OidcConfig (stSoftware API)

java.lang.Object
- com.aspc.cms.rest.plugin.oidc.OidcConfig

```
public final class OidcConfig
extends java.lang.Object
```
Centralised OIDC configuration for Cognito settings. Provides a single source of truth for all Cognito OIDC configuration required by the OIDC REST endpoints. Configuration values are loaded from system properties via CProperties.findProperty(String), falling back to AWS Secrets Manager via AWSSecretUtil.findCommonSecret(String) when not set in system properties.
Environment-aware configuration (dev/uat/prod) is supported through property naming conventions — each environment sets its own property values.

Configuration is validated on first access and will fail fast with an IllegalStateException if any required value is missing.

Author:

Claude

Field Summary

Fields
Modifier and Type	Field and Description
`static java.lang.String`	`PROP_OIDC_ALLOWED_REDIRECT_ORIGINS` Property name for the comma-separated whitelist of allowed frontend origins.
`static java.lang.String`	`PROP_OIDC_CLIENT_ID` Property name for the Cognito app client ID.
`static java.lang.String`	`PROP_OIDC_CLIENT_SECRET` Property name for the Cognito app client secret.
`static java.lang.String`	`PROP_OIDC_COGNITO_DOMAIN` Property name for the Cognito hosted UI domain.
`static java.lang.String`	`PROP_OIDC_FRONTEND_REDIRECT_URL` Property name for the frontend redirect URL after authentication.
`static java.lang.String`	`PROP_OIDC_JWKS_URL` Property name for the JSON Web Key Set URL.
`static java.lang.String`	`PROP_OIDC_REDIRECT_URI` Property name for the backend callback URL.

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`static void`	`clearInstance()` Clears the cached instance.
`java.lang.String`	`getAllowedRedirectOrigins()` Returns the comma-separated whitelist of allowed frontend origins for redirect validation.
`java.lang.String`	`getClientId()` Returns the Cognito app client ID.
`java.lang.String`	`getClientSecret()` Returns the Cognito app client secret.
`java.lang.String`	`getCognitoDomain()` Returns the Cognito hosted UI domain.
`java.lang.String`	`getFrontendRedirectUrl()` Returns the URL to redirect the user to after successful authentication.
`static OidcConfig`	`getInstance()` Returns the singleton OidcConfig instance.
`java.lang.String`	`getJwksUrl()` Returns the JSON Web Key Set URL used for token verification.
`java.lang.String`	`getLogoutEndpoint()` Returns Cognito's `/logout` endpoint URL, derived from the Cognito domain.
`java.lang.String`	`getRedirectUri()` Returns the backend callback URL for the OIDC authorisation code flow.
`java.lang.String`	`getTokenEndpoint()` Returns Cognito's `/oauth2/token` endpoint URL, derived from the Cognito domain.
`boolean`	`isRedirectOriginAllowed(java.lang.String origin)` Checks whether the given origin is in the allowed redirect origins whitelist.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - PROP_OIDC_COGNITO_DOMAIN
```
public static final java.lang.String PROP_OIDC_COGNITO_DOMAIN
```
    Property name for the Cognito hosted UI domain.
    
    See Also:
    
    Constant Field Values
  - PROP_OIDC_CLIENT_ID
```
public static final java.lang.String PROP_OIDC_CLIENT_ID
```
    Property name for the Cognito app client ID.
    
    See Also:
    
    Constant Field Values
  - PROP_OIDC_CLIENT_SECRET
```
public static final java.lang.String PROP_OIDC_CLIENT_SECRET
```
    Property name for the Cognito app client secret.
    
    See Also:
    
    Constant Field Values
  - PROP_OIDC_REDIRECT_URI
```
public static final java.lang.String PROP_OIDC_REDIRECT_URI
```
    Property name for the backend callback URL.
    
    See Also:
    
    Constant Field Values
  - PROP_OIDC_JWKS_URL
```
public static final java.lang.String PROP_OIDC_JWKS_URL
```
    Property name for the JSON Web Key Set URL.
    
    See Also:
    
    Constant Field Values
  - PROP_OIDC_FRONTEND_REDIRECT_URL
```
public static final java.lang.String PROP_OIDC_FRONTEND_REDIRECT_URL
```
    Property name for the frontend redirect URL after authentication.
    
