Package io.envoyproxy.envoy.extensions.filters.http.oauth2.v3

Class OAuth2Config.Builder

java.lang.Object
com.google.protobuf.AbstractMessageLite.Builder
com.google.protobuf.AbstractMessage.Builder<BuilderT>
com.google.protobuf.GeneratedMessageV3.Builder<OAuth2Config.Builder>
io.envoyproxy.envoy.extensions.filters.http.oauth2.v3.OAuth2Config.Builder
All Implemented Interfaces:
com.google.protobuf.Message.Builder, com.google.protobuf.MessageLite.Builder, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, OAuth2ConfigOrBuilder, Cloneable
Enclosing class:
OAuth2Config
public static final class OAuth2Config.Builder extends com.google.protobuf.GeneratedMessageV3.Builder<OAuth2Config.Builder> implements OAuth2ConfigOrBuilder
 OAuth config

 [#next-free-field: 27]
Protobuf type envoy.extensions.filters.http.oauth2.v3.OAuth2Config

  • Method Details

    • getDescriptor

      public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

    • internalGetFieldAccessorTable

      protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
      Specified by:
      internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessageV3.Builder<OAuth2Config.Builder>

    • clear

      public OAuth2Config.Builder clear()
      Specified by:
      clear in interface com.google.protobuf.Message.Builder
      Specified by:
      clear in interface com.google.protobuf.MessageLite.Builder
      Overrides:
      clear in class com.google.protobuf.GeneratedMessageV3.Builder<OAuth2Config.Builder>

    • getDescriptorForType

      public com.google.protobuf.Descriptors.Descriptor getDescriptorForType()
      Specified by:
      getDescriptorForType in interface com.google.protobuf.Message.Builder
      Specified by:
      getDescriptorForType in interface com.google.protobuf.MessageOrBuilder
      Overrides:
      getDescriptorForType in class com.google.protobuf.GeneratedMessageV3.Builder<OAuth2Config.Builder>

    • getDefaultInstanceForType

      public OAuth2Config getDefaultInstanceForType()
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder

    • build

      public OAuth2Config build()
      Specified by:
      build in interface com.google.protobuf.Message.Builder
      Specified by:
      build in interface com.google.protobuf.MessageLite.Builder

    • buildPartial

      public OAuth2Config buildPartial()
      Specified by:
      buildPartial in interface com.google.protobuf.Message.Builder
      Specified by:
      buildPartial in interface com.google.protobuf.MessageLite.Builder

    • clone

      public OAuth2Config.Builder clone()
      Specified by:
      clone in interface com.google.protobuf.Message.Builder
      Specified by:
      clone in interface com.google.protobuf.MessageLite.Builder
      Overrides:
      clone in class com.google.protobuf.GeneratedMessageV3.Builder<OAuth2Config.Builder>

    • setField

      public OAuth2Config.Builder setField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)
      Specified by:
      setField in interface com.google.protobuf.Message.Builder
      Overrides:
      setField in class com.google.protobuf.GeneratedMessageV3.Builder<OAuth2Config.Builder>

    • clearField

      public OAuth2Config.Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field)
      Specified by:
      clearField in interface com.google.protobuf.Message.Builder
      Overrides:
      clearField in class com.google.protobuf.GeneratedMessageV3.Builder<OAuth2Config.Builder>

    • clearOneof

      public OAuth2Config.Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof)
      Specified by:
      clearOneof in interface com.google.protobuf.Message.Builder
      Overrides:
      clearOneof in class com.google.protobuf.GeneratedMessageV3.Builder<OAuth2Config.Builder>

    • setRepeatedField

      public OAuth2Config.Builder setRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, int index, Object value)
      Specified by:
      setRepeatedField in interface com.google.protobuf.Message.Builder
      Overrides:
      setRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<OAuth2Config.Builder>

    • addRepeatedField

      public OAuth2Config.Builder addRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)
      Specified by:
      addRepeatedField in interface com.google.protobuf.Message.Builder
      Overrides:
      addRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<OAuth2Config.Builder>

    • mergeFrom

      public OAuth2Config.Builder mergeFrom(com.google.protobuf.Message other)
      Specified by:
      mergeFrom in interface com.google.protobuf.Message.Builder
      Overrides:
      mergeFrom in class com.google.protobuf.AbstractMessage.Builder<OAuth2Config.Builder>

    • mergeFrom

      public OAuth2Config.Builder mergeFrom(OAuth2Config other)

    • isInitialized

      public final boolean isInitialized()
      Specified by:
      isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
      Overrides:
      isInitialized in class com.google.protobuf.GeneratedMessageV3.Builder<OAuth2Config.Builder>

    • mergeFrom

      public OAuth2Config.Builder mergeFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Specified by:
      mergeFrom in interface com.google.protobuf.Message.Builder
      Specified by:
      mergeFrom in interface com.google.protobuf.MessageLite.Builder
      Overrides:
      mergeFrom in class com.google.protobuf.AbstractMessage.Builder<OAuth2Config.Builder>
      Throws:
      IOException

    • hasTokenEndpoint

      public boolean hasTokenEndpoint()
       Endpoint on the authorization server to retrieve the access token from.
      .envoy.config.core.v3.HttpUri token_endpoint = 1;
      Specified by:
      hasTokenEndpoint in interface OAuth2ConfigOrBuilder
      Returns:
      Whether the tokenEndpoint field is set.

    • getTokenEndpoint

      public HttpUri getTokenEndpoint()
       Endpoint on the authorization server to retrieve the access token from.
      .envoy.config.core.v3.HttpUri token_endpoint = 1;
      Specified by:
      getTokenEndpoint in interface OAuth2ConfigOrBuilder
      Returns:
      The tokenEndpoint.

    • setTokenEndpoint

      public OAuth2Config.Builder setTokenEndpoint(HttpUri value)
       Endpoint on the authorization server to retrieve the access token from.
      .envoy.config.core.v3.HttpUri token_endpoint = 1;

    • setTokenEndpoint

      public OAuth2Config.Builder setTokenEndpoint(HttpUri.Builder builderForValue)
       Endpoint on the authorization server to retrieve the access token from.
      .envoy.config.core.v3.HttpUri token_endpoint = 1;

    • mergeTokenEndpoint

      public OAuth2Config.Builder mergeTokenEndpoint(HttpUri value)
       Endpoint on the authorization server to retrieve the access token from.
      .envoy.config.core.v3.HttpUri token_endpoint = 1;

    • clearTokenEndpoint

      public OAuth2Config.Builder clearTokenEndpoint()
       Endpoint on the authorization server to retrieve the access token from.
      .envoy.config.core.v3.HttpUri token_endpoint = 1;

    • getTokenEndpointBuilder

      public HttpUri.Builder getTokenEndpointBuilder()
       Endpoint on the authorization server to retrieve the access token from.
      .envoy.config.core.v3.HttpUri token_endpoint = 1;

    • getTokenEndpointOrBuilder

      public HttpUriOrBuilder getTokenEndpointOrBuilder()
       Endpoint on the authorization server to retrieve the access token from.
      .envoy.config.core.v3.HttpUri token_endpoint = 1;
      Specified by:
      getTokenEndpointOrBuilder in interface OAuth2ConfigOrBuilder

    • hasRetryPolicy

      public boolean hasRetryPolicy()
       Specifies the retry policy for requests to the OAuth server. If not specified, then no retries will be performed.
      .envoy.config.core.v3.RetryPolicy retry_policy = 18;
      Specified by:
      hasRetryPolicy in interface OAuth2ConfigOrBuilder
      Returns:
      Whether the retryPolicy field is set.

    • getRetryPolicy

      public RetryPolicy getRetryPolicy()
       Specifies the retry policy for requests to the OAuth server. If not specified, then no retries will be performed.
      .envoy.config.core.v3.RetryPolicy retry_policy = 18;
      Specified by:
      getRetryPolicy in interface OAuth2ConfigOrBuilder
      Returns:
      The retryPolicy.

    • setRetryPolicy

      public OAuth2Config.Builder setRetryPolicy(RetryPolicy value)
       Specifies the retry policy for requests to the OAuth server. If not specified, then no retries will be performed.
      .envoy.config.core.v3.RetryPolicy retry_policy = 18;

    • setRetryPolicy

      public OAuth2Config.Builder setRetryPolicy(RetryPolicy.Builder builderForValue)
       Specifies the retry policy for requests to the OAuth server. If not specified, then no retries will be performed.
      .envoy.config.core.v3.RetryPolicy retry_policy = 18;

    • mergeRetryPolicy

      public OAuth2Config.Builder mergeRetryPolicy(RetryPolicy value)
       Specifies the retry policy for requests to the OAuth server. If not specified, then no retries will be performed.
      .envoy.config.core.v3.RetryPolicy retry_policy = 18;

    • clearRetryPolicy

      public OAuth2Config.Builder clearRetryPolicy()
       Specifies the retry policy for requests to the OAuth server. If not specified, then no retries will be performed.
      .envoy.config.core.v3.RetryPolicy retry_policy = 18;

    • getRetryPolicyBuilder

      public RetryPolicy.Builder getRetryPolicyBuilder()
       Specifies the retry policy for requests to the OAuth server. If not specified, then no retries will be performed.
      .envoy.config.core.v3.RetryPolicy retry_policy = 18;

    • getRetryPolicyOrBuilder

      public RetryPolicyOrBuilder getRetryPolicyOrBuilder()
       Specifies the retry policy for requests to the OAuth server. If not specified, then no retries will be performed.
      .envoy.config.core.v3.RetryPolicy retry_policy = 18;
      Specified by:
      getRetryPolicyOrBuilder in interface OAuth2ConfigOrBuilder

    • getAuthorizationEndpoint

      public String getAuthorizationEndpoint()
       The endpoint redirect to for authorization in response to unauthorized requests.
      string authorization_endpoint = 2 [(.validate.rules) = { ... }
      Specified by:
      getAuthorizationEndpoint in interface OAuth2ConfigOrBuilder
      Returns:
      The authorizationEndpoint.

    • getAuthorizationEndpointBytes

      public com.google.protobuf.ByteString getAuthorizationEndpointBytes()
       The endpoint redirect to for authorization in response to unauthorized requests.
      string authorization_endpoint = 2 [(.validate.rules) = { ... }
      Specified by:
      getAuthorizationEndpointBytes in interface OAuth2ConfigOrBuilder
      Returns:
      The bytes for authorizationEndpoint.

