- Document usePKCE and sendClientSecret params

geosolutions-it · Mar 13, 2024 · c38e17c · c38e17c
1 parent d2e3fd0
commit c38e17c
Showing 1 changed file with 14 additions and 0 deletions.
diff --git a/...ons/geostore/services/rest/security/oauth2/openid_connect/OpenIdConnectConfiguration.java b/...ons/geostore/services/rest/security/oauth2/openid_connect/OpenIdConnectConfiguration.java
@@ -58,6 +58,13 @@ public void setPostLogoutRedirectUri(String postLogoutRedirectUri) {
         this.postLogoutRedirectUri = postLogoutRedirectUri;
     }
 
+    /**
+     * If true, the client secret will be sent to the token endpoint.
+     * This is useful for clients that are not capable of keeping the client secret confidential.
+     * ref.: https://tools.ietf.org/html/rfc6749#section-2.3.1
+     *
+     * @return boolean
+     */
     public boolean isSendClientSecret() {
         return sendClientSecret;
     }
@@ -66,6 +73,13 @@ public void setSendClientSecret(boolean sendClientSecret) {
         this.sendClientSecret = sendClientSecret;
     }
 
+    /**
+     * Enables the use of Authorization Code Flow with Proof Key for Code Exchange (PKCE) for the authorization endpoint.
+     * ref.: https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow-with-pkce
+     *
+     * @return the authorization endpoint.
+     * @return boolean
+     */
     public boolean isUsePKCE() {
         return usePKCE;
     }