticate every request sent to the Okta API server. 
       Client client = Clients.builder()...
    // setApiKey, etc...
    .setAuthorizationMode(AuthorizationMode.SSWS) //set the SSWS authentication mode
    .build(); //build the Client
      Specified by:
      setAuthorizationMode in interface ClientBuilder
      Parameters:
      authorizationMode - mode of authorization for requests to the Okta API server.
      Returns:
      the ClientBuilder instance for method chaining.

    • setScopes

      public ClientBuilder setScopes(Set<String> scopes)
      Description copied from interface: ClientBuilder
      Allows specifying a list of scopes directly instead of relying on the default location + override/fallback behavior defined in the documentation above.
      Specified by:
      setScopes in interface ClientBuilder
      Parameters:
      scopes - set of scopes for which the client requests access.
      Returns:
      the ClientBuilder instance for method chaining.

    • setPrivateKey

      public ClientBuilder setPrivateKey(String privateKey)
      Description copied from interface: ClientBuilder
      Allows specifying the private key (PEM file) path (for private key jwt authentication) directly instead of relying on the default location + override/fallback behavior defined in the documentation above.
      Specified by:
      setPrivateKey in interface ClientBuilder
      Parameters:
      privateKey - either the fully qualified string path to the private key PEM file (or) the full PEM payload content.
      Returns:
      the ClientBuilder instance for method chaining.

    • setPrivateKey

      public ClientBuilder setPrivateKey(Path privateKeyPath)
      Description copied from interface: ClientBuilder
      Allows specifying the private key (PEM file) path (for private key jwt authentication) directly instead of relying on the default location + override/fallback behavior defined in the documentation above.
      Specified by:
      setPrivateKey in interface ClientBuilder
      Parameters:
      privateKeyPath - representing the path to private key PEM file.
      Returns:
      the ClientBuilder instance for method chaining.

    • setPrivateKey

      public ClientBuilder setPrivateKey(InputStream privateKeyStream)
      Description copied from interface: ClientBuilder
      Allows specifying the private key (PEM file) path (for private key jwt authentication) directly instead of relying on the default location + override/fallback behavior defined in the documentation above.
      Specified by:
      setPrivateKey in interface ClientBuilder
      Parameters:
      privateKeyStream - representing an InputStream with private key PEM file content.
      Returns:
      the ClientBuilder instance for method chaining.

    • setPrivateKey

      public ClientBuilder setPrivateKey(PrivateKey privateKey)
      Description copied from interface: ClientBuilder
      Allows specifying the private key (PEM file) path (for private key jwt authentication) directly instead of relying on the default location + override/fallback behavior defined in the documentation above.
      Specified by:
      setPrivateKey in interface ClientBuilder
      Parameters:
      privateKey - the PrivateKey instance.
      Returns:
      the ClientBuilder instance for method chaining.

    • setClientId

      public ClientBuilder setClientId(String clientId)
      Description copied from interface: ClientBuilder
      Allows specifying the client ID instead of relying on the default location + override/fallback behavior defined in the documentation above.
      Specified by:
      setClientId in interface ClientBuilder
      Parameters:
      clientId - string representing the client ID.
      Returns:
      the ClientBuilder instance for method chaining.

    • setKid

      public ClientBuilder setKid(String kid)
      Description copied from interface: ClientBuilder
      Allows specifying the Key ID (kid) instead of relying on the YAML config.
      Specified by:
      setKid in interface ClientBuilder
      Parameters:
      kid - string representing the Key ID.
      Returns:
      the ClientBuilder instance for method chaining.

    • getClientConfiguration

      public ClientConfiguration getClientConfiguration()