    • setAuthorizationEndpoint

      public OAuth2Config.Builder setAuthorizationEndpoint(String value)
       The endpoint redirect to for authorization in response to unauthorized requests.
      string authorization_endpoint = 2 [(.validate.rules) = { ... }
      Parameters:
      value - The authorizationEndpoint to set.
      Returns:
      This builder for chaining.

    • clearAuthorizationEndpoint

      public OAuth2Config.Builder clearAuthorizationEndpoint()
       The endpoint redirect to for authorization in response to unauthorized requests.
      string authorization_endpoint = 2 [(.validate.rules) = { ... }
      Returns:
      This builder for chaining.

    • setAuthorizationEndpointBytes

      public OAuth2Config.Builder setAuthorizationEndpointBytes(com.google.protobuf.ByteString value)
       The endpoint redirect to for authorization in response to unauthorized requests.
      string authorization_endpoint = 2 [(.validate.rules) = { ... }
      Parameters:
      value - The bytes for authorizationEndpoint to set.
      Returns:
      This builder for chaining.

    • getEndSessionEndpoint

      public String getEndSessionEndpoint()
       The endpoint at the authorization server to request the user be logged out of the Authorization server.
 This field is optional and should be set only if openid is in the auth_scopes and the authorization server
 supports the OpenID Connect RP-Initiated Logout specification.
 For more information, see https://openid.net/specs/openid-connect-rpinitiated-1_0.html

 If configured, the OAuth2 filter will redirect users to this endpoint when they access the signout_path.
      string end_session_endpoint = 23;
      Specified by:
      getEndSessionEndpoint in interface OAuth2ConfigOrBuilder
      Returns:
      The endSessionEndpoint.

    • getEndSessionEndpointBytes

      public com.google.protobuf.ByteString getEndSessionEndpointBytes()
       The endpoint at the authorization server to request the user be logged out of the Authorization server.
 This field is optional and should be set only if openid is in the auth_scopes and the authorization server
 supports the OpenID Connect RP-Initiated Logout specification.
 For more information, see https://openid.net/specs/openid-connect-rpinitiated-1_0.html

 If configured, the OAuth2 filter will redirect users to this endpoint when they access the signout_path.
      string end_session_endpoint = 23;
      Specified by:
      getEndSessionEndpointBytes in interface OAuth2ConfigOrBuilder
      Returns:
      The bytes for endSessionEndpoint.

    • setEndSessionEndpoint

      public OAuth2Config.Builder setEndSessionEndpoint(String value)
       The endpoint at the authorization server to request the user be logged out of the Authorization server.
 This field is optional and should be set only if openid is in the auth_scopes and the authorization server
 supports the OpenID Connect RP-Initiated Logout specification.
 For more information, see https://openid.net/specs/openid-connect-rpinitiated-1_0.html

 If configured, the OAuth2 filter will redirect users to this endpoint when they access the signout_path.
      string end_session_endpoint = 23;
      Parameters:
      value - The endSessionEndpoint to set.
      Returns:
      This builder for chaining.

    • clearEndSessionEndpoint

      public OAuth2Config.Builder clearEndSessionEndpoint()
       The endpoint at the authorization server to request the user be logged out of the Authorization server.
 This field is optional and should be set only if openid is in the auth_scopes and the authorization server
 supports the OpenID Connect RP-Initiated Logout specification.
 For more information, see https://openid.net/specs/openid-connect-rpinitiated-1_0.html

 If configured, the OAuth2 filter will redirect users to this endpoint when they access the signout_path.
      string end_session_endpoint = 23;
      Returns:
      This builder for chaining.

    • setEndSessionEndpointBytes

      public OAuth2Config.Builder setEndSessionEndpointBytes(com.google.protobuf.ByteString value)
       The endpoint at the authorization server to request the user be logged out of the Authorization server.
 This field is optional and should be set only if openid is in the auth_scopes and the authorization server
 supports the OpenID Connect RP-Initiated Logout specification.
 For more information, see https://openid.net/specs/openid-connect-rpinitiated-1_0.html

 If configured, the OAuth2 filter will redirect users to this endpoint when they access the signout_path.
      string end_session_endpoint = 23;
      Parameters:
      value - The bytes for endSessionEndpoint to set.
      Returns:
      This builder for chaining.

    • hasCredentials

      public boolean hasCredentials()
       Credentials used for OAuth.
      .envoy.extensions.filters.http.oauth2.v3.OAuth2Credentials credentials = 3 [(.validate.rules) = { ... }
      Specified by:
      hasCredentials in interface OAuth2ConfigOrBuilder
      Returns:
      Whether the credentials field is set.

    • getCredentials

      public OAuth2Credentials getCredentials()
       Credentials used for OAuth.
      .envoy.extensions.filters.http.oauth2.v3.OAuth2Credentials credentials = 3 [(.validate.rules) = { ... }
      Specified by:
      getCredentials in interface OAuth2ConfigOrBuilder
      Returns:
      The credentials.

    • setCredentials

      public OAuth2Config.Builder setCredentials(OAuth2Credentials value)
       Credentials used for OAuth.
      .envoy.extensions.filters.http.oauth2.v3.OAuth2Credentials credentials = 3 [(.validate.rules) = { ... }

    • setCredentials

      public OAuth2Config.Builder setCredentials(OAuth2Credentials.Builder builderForValue)
       Credentials used for OAuth.
      .envoy.extensions.filters.http.oauth2.v3.OAuth2Credentials credentials = 3 [(.validate.rules) = { ... }

    • mergeCredentials

      public OAuth2Config.Builder mergeCredentials(OAuth2Credentials value)
       Credentials used for OAuth.
      .envoy.extensions.filters.http.oauth2.v3.OAuth2Credentials credentials = 3 [(.validate.rules) = { ... }

    • clearCredentials

      public OAuth2Config.Builder clearCredentials()
       Credentials used for OAuth.
      .envoy.extensions.filters.http.oauth2.v3.OAuth2Credentials credentials = 3 [(.validate.rules) = { ... }

    • getCredentialsBuilder

      public OAuth2Credentials.Builder getCredentialsBuilder()
       Credentials used for OAuth.
      .envoy.extensions.filters.http.oauth2.v3.OAuth2Credentials credentials = 3 [(.validate.rules) = { ... }

    • getCredentialsOrBuilder

      public OAuth2CredentialsOrBuilder getCredentialsOrBuilder()
       Credentials used for OAuth.
      .envoy.extensions.filters.http.oauth2.v3.OAuth2Credentials credentials = 3 [(.validate.rules) = { ... }
      Specified by:
      getCredentialsOrBuilder in interface OAuth2ConfigOrBuilder

    • getRedirectUri

      public String getRedirectUri()
       The redirect URI passed to the authorization endpoint. Supports header formatting
 tokens. For more information, including details on header value syntax, see the
 documentation on :ref:`custom request headers <config_http_conn_man_headers_custom_request_headers>`.

 This URI should not contain any query parameters.
      string redirect_uri = 4 [(.validate.rules) = { ... }
      Specified by:
      getRedirectUri in interface OAuth2ConfigOrBuilder
      Returns:
      The redirectUri.

    • getRedirectUriBytes

      public com.google.protobuf.ByteString getRedirectUriBytes()
       The redirect URI passed to the authorization endpoint. Supports header formatting
 tokens. For more information, including details on header value syntax, see the
 documentation on :ref:`custom request headers <config_http_conn_man_headers_custom_request_headers>`.

 This URI should not contain any query parameters.
      string redirect_uri = 4 [(.validate.rules) = { ... }
      Specified by:
      getRedirectUriBytes in interface OAuth2ConfigOrBuilder
      Returns:
      The bytes for redirectUri.

    • setRedirectUri

      public OAuth2Config.Builder setRedirectUri(String value)
       The redirect URI passed to the authorization endpoint. Supports header formatting
 tokens. For more information, including details on header value syntax, see the
 documentation on :ref:`custom request headers <config_http_conn_man_headers_custom_request_headers>`.

 This URI should not contain any query parameters.
      string redirect_uri = 4 [(.validate.rules) = { ... }
      Parameters:
      value - The redirectUri to set.
      Returns:
      This builder for chaining.

    • clearRedirectUri

      public OAuth2Config.Builder clearRedirectUri()
       The redirect URI passed to the authorization endpoint. Supports header formatting
 tokens. For more information, including details on header value syntax, see the
 documentation on :ref:`custom request headers <config_http_conn_man_headers_custom_request_headers>`.

 This URI should not contain any query parameters.
      string redirect_uri = 4 [(.validate.rules) = { ... }
      Returns:
      This builder for chaining.

    • setRedirectUriBytes

      public OAuth2Config.Builder setRedirectUriBytes(com.google.protobuf.ByteString value)
       The redirect URI passed to the authorization endpoint. Supports header formatting
 tokens. For more information, including details on header value syntax, see the
 documentation on :ref:`custom request headers <config_http_conn_man_headers_custom_request_headers>`.

 This URI should not contain any query parameters.
      string redirect_uri = 4 [(.validate.rules) = { ... }
      Parameters:
      value - The bytes for redirectUri to set.
      Returns:
      This builder for chaining.

    • hasRedirectPathMatcher

      public boolean hasRedirectPathMatcher()
       Matching criteria used to determine whether a path appears to be the result of a redirect from the authorization server.
      .envoy.type.matcher.v3.PathMatcher redirect_path_matcher = 5 [(.validate.rules) = { ... }
      Specified by:
      hasRedirectPathMatcher in interface OAuth2ConfigOrBuilder
      Returns:
      Whether the redirectPathMatcher field is set.

    • getRedirectPathMatcher

      public PathMatcher getRedirectPathMatcher()
       Matching criteria used to determine whether a path appears to be the result of a redirect from the authorization server.
      .envoy.type.matcher.v3.PathMatcher redirect_path_matcher = 5 [(.validate.rules) = { ... }
      Specified by:
      getRedirectPathMatcher in interface OAuth2ConfigOrBuilder
      Returns:
      The redirectPathMatcher.