    See Also:
    
    Constant Field Values
  - PROP_OIDC_ALLOWED_REDIRECT_ORIGINS
```
public static final java.lang.String PROP_OIDC_ALLOWED_REDIRECT_ORIGINS
```
    Property name for the comma-separated whitelist of allowed frontend origins.
    
    See Also:
    
    Constant Field Values
- Method Detail
  - getInstance
```
@CheckReturnValue
 @Nonnull
public static OidcConfig getInstance()
```
    Returns the singleton OidcConfig instance.
    Configuration is validated on first access. An IllegalStateException is thrown if any required configuration value is missing.
    
    Returns:
    
    the OidcConfig instance
    
    Throws:
    
    java.lang.IllegalStateException - if required configuration is missing
  - clearInstance
```
public static void clearInstance()
```
    Clears the cached instance. Intended for testing only.
  - getCognitoDomain
```
@CheckReturnValue
 @Nonnull
public java.lang.String getCognitoDomain()
```
    Returns the Cognito hosted UI domain.
    
    Returns:
    
    the Cognito domain (e.g. https://your-domain.auth.ap-southeast-2.amazoncognito.com)
  - getClientId
```
@CheckReturnValue
 @Nonnull
public java.lang.String getClientId()
```
    Returns the Cognito app client ID.
    
    Returns:
    
    the client ID
  - getClientSecret
```
@CheckReturnValue
 @Nonnull
public java.lang.String getClientSecret()
```
    Returns the Cognito app client secret.
    
    Returns:
    
    the client secret
  - getRedirectUri
```
@CheckReturnValue
 @Nonnull
public java.lang.String getRedirectUri()
```
    Returns the backend callback URL for the OIDC authorisation code flow.
    
    Returns:
    
    the redirect URI (e.g. https://your-app.com/api/oidc/callback)
  - getJwksUrl
```
@CheckReturnValue
 @Nonnull
public java.lang.String getJwksUrl()
```
    Returns the JSON Web Key Set URL used for token verification.
    
    Returns:
    
    the JWKS URL
  - getFrontendRedirectUrl
```
@CheckReturnValue
 @Nonnull
public java.lang.String getFrontendRedirectUrl()
```
    Returns the URL to redirect the user to after successful authentication.
    
    Returns:
    
    the frontend redirect URL
  - getAllowedRedirectOrigins
```
@CheckReturnValue
 @Nonnull
public java.lang.String getAllowedRedirectOrigins()
```
    Returns the comma-separated whitelist of allowed frontend origins for redirect validation.
    
    Returns:
    
    the allowed redirect origins string
  - getTokenEndpoint
```
@CheckReturnValue
 @Nonnull
public java.lang.String getTokenEndpoint()
```
    Returns Cognito's /oauth2/token endpoint URL, derived from the Cognito domain.
    
    Returns:
    
    the token endpoint URL
  - getLogoutEndpoint
```
@CheckReturnValue
 @Nonnull
public java.lang.String getLogoutEndpoint()
```
    Returns Cognito's /logout endpoint URL, derived from the Cognito domain.
    
    Returns:
    
    the logout endpoint URL
  - isRedirectOriginAllowed
```
@CheckReturnValue
public boolean isRedirectOriginAllowed(@Nullable
                                                         java.lang.String origin)
```
    Checks whether the given origin is in the allowed redirect origins whitelist.
    
    Parameters:
    
    origin - the origin to check
    
    Returns:
    
    true if the origin is allowed, false otherwise

Class OidcConfig

Field Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

PROP_OIDC_COGNITO_DOMAIN

PROP_OIDC_CLIENT_ID

PROP_OIDC_CLIENT_SECRET

PROP_OIDC_REDIRECT_URI

PROP_OIDC_JWKS_URL

PROP_OIDC_FRONTEND_REDIRECT_URL

PROP_OIDC_ALLOWED_REDIRECT_ORIGINS

Method Detail

getInstance

clearInstance

getCognitoDomain

getClientId

getClientSecret

getRedirectUri

getJwksUrl

getFrontendRedirectUrl

getAllowedRedirectOrigins

getTokenEndpoint

getLogoutEndpoint

isRedirectOriginAllowed