    • setRedirectPathMatcher

      public OAuth2Config.Builder setRedirectPathMatcher(PathMatcher value)
       Matching criteria used to determine whether a path appears to be the result of a redirect from the authorization server.
      .envoy.type.matcher.v3.PathMatcher redirect_path_matcher = 5 [(.validate.rules) = { ... }

    • setRedirectPathMatcher

      public OAuth2Config.Builder setRedirectPathMatcher(PathMatcher.Builder builderForValue)
       Matching criteria used to determine whether a path appears to be the result of a redirect from the authorization server.
      .envoy.type.matcher.v3.PathMatcher redirect_path_matcher = 5 [(.validate.rules) = { ... }

    • mergeRedirectPathMatcher

      public OAuth2Config.Builder mergeRedirectPathMatcher(PathMatcher value)
       Matching criteria used to determine whether a path appears to be the result of a redirect from the authorization server.
      .envoy.type.matcher.v3.PathMatcher redirect_path_matcher = 5 [(.validate.rules) = { ... }

    • clearRedirectPathMatcher

      public OAuth2Config.Builder clearRedirectPathMatcher()
       Matching criteria used to determine whether a path appears to be the result of a redirect from the authorization server.
      .envoy.type.matcher.v3.PathMatcher redirect_path_matcher = 5 [(.validate.rules) = { ... }

    • getRedirectPathMatcherBuilder

      public PathMatcher.Builder getRedirectPathMatcherBuilder()
       Matching criteria used to determine whether a path appears to be the result of a redirect from the authorization server.
      .envoy.type.matcher.v3.PathMatcher redirect_path_matcher = 5 [(.validate.rules) = { ... }

    • getRedirectPathMatcherOrBuilder

      public PathMatcherOrBuilder getRedirectPathMatcherOrBuilder()
       Matching criteria used to determine whether a path appears to be the result of a redirect from the authorization server.
      .envoy.type.matcher.v3.PathMatcher redirect_path_matcher = 5 [(.validate.rules) = { ... }
      Specified by:
      getRedirectPathMatcherOrBuilder in interface OAuth2ConfigOrBuilder

    • hasSignoutPath

      public boolean hasSignoutPath()
       The path to sign a user out, clearing their credential cookies.
      .envoy.type.matcher.v3.PathMatcher signout_path = 6 [(.validate.rules) = { ... }
      Specified by:
      hasSignoutPath in interface OAuth2ConfigOrBuilder
      Returns:
      Whether the signoutPath field is set.

    • getSignoutPath

      public PathMatcher getSignoutPath()
       The path to sign a user out, clearing their credential cookies.
      .envoy.type.matcher.v3.PathMatcher signout_path = 6 [(.validate.rules) = { ... }
      Specified by:
      getSignoutPath in interface OAuth2ConfigOrBuilder
      Returns:
      The signoutPath.

    • setSignoutPath

      public OAuth2Config.Builder setSignoutPath(PathMatcher value)
       The path to sign a user out, clearing their credential cookies.
      .envoy.type.matcher.v3.PathMatcher signout_path = 6 [(.validate.rules) = { ... }

    • setSignoutPath

      public OAuth2Config.Builder setSignoutPath(PathMatcher.Builder builderForValue)
       The path to sign a user out, clearing their credential cookies.
      .envoy.type.matcher.v3.PathMatcher signout_path = 6 [(.validate.rules) = { ... }

    • mergeSignoutPath

      public OAuth2Config.Builder mergeSignoutPath(PathMatcher value)
       The path to sign a user out, clearing their credential cookies.
      .envoy.type.matcher.v3.PathMatcher signout_path = 6 [(.validate.rules) = { ... }

    • clearSignoutPath

      public OAuth2Config.Builder clearSignoutPath()
       The path to sign a user out, clearing their credential cookies.
      .envoy.type.matcher.v3.PathMatcher signout_path = 6 [(.validate.rules) = { ... }

    • getSignoutPathBuilder

      public PathMatcher.Builder getSignoutPathBuilder()
       The path to sign a user out, clearing their credential cookies.
      .envoy.type.matcher.v3.PathMatcher signout_path = 6 [(.validate.rules) = { ... }

    • getSignoutPathOrBuilder

      public PathMatcherOrBuilder getSignoutPathOrBuilder()
       The path to sign a user out, clearing their credential cookies.
      .envoy.type.matcher.v3.PathMatcher signout_path = 6 [(.validate.rules) = { ... }
      Specified by:
      getSignoutPathOrBuilder in interface OAuth2ConfigOrBuilder

    • getForwardBearerToken

      public boolean getForwardBearerToken()
       Forward the OAuth token as a Bearer to upstream web service.
      bool forward_bearer_token = 7;
      Specified by:
      getForwardBearerToken in interface OAuth2ConfigOrBuilder
      Returns:
      The forwardBearerToken.

    • setForwardBearerToken

      public OAuth2Config.Builder setForwardBearerToken(boolean value)
       Forward the OAuth token as a Bearer to upstream web service.
      bool forward_bearer_token = 7;
      Parameters:
      value - The forwardBearerToken to set.
      Returns:
      This builder for chaining.

    • clearForwardBearerToken

      public OAuth2Config.Builder clearForwardBearerToken()
       Forward the OAuth token as a Bearer to upstream web service.
      bool forward_bearer_token = 7;
      Returns:
      This builder for chaining.

    • getPreserveAuthorizationHeader

      public boolean getPreserveAuthorizationHeader()
       If set to true, preserve the existing authorization header.
 By default the client strips the existing authorization header before forwarding upstream.
 Can not be set to true if forward_bearer_token is already set to true.
 Default value is false.
      bool preserve_authorization_header = 16;
      Specified by:
      getPreserveAuthorizationHeader in interface OAuth2ConfigOrBuilder
      Returns:
      The preserveAuthorizationHeader.

    • setPreserveAuthorizationHeader

      public OAuth2Config.Builder setPreserveAuthorizationHeader(boolean value)
       If set to true, preserve the existing authorization header.
 By default the client strips the existing authorization header before forwarding upstream.
 Can not be set to true if forward_bearer_token is already set to true.
 Default value is false.
      bool preserve_authorization_header = 16;
      Parameters:
      value - The preserveAuthorizationHeader to set.
      Returns:
      This builder for chaining.

    • clearPreserveAuthorizationHeader

      public OAuth2Config.Builder clearPreserveAuthorizationHeader()
       If set to true, preserve the existing authorization header.
 By default the client strips the existing authorization header before forwarding upstream.
 Can not be set to true if forward_bearer_token is already set to true.
 Default value is false.
      bool preserve_authorization_header = 16;
      Returns:
      This builder for chaining.

    • getPassThroughMatcherList

      public List<HeaderMatcher> getPassThroughMatcherList()
       Any request that matches any of the provided matchers will be passed through without OAuth validation.
      repeated .envoy.config.route.v3.HeaderMatcher pass_through_matcher = 8;
      Specified by:
      getPassThroughMatcherList in interface OAuth2ConfigOrBuilder

    • getPassThroughMatcherCount

      public int getPassThroughMatcherCount()
       Any request that matches any of the provided matchers will be passed through without OAuth validation.
      repeated .envoy.config.route.v3.HeaderMatcher pass_through_matcher = 8;
      Specified by:
      getPassThroughMatcherCount in interface OAuth2ConfigOrBuilder

    • getPassThroughMatcher

      public HeaderMatcher getPassThroughMatcher(int index)
       Any request that matches any of the provided matchers will be passed through without OAuth validation.
      repeated .envoy.config.route.v3.HeaderMatcher pass_through_matcher = 8;
      Specified by:
      getPassThroughMatcher in interface OAuth2ConfigOrBuilder

    • setPassThroughMatcher

      public OAuth2Config.Builder setPassThroughMatcher(int index, HeaderMatcher value)
       Any request that matches any of the provided matchers will be passed through without OAuth validation.
      repeated .envoy.config.route.v3.HeaderMatcher pass_through_matcher = 8;

    • setPassThroughMatcher

      public OAuth2Config.Builder setPassThroughMatcher(int index, HeaderMatcher.Builder builderForValue)
       Any request that matches any of the provided matchers will be passed through without OAuth validation.
      repeated .envoy.config.route.v3.HeaderMatcher pass_through_matcher = 8;

    • addPassThroughMatcher

      public OAuth2Config.Builder addPassThroughMatcher(HeaderMatcher value)
       Any request that matches any of the provided matchers will be passed through without OAuth validation.
      repeated .envoy.config.route.v3.HeaderMatcher pass_through_matcher = 8;

    • addPassThroughMatcher

      public OAuth2Config.Builder addPassThroughMatcher(int index, HeaderMatcher value)
       Any request that matches any of the provided matchers will be passed through without OAuth validation.
      repeated .envoy.config.route.v3.HeaderMatcher pass_through_matcher = 8;

    • addPassThroughMatcher

      public OAuth2Config.Builder addPassThroughMatcher(HeaderMatcher.Builder builderForValue)
       Any request that matches any of the provided matchers will be passed through without OAuth validation.
      repeated .envoy.config.route.v3.HeaderMatcher pass_through_matcher = 8;

    • addPassThroughMatcher

      public OAuth2Config.Builder addPassThroughMatcher(int index, HeaderMatcher.Builder builderForValue)
       Any request that matches any of the provided matchers will be passed through without OAuth validation.
      repeated .envoy.config.route.v3.HeaderMatcher pass_through_matcher = 8;

    • addAllPassThroughMatcher

      public OAuth2Config.Builder addAllPassThroughMatcher(Iterable<? extends HeaderMatcher> values)
       Any request that matches any of the provided matchers will be passed through without OAuth validation.
      repeated .envoy.config.route.v3.HeaderMatcher pass_through_matcher = 8;

    • clearPassThroughMatcher

      public OAuth2Config.Builder clearPassThroughMatcher()
       Any request that matches any of the provided matchers will be passed through without OAuth validation.
      repeated .envoy.config.route.v3.HeaderMatcher pass_through_matcher = 8;

    • removePassThroughMatcher

      public OAuth2Config.Builder removePassThroughMatcher(int index)
       Any request that matches any of the provided matchers will be passed through without OAuth validation.
      repeated .envoy.config.route.v3.HeaderMatcher pass_through_matcher = 8;

    • getPassThroughMatcherBuilder

      public HeaderMatcher.Builder getPassThroughMatcherBuilder(int index)
       Any request that matches any of the provided matchers will be passed through without OAuth validation.
      repeated .envoy.config.route.v3.HeaderMatcher pass_through_matcher = 8;

    • getPassThroughMatcherOrBuilder

      public HeaderMatcherOrBuilder getPassThroughMatcherOrBuilder(int index)
       Any request that matches any of the provided matchers will be passed through without OAuth validation.
      repeated .envoy.config.route.v3.HeaderMatcher pass_through_matcher = 8;
      Specified by:
      getPassThroughMatcherOrBuilder in interface OAuth2ConfigOrBuilder

    • getPassThroughMatcherOrBuilderList

      public List<? extends HeaderMatcherOrBuilder> getPassThroughMatcherOrBuilderList()
       Any request that matches any of the provided matchers will be passed through without OAuth validation.
      repeated .envoy.config.route.v3.HeaderMatcher pass_through_matcher = 8;
      Specified by:
      getPassThroughMatcherOrBuilderList in interface OAuth2ConfigOrBuilder

    • addPassThroughMatcherBuilder

      public HeaderMatcher.Builder addPassThroughMatcherBuilder()
       Any request that matches any of the provided matchers will be passed through without OAuth validation.
      repeated .envoy.config.route.v3.HeaderMatcher pass_through_matcher = 8;

    • addPassThroughMatcherBuilder

      public HeaderMatcher.Builder addPassThroughMatcherBuilder(int index)
       Any request that matches any of the provided matchers will be passed through without OAuth validation.
      repeated .envoy.config.route.v3.HeaderMatcher pass_through_matcher = 8;

    • getPassThroughMatcherBuilderList

      public List<HeaderMatcher.Builder> getPassThroughMatcherBuilderList()
       Any request that matches any of the provided matchers will be passed through without OAuth validation.
      repeated .envoy.config.route.v3.HeaderMatcher pass_through_matcher = 8;

    • getAuthScopesList

      public com.google.protobuf.ProtocolStringList getAuthScopesList()
       Optional list of OAuth scopes to be claimed in the authorization request. If not specified,
 defaults to "user" scope.
 OAuth RFC https://tools.ietf.org/html/rfc6749#section-3.3
      repeated string auth_scopes = 9;
      Specified by:
      getAuthScopesList in interface OAuth2ConfigOrBuilder
      Returns:
      A list containing the authScopes.

    • getAuthScopesCount

      public int getAuthScopesCount()
       Optional list of OAuth scopes to be claimed in the authorization request. If not specified,
 defaults to "user" scope.
 OAuth RFC https://tools.ietf.org/html/rfc6749#section-3.3
      repeated string auth_scopes = 9;
      Specified by:
      getAuthScopesCount in interface OAuth2ConfigOrBuilder
      Returns:
      The count of authScopes.

    • getAuthScopes

      public String getAuthScopes(int index)
       Optional list of OAuth scopes to be claimed in the authorization request. If not specified,
 defaults to "user" scope.
 OAuth RFC https://tools.ietf.org/html/rfc6749#section-3.3
      repeated string auth_scopes = 9;
      Specified by:
      getAuthScopes in interface OAuth2ConfigOrBuilder
      Parameters:
      index - The index of the element to return.
      Returns:
      The authScopes at the given index.

    • getAuthScopesBytes

      public com.google.protobuf.ByteString getAuthScopesBytes(int index)
       Optional list of OAuth scopes to be claimed in the authorization request. If not specified,
 defaults to "user" scope.
 OAuth RFC https://tools.ietf.org/html/rfc6749#section-3.3
      repeated string auth_scopes = 9;
      Specified by:
      getAuthScopesBytes in interface OAuth2ConfigOrBuilder
      Parameters:
      index - The index of the value to return.
      Returns:
      The bytes of the authScopes at the given index.

    • setAuthScopes

      public OAuth2Config.Builder setAuthScopes(int index, String value)
       Optional list of OAuth scopes to be claimed in the authorization request. If not specified,
 defaults to "user" scope.
 OAuth RFC https://tools.ietf.org/html/rfc6749#section-3.3
      repeated string auth_scopes = 9;
      Parameters:
      index - The index to set the value at.
      value - The authScopes to set.
      Returns:
      This builder for chaining.

    • addAuthScopes

      public OAuth2Config.Builder addAuthScopes(String value)
       Optional list of OAuth scopes to be claimed in the authorization request. If not specified,
 defaults to "user" scope.
 OAuth RFC https://tools.ietf.org/html/rfc6749#section-3.3
      repeated string auth_scopes = 9;
      Parameters:
      value - The authScopes to add.
      Returns:
      This builder for chaining.

    • addAllAuthScopes

      public OAuth2Config.Builder addAllAuthScopes(Iterable<String> values)
       Optional list of OAuth scopes to be claimed in the authorization request. If not specified,
 defaults to "user" scope.
 OAuth RFC https://tools.ietf.org/html/rfc6749#section-3.3
      repeated string auth_scopes = 9;
      Parameters:
      values - The authScopes to add.
      Returns:
      This builder for chaining.

    • clearAuthScopes

      public OAuth2Config.Builder clearAuthScopes()
       Optional list of OAuth scopes to be claimed in the authorization request. If not specified,
 defaults to "user" scope.
 OAuth RFC https://tools.ietf.org/html/rfc6749#section-3.3
      repeated string auth_scopes = 9;
      Returns:
      This builder for chaining.

    • addAuthScopesBytes

      public OAuth2Config.Builder addAuthScopesBytes(com.google.protobuf.ByteString value)
       Optional list of OAuth scopes to be claimed in the authorization request. If not specified,
 defaults to "user" scope.
 OAuth RFC https://tools.ietf.org/html/rfc6749#section-3.3
      repeated string auth_scopes = 9;
      Parameters:
      value - The bytes of the authScopes to add.
      Returns:
      This builder for chaining.

    • getResourcesList

      public com.google.protobuf.ProtocolStringList getResourcesList()
       Optional resource parameter for authorization request
 RFC: https://tools.ietf.org/html/rfc8707
      repeated string resources = 10;
      Specified by:
      getResourcesList in interface OAuth2ConfigOrBuilder
      Returns:
      A list containing the resources.

    • getResourcesCount

      public int getResourcesCount()
       Optional resource parameter for authorization request
 RFC: https://tools.ietf.org/html/rfc8707
      repeated string resources = 10;
      Specified by:
      getResourcesCount in interface OAuth2ConfigOrBuilder
      Returns:
      The count of resources.

    • getResources

      public String getResources(int index)
       Optional resource parameter for authorization request
 RFC: https://tools.ietf.org/html/rfc8707
      repeated string resources = 10;
      Specified by:
      getResources in interface OAuth2ConfigOrBuilder
      Parameters:
      index - The index of the element to return.
      Returns:
      The resources at the given index.

    • getResourcesBytes

      public com.google.protobuf.ByteString getResourcesBytes(int index)
       Optional resource parameter for authorization request
 RFC: https://tools.ietf.org/html/rfc8707
      repeated string resources = 10;
      Specified by:
      getResourcesBytes in interface OAuth2ConfigOrBuilder
      Parameters:
      index - The index of the value to return.
      Returns:
      The bytes of the resources at the given index.

    • setResources

      public OAuth2Config.Builder setResources(int index, String value)
       Optional resource parameter for authorization request
 RFC: https://tools.ietf.org/html/rfc8707
      repeated string resources = 10;
      Parameters:
      index - The index to set the value at.
      value - The resources to set.
      Returns:
      This builder for chaining.

    • addResources

      public OAuth2Config.Builder addResources(String value)
       Optional resource parameter for authorization request
 RFC: https://tools.ietf.org/html/rfc8707
      repeated string resources = 10;
      Parameters:
      value - The resources to add.
      Returns:
      This builder for chaining.

    • addAllResources

      public OAuth2Config.Builder addAllResources(Iterable<String> values)
       Optional resource parameter for authorization request
 RFC: https://tools.ietf.org/html/rfc8707
      repeated string resources = 10;
      Parameters:
      values - The resources to add.
      Returns:
      This builder for chaining.

    • clearResources

      public OAuth2Config.Builder clearResources()
       Optional resource parameter for authorization request
 RFC: https://tools.ietf.org/html/rfc8707
      repeated string resources = 10;
      Returns:
      This builder for chaining.

    • addResourcesBytes

      public OAuth2Config.Builder addResourcesBytes(com.google.protobuf.ByteString value)
       Optional resource parameter for authorization request
 RFC: https://tools.ietf.org/html/rfc8707
      repeated string resources = 10;
      Parameters:
      value - The bytes of the resources to add.
      Returns:
      This builder for chaining.

    • getAuthTypeValue

      public int getAuthTypeValue()
       Defines how ``client_id`` and ``client_secret`` are sent in OAuth client to OAuth server requests.
 RFC https://datatracker.ietf.org/doc/html/rfc6749#section-2.3.1
      .envoy.extensions.filters.http.oauth2.v3.OAuth2Config.AuthType auth_type = 11 [(.validate.rules) = { ... }
      Specified by:
      getAuthTypeValue in interface OAuth2ConfigOrBuilder
      Returns:
      The enum numeric value on the wire for authType.

    • setAuthTypeValue

      public OAuth2Config.Builder setAuthTypeValue(int value)
       Defines how ``client_id`` and ``client_secret`` are sent in OAuth client to OAuth server requests.
 RFC https://datatracker.ietf.org/doc/html/rfc6749#section-2.3.1
      .envoy.extensions.filters.http.oauth2.v3.OAuth2Config.AuthType auth_type = 11 [(.validate.rules) = { ... }
      Parameters:
      value - The enum numeric value on the wire for authType to set.
      Returns:
      This builder for chaining.

    • getAuthType

      public OAuth2Config.AuthType getAuthType()
       Defines how ``client_id`` and ``client_secret`` are sent in OAuth client to OAuth server requests.
 RFC https://datatracker.ietf.org/doc/html/rfc6749#section-2.3.1
      .envoy.extensions.filters.http.oauth2.v3.OAuth2Config.AuthType auth_type = 11 [(.validate.rules) = { ... }
      Specified by:
      getAuthType in interface OAuth2ConfigOrBuilder
      Returns:
      The authType.

    • setAuthType

      public OAuth2Config.Builder setAuthType(OAuth2Config.AuthType value)
       Defines how ``client_id`` and ``client_secret`` are sent in OAuth client to OAuth server requests.
 RFC https://datatracker.ietf.org/doc/html/rfc6749#section-2.3.1
      .envoy.extensions.filters.http.oauth2.v3.OAuth2Config.AuthType auth_type = 11 [(.validate.rules) = { ... }
      Parameters:
      value - The authType to set.
      Returns:
      This builder for chaining.

    • clearAuthType

      public OAuth2Config.Builder clearAuthType()
       Defines how ``client_id`` and ``client_secret`` are sent in OAuth client to OAuth server requests.
 RFC https://datatracker.ietf.org/doc/html/rfc6749#section-2.3.1
      .envoy.extensions.filters.http.oauth2.v3.OAuth2Config.AuthType auth_type = 11 [(.validate.rules) = { ... }
      Returns:
      This builder for chaining.

    • hasUseRefreshToken

      public boolean hasUseRefreshToken()
       If set to true, allows automatic access token refresh using the associated refresh token (see
 `RFC 6749 section 6 <https://datatracker.ietf.org/doc/html/rfc6749#section-6>`_), provided that the OAuth server supports that.
 Default value is true.
      .google.protobuf.BoolValue use_refresh_token = 12;
      Specified by:
      hasUseRefreshToken in interface OAuth2ConfigOrBuilder
      Returns:
      Whether the useRefreshToken field is set.

    • getUseRefreshToken

      public com.google.protobuf.BoolValue getUseRefreshToken()
       If set to true, allows automatic access token refresh using the associated refresh token (see
 `RFC 6749 section 6 <https://datatracker.ietf.org/doc/html/rfc6749#section-6>`_), provided that the OAuth server supports that.
 Default value is true.
      .google.protobuf.BoolValue use_refresh_token = 12;
      Specified by:
      getUseRefreshToken in interface OAuth2ConfigOrBuilder
      Returns:
      The useRefreshToken.

    • setUseRefreshToken

      public OAuth2Config.Builder setUseRefreshToken(com.google.protobuf.BoolValue value)
       If set to true, allows automatic access token refresh using the associated refresh token (see
 `RFC 6749 section 6 <https://datatracker.ietf.org/doc/html/rfc6749#section-6>`_), provided that the OAuth server supports that.
 Default value is true.
      .google.protobuf.BoolValue use_refresh_token = 12;

    • setUseRefreshToken

      public OAuth2Config.Builder setUseRefreshToken(com.google.protobuf.BoolValue.Builder builderForValue)
       If set to true, allows automatic access token refresh using the associated refresh token (see
 `RFC 6749 section 6 <https://datatracker.ietf.org/doc/html/rfc6749#section-6>`_), provided that the OAuth server supports that.
 Default value is true.
      .google.protobuf.BoolValue use_refresh_token = 12;

    • mergeUseRefreshToken

      public OAuth2Config.Builder mergeUseRefreshToken(com.google.protobuf.BoolValue value)
       If set to true, allows automatic access token refresh using the associated refresh token (see
 `RFC 6749 section 6 <https://datatracker.ietf.org/doc/html/rfc6749#section-6>`_), provided that the OAuth server supports that.
 Default value is true.
      .google.protobuf.BoolValue use_refresh_token = 12;

    • clearUseRefreshToken

      public OAuth2Config.Builder clearUseRefreshToken()
       If set to true, allows automatic access token refresh using the associated refresh token (see
 `RFC 6749 section 6 <https://datatracker.ietf.org/doc/html/rfc6749#section-6>`_), provided that the OAuth server supports that.
 Default value is true.
      .google.protobuf.BoolValue use_refresh_token = 12;

    • getUseRefreshTokenBuilder

      public com.google.protobuf.BoolValue.Builder getUseRefreshTokenBuilder()
       If set to true, allows automatic access token refresh using the associated refresh token (see
 `RFC 6749 section 6 <https://datatracker.ietf.org/doc/html/rfc6749#section-6>`_), provided that the OAuth server supports that.
 Default value is true.
      .google.protobuf.BoolValue use_refresh_token = 12;

    • getUseRefreshTokenOrBuilder

      public com.google.protobuf.BoolValueOrBuilder getUseRefreshTokenOrBuilder()
       If set to true, allows automatic access token refresh using the associated refresh token (see
 `RFC 6749 section 6 <https://datatracker.ietf.org/doc/html/rfc6749#section-6>`_), provided that the OAuth server supports that.
 Default value is true.
      .google.protobuf.BoolValue use_refresh_token = 12;
      Specified by:
      getUseRefreshTokenOrBuilder in interface OAuth2ConfigOrBuilder

    • hasDefaultExpiresIn

      public boolean hasDefaultExpiresIn()
       The default lifetime in seconds of the access token, if omitted by the authorization server.

 If this value is not set, it will default to ``0s``. In this case, the expiry must be set by
 the authorization server or the OAuth flow will fail.
      .google.protobuf.Duration default_expires_in = 13;
      Specified by:
      hasDefaultExpiresIn in interface OAuth2ConfigOrBuilder
      Returns:
      Whether the defaultExpiresIn field is set.

    • getDefaultExpiresIn

      public com.google.protobuf.Duration getDefaultExpiresIn()
       The default lifetime in seconds of the access token, if omitted by the authorization server.

 If this value is not set, it will default to ``0s``. In this case, the expiry must be set by
 the authorization server or the OAuth flow will fail.
      .google.protobuf.Duration default_expires_in = 13;
      Specified by:
      getDefaultExpiresIn in interface OAuth2ConfigOrBuilder
      Returns:
      The defaultExpiresIn.

    • setDefaultExpiresIn

      public OAuth2Config.Builder setDefaultExpiresIn(com.google.protobuf.Duration value)
       The default lifetime in seconds of the access token, if omitted by the authorization server.

 If this value is not set, it will default to ``0s``. In this case, the expiry must be set by
 the authorization server or the OAuth flow will fail.
      .google.protobuf.Duration default_expires_in = 13;

    • setDefaultExpiresIn

      public OAuth2Config.Builder setDefaultExpiresIn(com.google.protobuf.Duration.Builder builderForValue)
       The default lifetime in seconds of the access token, if omitted by the authorization server.

 If this value is not set, it will default to ``0s``. In this case, the expiry must be set by
 the authorization server or the OAuth flow will fail.
      .google.protobuf.Duration default_expires_in = 13;

    • mergeDefaultExpiresIn

      public OAuth2Config.Builder mergeDefaultExpiresIn(com.google.protobuf.Duration value)
       The default lifetime in seconds of the access token, if omitted by the authorization server.

 If this value is not set, it will default to ``0s``. In this case, the expiry must be set by
 the authorization server or the OAuth flow will fail.
      .google.protobuf.Duration default_expires_in = 13;

    • clearDefaultExpiresIn

      public OAuth2Config.Builder clearDefaultExpiresIn()
       The default lifetime in seconds of the access token, if omitted by the authorization server.

 If this value is not set, it will default to ``0s``. In this case, the expiry must be set by
 the authorization server or the OAuth flow will fail.
      .google.protobuf.Duration default_expires_in = 13;

    • getDefaultExpiresInBuilder

      public com.google.protobuf.Duration.Builder getDefaultExpiresInBuilder()
       The default lifetime in seconds of the access token, if omitted by the authorization server.

 If this value is not set, it will default to ``0s``. In this case, the expiry must be set by
 the authorization server or the OAuth flow will fail.
      .google.protobuf.Duration default_expires_in = 13;

    • getDefaultExpiresInOrBuilder

      public com.google.protobuf.DurationOrBuilder getDefaultExpiresInOrBuilder()
       The default lifetime in seconds of the access token, if omitted by the authorization server.

 If this value is not set, it will default to ``0s``. In this case, the expiry must be set by
 the authorization server or the OAuth flow will fail.
      .google.protobuf.Duration default_expires_in = 13;
      Specified by:
      getDefaultExpiresInOrBuilder in interface OAuth2ConfigOrBuilder

    • getDenyRedirectMatcherList

      public List<HeaderMatcher> getDenyRedirectMatcherList()
       Any request that matches any of the provided matchers won't be redirected to OAuth server when tokens are not valid.
 Automatic access token refresh will be performed for these requests, if enabled.
 This behavior can be useful for AJAX requests.
      repeated .envoy.config.route.v3.HeaderMatcher deny_redirect_matcher = 14;
      Specified by:
      getDenyRedirectMatcherList in interface OAuth2ConfigOrBuilder

    • getDenyRedirectMatcherCount

      public int getDenyRedirectMatcherCount()
       Any request that matches any of the provided matchers won't be redirected to OAuth server when tokens are not valid.
 Automatic access token refresh will be performed for these requests, if enabled.
 This behavior can be useful for AJAX requests.
      repeated .envoy.config.route.v3.HeaderMatcher deny_redirect_matcher = 14;
      Specified by:
      getDenyRedirectMatcherCount in interface OAuth2ConfigOrBuilder

    • getDenyRedirectMatcher

      public HeaderMatcher getDenyRedirectMatcher(int index)
       Any request that matches any of the provided matchers won't be redirected to OAuth server when tokens are not valid.
 Automatic access token refresh will be performed for these requests, if enabled.
 This behavior can be useful for AJAX requests.
      repeated .envoy.config.route.v3.HeaderMatcher deny_redirect_matcher = 14;
      Specified by:
      getDenyRedirectMatcher in interface OAuth2ConfigOrBuilder

    • setDenyRedirectMatcher

      public OAuth2Config.Builder setDenyRedirectMatcher(int index, HeaderMatcher value)
       Any request that matches any of the provided matchers won't be redirected to OAuth server when tokens are not valid.
 Automatic access token refresh will be performed for these requests, if enabled.
 This behavior can be useful for AJAX requests.
      repeated .envoy.config.route.v3.HeaderMatcher deny_redirect_matcher = 14;

    • setDenyRedirectMatcher

      public OAuth2Config.Builder setDenyRedirectMatcher(int index, HeaderMatcher.Builder builderForValue)
       Any request that matches any of the provided matchers won't be redirected to OAuth server when tokens are not valid.
 Automatic access token refresh will be performed for these requests, if enabled.
 This behavior can be useful for AJAX requests.
      repeated .envoy.config.route.v3.HeaderMatcher deny_redirect_matcher = 14;

    • addDenyRedirectMatcher

      public OAuth2Config.Builder addDenyRedirectMatcher(HeaderMatcher value)
       Any request that matches any of the provided matchers won't be redirected to OAuth server when tokens are not valid.
 Automatic access token refresh will be performed for these requests, if enabled.
 This behavior can be useful for AJAX requests.
      repeated .envoy.config.route.v3.HeaderMatcher deny_redirect_matcher = 14;

    • addDenyRedirectMatcher

      public OAuth2Config.Builder addDenyRedirectMatcher(int index, HeaderMatcher value)
       Any request that matches any of the provided matchers won't be redirected to OAuth server when tokens are not valid.
 Automatic access token refresh will be performed for these requests, if enabled.
 This behavior can be useful for AJAX requests.
      repeated .envoy.config.route.v3.HeaderMatcher deny_redirect_matcher = 14;

    • addDenyRedirectMatcher

      public OAuth2Config.Builder addDenyRedirectMatcher(HeaderMatcher.Builder builderForValue)
       Any request that matches any of the provided matchers won't be redirected to OAuth server when tokens are not valid.
 Automatic access token refresh will be performed for these requests, if enabled.
 This behavior can be useful for AJAX requests.
      repeated .envoy.config.route.v3.HeaderMatcher deny_redirect_matcher = 14;

    • addDenyRedirectMatcher

      public OAuth2Config.Builder addDenyRedirectMatcher(int index, HeaderMatcher.Builder builderForValue)
       Any request that matches any of the provided matchers won't be redirected to OAuth server when tokens are not valid.
 Automatic access token refresh will be performed for these requests, if enabled.
 This behavior can be useful for AJAX requests.
      repeated .envoy.config.route.v3.HeaderMatcher deny_redirect_matcher = 14;

    • addAllDenyRedirectMatcher

      public OAuth2Config.Builder addAllDenyRedirectMatcher(Iterable<? extends HeaderMatcher> values)
       Any request that matches any of the provided matchers won't be redirected to OAuth server when tokens are not valid.
 Automatic access token refresh will be performed for these requests, if enabled.
 This behavior can be useful for AJAX requests.
      repeated .envoy.config.route.v3.HeaderMatcher deny_redirect_matcher = 14;

    • clearDenyRedirectMatcher

      public OAuth2Config.Builder clearDenyRedirectMatcher()
       Any request that matches any of the provided matchers won't be redirected to OAuth server when tokens are not valid.
 Automatic access token refresh will be performed for these requests, if enabled.
 This behavior can be useful for AJAX requests.
      repeated .envoy.config.route.v3.HeaderMatcher deny_redirect_matcher = 14;

    • removeDenyRedirectMatcher

      public OAuth2Config.Builder removeDenyRedirectMatcher(int index)
       Any request that matches any of the provided matchers won't be redirected to OAuth server when tokens are not valid.
 Automatic access token refresh will be performed for these requests, if enabled.
 This behavior can be useful for AJAX requests.
      repeated .envoy.config.route.v3.HeaderMatcher deny_redirect_matcher = 14;

    • getDenyRedirectMatcherBuilder

      public HeaderMatcher.Builder getDenyRedirectMatcherBuilder(int index)
       Any request that matches any of the provided matchers won't be redirected to OAuth server when tokens are not valid.
 Automatic access token refresh will be performed for these requests, if enabled.
 This behavior can be useful for AJAX requests.
      repeated .envoy.config.route.v3.HeaderMatcher deny_redirect_matcher = 14;

    • getDenyRedirectMatcherOrBuilder

      public HeaderMatcherOrBuilder getDenyRedirectMatcherOrBuilder(int index)
       Any request that matches any of the provided matchers won't be redirected to OAuth server when tokens are not valid.
 Automatic access token refresh will be performed for these requests, if enabled.
 This behavior can be useful for AJAX requests.
      repeated .envoy.config.route.v3.HeaderMatcher deny_redirect_matcher = 14;
      Specified by:
      getDenyRedirectMatcherOrBuilder in interface OAuth2ConfigOrBuilder

    • getDenyRedirectMatcherOrBuilderList

      public List<? extends HeaderMatcherOrBuilder> getDenyRedirectMatcherOrBuilderList()
       Any request that matches any of the provided matchers won't be redirected to OAuth server when tokens are not valid.
 Automatic access token refresh will be performed for these requests, if enabled.
 This behavior can be useful for AJAX requests.
      repeated .envoy.config.route.v3.HeaderMatcher deny_redirect_matcher = 14;
      Specified by:
      getDenyRedirectMatcherOrBuilderList in interface OAuth2ConfigOrBuilder

    • addDenyRedirectMatcherBuilder

      public HeaderMatcher.Builder addDenyRedirectMatcherBuilder()
       Any request that matches any of the provided matchers won't be redirected to OAuth server when tokens are not valid.
 Automatic access token refresh will be performed for these requests, if enabled.
 This behavior can be useful for AJAX requests.
      repeated .envoy.config.route.v3.HeaderMatcher deny_redirect_matcher = 14;

    • addDenyRedirectMatcherBuilder

      public HeaderMatcher.Builder addDenyRedirectMatcherBuilder(int index)
       Any request that matches any of the provided matchers won't be redirected to OAuth server when tokens are not valid.
 Automatic access token refresh will be performed for these requests, if enabled.
 This behavior can be useful for AJAX requests.
      repeated .envoy.config.route.v3.HeaderMatcher deny_redirect_matcher = 14;

    • getDenyRedirectMatcherBuilderList

      public List<HeaderMatcher.Builder> getDenyRedirectMatcherBuilderList()
       Any request that matches any of the provided matchers won't be redirected to OAuth server when tokens are not valid.
 Automatic access token refresh will be performed for these requests, if enabled.
 This behavior can be useful for AJAX requests.
      repeated .envoy.config.route.v3.HeaderMatcher deny_redirect_matcher = 14;

    • hasDefaultRefreshTokenExpiresIn

      public boolean hasDefaultRefreshTokenExpiresIn()
       The default lifetime in seconds of the refresh token, if the exp (expiration time) claim is omitted in the refresh token or the refresh token is not JWT.

 If this value is not set, it will default to ``604800s``. In this case, the cookie with the refresh token will be expired
 in a week.
 This setting is only considered if ``use_refresh_token`` is set to true, otherwise the authorization server expiration or ``default_expires_in`` is used.
      .google.protobuf.Duration default_refresh_token_expires_in = 15;
      Specified by:
      hasDefaultRefreshTokenExpiresIn in interface OAuth2ConfigOrBuilder
      Returns:
      Whether the defaultRefreshTokenExpiresIn field is set.

    • getDefaultRefreshTokenExpiresIn

      public com.google.protobuf.Duration getDefaultRefreshTokenExpiresIn()
       The default lifetime in seconds of the refresh token, if the exp (expiration time) claim is omitted in the refresh token or the refresh token is not JWT.

 If this value is not set, it will default to ``604800s``. In this case, the cookie with the refresh token will be expired
 in a week.
 This setting is only considered if ``use_refresh_token`` is set to true, otherwise the authorization server expiration or ``default_expires_in`` is used.
      .google.protobuf.Duration default_refresh_token_expires_in = 15;
      Specified by:
      getDefaultRefreshTokenExpiresIn in interface OAuth2ConfigOrBuilder
      Returns:
      The defaultRefreshTokenExpiresIn.

    • setDefaultRefreshTokenExpiresIn

      public OAuth2Config.Builder setDefaultRefreshTokenExpiresIn(com.google.protobuf.Duration value)
       The default lifetime in seconds of the refresh token, if the exp (expiration time) claim is omitted in the refresh token or the refresh token is not JWT.

 If this value is not set, it will default to ``604800s``. In this case, the cookie with the refresh token will be expired
 in a week.
 This setting is only considered if ``use_refresh_token`` is set to true, otherwise the authorization server expiration or ``default_expires_in`` is used.
      .google.protobuf.Duration default_refresh_token_expires_in = 15;

    • setDefaultRefreshTokenExpiresIn

      public OAuth2Config.Builder setDefaultRefreshTokenExpiresIn(com.google.protobuf.Duration.Builder builderForValue)
       The default lifetime in seconds of the refresh token, if the exp (expiration time) claim is omitted in the refresh token or the refresh token is not JWT.

 If this value is not set, it will default to ``604800s``. In this case, the cookie with the refresh token will be expired
 in a week.
 This setting is only considered if ``use_refresh_token`` is set to true, otherwise the authorization server expiration or ``default_expires_in`` is used.
      .google.protobuf.Duration default_refresh_token_expires_in = 15;

    • mergeDefaultRefreshTokenExpiresIn

      public OAuth2Config.Builder mergeDefaultRefreshTokenExpiresIn(com.google.protobuf.Duration value)
       The default lifetime in seconds of the refresh token, if the exp (expiration time) claim is omitted in the refresh token or the refresh token is not JWT.

 If this value is not set, it will default to ``604800s``. In this case, the cookie with the refresh token will be expired
 in a week.
 This setting is only considered if ``use_refresh_token`` is set to true, otherwise the authorization server expiration or ``default_expires_in`` is used.
      .google.protobuf.Duration default_refresh_token_expires_in = 15;

    • clearDefaultRefreshTokenExpiresIn

      public OAuth2Config.Builder clearDefaultRefreshTokenExpiresIn()
       The default lifetime in seconds of the refresh token, if the exp (expiration time) claim is omitted in the refresh token or the refresh token is not JWT.

 If this value is not set, it will default to ``604800s``. In this case, the cookie with the refresh token will be expired
 in a week.
 This setting is only considered if ``use_refresh_token`` is set to true, otherwise the authorization server expiration or ``default_expires_in`` is used.
      .google.protobuf.Duration default_refresh_token_expires_in = 15;

    • getDefaultRefreshTokenExpiresInBuilder

      public com.google.protobuf.Duration.Builder getDefaultRefreshTokenExpiresInBuilder()
       The default lifetime in seconds of the refresh token, if the exp (expiration time) claim is omitted in the refresh token or the refresh token is not JWT.

 If this value is not set, it will default to ``604800s``. In this case, the cookie with the refresh token will be expired
 in a week.
 This setting is only considered if ``use_refresh_token`` is set to true, otherwise the authorization server expiration or ``default_expires_in`` is used.
      .google.protobuf.Duration default_refresh_token_expires_in = 15;

    • getDefaultRefreshTokenExpiresInOrBuilder

      public com.google.protobuf.DurationOrBuilder getDefaultRefreshTokenExpiresInOrBuilder()
       The default lifetime in seconds of the refresh token, if the exp (expiration time) claim is omitted in the refresh token or the refresh token is not JWT.

 If this value is not set, it will default to ``604800s``. In this case, the cookie with the refresh token will be expired
 in a week.
 This setting is only considered if ``use_refresh_token`` is set to true, otherwise the authorization server expiration or ``default_expires_in`` is used.
      .google.protobuf.Duration default_refresh_token_expires_in = 15;
      Specified by:
      getDefaultRefreshTokenExpiresInOrBuilder in interface OAuth2ConfigOrBuilder

    • getDisableIdTokenSetCookie

      public boolean getDisableIdTokenSetCookie()
       If set to true, the client will not set a cookie for ID Token even if one is received from the Identity Provider. This may be useful in cases where the ID
 Token is too large for HTTP cookies (longer than 4096 characters). Enabling this option will only disable setting the cookie response header, the filter
 will still process incoming ID Tokens as part of the HMAC if they are there. This is to ensure compatibility while switching this setting on. Future
 sessions would not set the IdToken cookie header.
      bool disable_id_token_set_cookie = 17;
      Specified by:
      getDisableIdTokenSetCookie in interface OAuth2ConfigOrBuilder
      Returns:
      The disableIdTokenSetCookie.

    • setDisableIdTokenSetCookie

      public OAuth2Config.Builder setDisableIdTokenSetCookie(boolean value)
       If set to true, the client will not set a cookie for ID Token even if one is received from the Identity Provider. This may be useful in cases where the ID
 Token is too large for HTTP cookies (longer than 4096 characters). Enabling this option will only disable setting the cookie response header, the filter
 will still process incoming ID Tokens as part of the HMAC if they are there. This is to ensure compatibility while switching this setting on. Future
 sessions would not set the IdToken cookie header.
      bool disable_id_token_set_cookie = 17;
      Parameters:
      value - The disableIdTokenSetCookie to set.
      Returns:
      This builder for chaining.

    • clearDisableIdTokenSetCookie

      public OAuth2Config.Builder clearDisableIdTokenSetCookie()
       If set to true, the client will not set a cookie for ID Token even if one is received from the Identity Provider. This may be useful in cases where the ID
 Token is too large for HTTP cookies (longer than 4096 characters). Enabling this option will only disable setting the cookie response header, the filter
 will still process incoming ID Tokens as part of the HMAC if they are there. This is to ensure compatibility while switching this setting on. Future
 sessions would not set the IdToken cookie header.
      bool disable_id_token_set_cookie = 17;
      Returns:
      This builder for chaining.

    • getDisableAccessTokenSetCookie

      public boolean getDisableAccessTokenSetCookie()
       If set to true, the client will not set a cookie for Access Token even if one is received from the Identity Provider.
 Enabling this option will only disable setting the cookie response header, the filter
 will still process incoming Access Tokens as part of the HMAC if they are there. This is to ensure compatibility while switching this setting on. Future
 sessions would not set the Access Token cookie header.
      bool disable_access_token_set_cookie = 19;
      Specified by:
      getDisableAccessTokenSetCookie in interface OAuth2ConfigOrBuilder
      Returns:
      The disableAccessTokenSetCookie.

    • setDisableAccessTokenSetCookie

      public OAuth2Config.Builder setDisableAccessTokenSetCookie(boolean value)
       If set to true, the client will not set a cookie for Access Token even if one is received from the Identity Provider.
 Enabling this option will only disable setting the cookie response header, the filter
 will still process incoming Access Tokens as part of the HMAC if they are there. This is to ensure compatibility while switching this setting on. Future
 sessions would not set the Access Token cookie header.
      bool disable_access_token_set_cookie = 19;
      Parameters:
      value - The disableAccessTokenSetCookie to set.
      Returns:
      This builder for chaining.

    • clearDisableAccessTokenSetCookie

      public OAuth2Config.Builder clearDisableAccessTokenSetCookie()
       If set to true, the client will not set a cookie for Access Token even if one is received from the Identity Provider.
 Enabling this option will only disable setting the cookie response header, the filter
 will still process incoming Access Tokens as part of the HMAC if they are there. This is to ensure compatibility while switching this setting on. Future
 sessions would not set the Access Token cookie header.
      bool disable_access_token_set_cookie = 19;
      Returns:
      This builder for chaining.

    • getDisableRefreshTokenSetCookie

      public boolean getDisableRefreshTokenSetCookie()
       If set to true, the client will not set a cookie for Refresh Token even if one is received from the Identity Provider.
 Enabling this option will only disable setting the cookie response header, the filter
 will still process incoming Refresh Tokens as part of the HMAC if they are there. This is to ensure compatibility while switching this setting on. Future
 sessions would not set the Refresh Token cookie header.
      bool disable_refresh_token_set_cookie = 20;
      Specified by:
      getDisableRefreshTokenSetCookie in interface OAuth2ConfigOrBuilder
      Returns:
      The disableRefreshTokenSetCookie.

    • setDisableRefreshTokenSetCookie

      public OAuth2Config.Builder setDisableRefreshTokenSetCookie(boolean value)
       If set to true, the client will not set a cookie for Refresh Token even if one is received from the Identity Provider.
 Enabling this option will only disable setting the cookie response header, the filter
 will still process incoming Refresh Tokens as part of the HMAC if they are there. This is to ensure compatibility while switching this setting on. Future
 sessions would not set the Refresh Token cookie header.
      bool disable_refresh_token_set_cookie = 20;
      Parameters:
      value - The disableRefreshTokenSetCookie to set.
      Returns:
      This builder for chaining.

    • clearDisableRefreshTokenSetCookie

      public OAuth2Config.Builder clearDisableRefreshTokenSetCookie()
       If set to true, the client will not set a cookie for Refresh Token even if one is received from the Identity Provider.
 Enabling this option will only disable setting the cookie response header, the filter
 will still process incoming Refresh Tokens as part of the HMAC if they are there. This is to ensure compatibility while switching this setting on. Future
 sessions would not set the Refresh Token cookie header.
      bool disable_refresh_token_set_cookie = 20;
      Returns:
      This builder for chaining.

    • hasCookieConfigs

      public boolean hasCookieConfigs()
       Controls for attributes that can be set on the cookies.
      .envoy.extensions.filters.http.oauth2.v3.CookieConfigs cookie_configs = 21;
      Specified by:
      hasCookieConfigs in interface OAuth2ConfigOrBuilder
      Returns:
      Whether the cookieConfigs field is set.

    • getCookieConfigs

      public CookieConfigs getCookieConfigs()
       Controls for attributes that can be set on the cookies.
      .envoy.extensions.filters.http.oauth2.v3.CookieConfigs cookie_configs = 21;
      Specified by:
      getCookieConfigs in interface OAuth2ConfigOrBuilder
      Returns:
      The cookieConfigs.

    • setCookieConfigs

      public OAuth2Config.Builder setCookieConfigs(CookieConfigs value)
       Controls for attributes that can be set on the cookies.
      .envoy.extensions.filters.http.oauth2.v3.CookieConfigs cookie_configs = 21;

    • setCookieConfigs

      public OAuth2Config.Builder setCookieConfigs(CookieConfigs.Builder builderForValue)
       Controls for attributes that can be set on the cookies.
      .envoy.extensions.filters.http.oauth2.v3.CookieConfigs cookie_configs = 21;

    • mergeCookieConfigs

      public OAuth2Config.Builder mergeCookieConfigs(CookieConfigs value)
       Controls for attributes that can be set on the cookies.
      .envoy.extensions.filters.http.oauth2.v3.CookieConfigs cookie_configs = 21;

    • clearCookieConfigs

      public OAuth2Config.Builder clearCookieConfigs()
       Controls for attributes that can be set on the cookies.
      .envoy.extensions.filters.http.oauth2.v3.CookieConfigs cookie_configs = 21;

    • getCookieConfigsBuilder

      public CookieConfigs.Builder getCookieConfigsBuilder()
       Controls for attributes that can be set on the cookies.
      .envoy.extensions.filters.http.oauth2.v3.CookieConfigs cookie_configs = 21;

    • getCookieConfigsOrBuilder

      public CookieConfigsOrBuilder getCookieConfigsOrBuilder()
       Controls for attributes that can be set on the cookies.
      .envoy.extensions.filters.http.oauth2.v3.CookieConfigs cookie_configs = 21;
      Specified by:
      getCookieConfigsOrBuilder in interface OAuth2ConfigOrBuilder

    • getStatPrefix

      public String getStatPrefix()
       Optional additional prefix to use when emitting statistics.
      string stat_prefix = 22;
      Specified by:
      getStatPrefix in interface OAuth2ConfigOrBuilder
      Returns:
      The statPrefix.

    • getStatPrefixBytes

      public com.google.protobuf.ByteString getStatPrefixBytes()
       Optional additional prefix to use when emitting statistics.
      string stat_prefix = 22;
      Specified by:
      getStatPrefixBytes in interface OAuth2ConfigOrBuilder
      Returns:
      The bytes for statPrefix.

    • setStatPrefix

      public OAuth2Config.Builder setStatPrefix(String value)
       Optional additional prefix to use when emitting statistics.
      string stat_prefix = 22;
      Parameters:
      value - The statPrefix to set.
      Returns:
      This builder for chaining.

    • clearStatPrefix

      public OAuth2Config.Builder clearStatPrefix()
       Optional additional prefix to use when emitting statistics.
      string stat_prefix = 22;
      Returns:
      This builder for chaining.

    • setStatPrefixBytes

      public OAuth2Config.Builder setStatPrefixBytes(com.google.protobuf.ByteString value)
       Optional additional prefix to use when emitting statistics.
      string stat_prefix = 22;
      Parameters:
      value - The bytes for statPrefix to set.
      Returns:
      This builder for chaining.

    • hasCsrfTokenExpiresIn

      public boolean hasCsrfTokenExpiresIn()
       Optional expiration time for the CSRF protection token cookie.
 The CSRF token prevents cross-site request forgery attacks during the OAuth2 flow.
 If not specified, defaults to ``600s`` (10 minutes), which should provide sufficient time
 for users to complete the OAuth2 authorization flow.
      .google.protobuf.Duration csrf_token_expires_in = 24;
      Specified by:
      hasCsrfTokenExpiresIn in interface OAuth2ConfigOrBuilder
      Returns:
      Whether the csrfTokenExpiresIn field is set.

    • getCsrfTokenExpiresIn

      public com.google.protobuf.Duration getCsrfTokenExpiresIn()
       Optional expiration time for the CSRF protection token cookie.
 The CSRF token prevents cross-site request forgery attacks during the OAuth2 flow.
 If not specified, defaults to ``600s`` (10 minutes), which should provide sufficient time
 for users to complete the OAuth2 authorization flow.
      .google.protobuf.Duration csrf_token_expires_in = 24;
      Specified by:
      getCsrfTokenExpiresIn in interface OAuth2ConfigOrBuilder
      Returns:
      The csrfTokenExpiresIn.

    • setCsrfTokenExpiresIn

      public OAuth2Config.Builder setCsrfTokenExpiresIn(com.google.protobuf.Duration value)
       Optional expiration time for the CSRF protection token cookie.
 The CSRF token prevents cross-site request forgery attacks during the OAuth2 flow.
 If not specified, defaults to ``600s`` (10 minutes), which should provide sufficient time
 for users to complete the OAuth2 authorization flow.
      .google.protobuf.Duration csrf_token_expires_in = 24;

    • setCsrfTokenExpiresIn

      public OAuth2Config.Builder setCsrfTokenExpiresIn(com.google.protobuf.Duration.Builder builderForValue)
       Optional expiration time for the CSRF protection token cookie.
 The CSRF token prevents cross-site request forgery attacks during the OAuth2 flow.
 If not specified, defaults to ``600s`` (10 minutes), which should provide sufficient time
 for users to complete the OAuth2 authorization flow.
      .google.protobuf.Duration csrf_token_expires_in = 24;

    • mergeCsrfTokenExpiresIn

      public OAuth2Config.Builder mergeCsrfTokenExpiresIn(com.google.protobuf.Duration value)
       Optional expiration time for the CSRF protection token cookie.
 The CSRF token prevents cross-site request forgery attacks during the OAuth2 flow.
 If not specified, defaults to ``600s`` (10 minutes), which should provide sufficient time
 for users to complete the OAuth2 authorization flow.
      .google.protobuf.Duration csrf_token_expires_in = 24;

    • clearCsrfTokenExpiresIn

      public OAuth2Config.Builder clearCsrfTokenExpiresIn()
       Optional expiration time for the CSRF protection token cookie.
 The CSRF token prevents cross-site request forgery attacks during the OAuth2 flow.
 If not specified, defaults to ``600s`` (10 minutes), which should provide sufficient time
 for users to complete the OAuth2 authorization flow.
      .google.protobuf.Duration csrf_token_expires_in = 24;

    • getCsrfTokenExpiresInBuilder

      public com.google.protobuf.Duration.Builder getCsrfTokenExpiresInBuilder()
       Optional expiration time for the CSRF protection token cookie.
 The CSRF token prevents cross-site request forgery attacks during the OAuth2 flow.
 If not specified, defaults to ``600s`` (10 minutes), which should provide sufficient time
 for users to complete the OAuth2 authorization flow.
      .google.protobuf.Duration csrf_token_expires_in = 24;

    • getCsrfTokenExpiresInOrBuilder

      public com.google.protobuf.DurationOrBuilder getCsrfTokenExpiresInOrBuilder()
       Optional expiration time for the CSRF protection token cookie.
 The CSRF token prevents cross-site request forgery attacks during the OAuth2 flow.
 If not specified, defaults to ``600s`` (10 minutes), which should provide sufficient time
 for users to complete the OAuth2 authorization flow.
      .google.protobuf.Duration csrf_token_expires_in = 24;
      Specified by:
      getCsrfTokenExpiresInOrBuilder in interface OAuth2ConfigOrBuilder

    • hasCodeVerifierTokenExpiresIn

      public boolean hasCodeVerifierTokenExpiresIn()
       Optional expiration time for the code verifier cookie.
 The code verifier is stored in a secure, HTTP-only cookie during the OAuth2 authorization process.
 If not specified, defaults to ``600s`` (10 minutes), which should provide sufficient time
 for users to complete the OAuth2 authorization flow.
      .google.protobuf.Duration code_verifier_token_expires_in = 25;
      Specified by:
      hasCodeVerifierTokenExpiresIn in interface OAuth2ConfigOrBuilder
      Returns:
      Whether the codeVerifierTokenExpiresIn field is set.

    • getCodeVerifierTokenExpiresIn

      public com.google.protobuf.Duration getCodeVerifierTokenExpiresIn()
       Optional expiration time for the code verifier cookie.
 The code verifier is stored in a secure, HTTP-only cookie during the OAuth2 authorization process.
 If not specified, defaults to ``600s`` (10 minutes), which should provide sufficient time
 for users to complete the OAuth2 authorization flow.
      .google.protobuf.Duration code_verifier_token_expires_in = 25;
      Specified by:
      getCodeVerifierTokenExpiresIn in interface OAuth2ConfigOrBuilder
      Returns:
      The codeVerifierTokenExpiresIn.

    • setCodeVerifierTokenExpiresIn

      public OAuth2Config.Builder setCodeVerifierTokenExpiresIn(com.google.protobuf.Duration value)
       Optional expiration time for the code verifier cookie.
 The code verifier is stored in a secure, HTTP-only cookie during the OAuth2 authorization process.
 If not specified, defaults to ``600s`` (10 minutes), which should provide sufficient time
 for users to complete the OAuth2 authorization flow.
      .google.protobuf.Duration code_verifier_token_expires_in = 25;

    • setCodeVerifierTokenExpiresIn

      public OAuth2Config.Builder setCodeVerifierTokenExpiresIn(com.google.protobuf.Duration.Builder builderForValue)
       Optional expiration time for the code verifier cookie.
 The code verifier is stored in a secure, HTTP-only cookie during the OAuth2 authorization process.
 If not specified, defaults to ``600s`` (10 minutes), which should provide sufficient time
 for users to complete the OAuth2 authorization flow.
      .google.protobuf.Duration code_verifier_token_expires_in = 25;

    • mergeCodeVerifierTokenExpiresIn

      public OAuth2Config.Builder mergeCodeVerifierTokenExpiresIn(com.google.protobuf.Duration value)
       Optional expiration time for the code verifier cookie.
 The code verifier is stored in a secure, HTTP-only cookie during the OAuth2 authorization process.
 If not specified, defaults to ``600s`` (10 minutes), which should provide sufficient time
 for users to complete the OAuth2 authorization flow.
      .google.protobuf.Duration code_verifier_token_expires_in = 25;

    • clearCodeVerifierTokenExpiresIn

      public OAuth2Config.Builder clearCodeVerifierTokenExpiresIn()
       Optional expiration time for the code verifier cookie.
 The code verifier is stored in a secure, HTTP-only cookie during the OAuth2 authorization process.
 If not specified, defaults to ``600s`` (10 minutes), which should provide sufficient time
 for users to complete the OAuth2 authorization flow.
      .google.protobuf.Duration code_verifier_token_expires_in = 25;

    • getCodeVerifierTokenExpiresInBuilder

      public com.google.protobuf.Duration.Builder getCodeVerifierTokenExpiresInBuilder()
       Optional expiration time for the code verifier cookie.
 The code verifier is stored in a secure, HTTP-only cookie during the OAuth2 authorization process.
 If not specified, defaults to ``600s`` (10 minutes), which should provide sufficient time
 for users to complete the OAuth2 authorization flow.
      .google.protobuf.Duration code_verifier_token_expires_in = 25;

    • getCodeVerifierTokenExpiresInOrBuilder

      public com.google.protobuf.DurationOrBuilder getCodeVerifierTokenExpiresInOrBuilder()
       Optional expiration time for the code verifier cookie.
 The code verifier is stored in a secure, HTTP-only cookie during the OAuth2 authorization process.
 If not specified, defaults to ``600s`` (10 minutes), which should provide sufficient time
 for users to complete the OAuth2 authorization flow.
      .google.protobuf.Duration code_verifier_token_expires_in = 25;
      Specified by:
      getCodeVerifierTokenExpiresInOrBuilder in interface OAuth2ConfigOrBuilder

    • getDisableTokenEncryption

      public boolean getDisableTokenEncryption()
       Disable token encryption. When set to true, both the access token and the ID token will be stored in plain text.
 This option should only be used in secure environments where token encryption is not required.
 Default is false (tokens are encrypted).
      bool disable_token_encryption = 26;
      Specified by:
      getDisableTokenEncryption in interface OAuth2ConfigOrBuilder
      Returns:
      The disableTokenEncryption.

    • setDisableTokenEncryption

      public OAuth2Config.Builder setDisableTokenEncryption(boolean value)
       Disable token encryption. When set to true, both the access token and the ID token will be stored in plain text.
 This option should only be used in secure environments where token encryption is not required.
 Default is false (tokens are encrypted).
      bool disable_token_encryption = 26;
      Parameters:
      value - The disableTokenEncryption to set.
      Returns:
      This builder for chaining.

    • clearDisableTokenEncryption

      public OAuth2Config.Builder clearDisableTokenEncryption()
       Disable token encryption. When set to true, both the access token and the ID token will be stored in plain text.
 This option should only be used in secure environments where token encryption is not required.
 Default is false (tokens are encrypted).
      bool disable_token_encryption = 26;
      Returns:
      This builder for chaining.

    • setUnknownFields

      public final OAuth2Config.Builder setUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)
      Specified by:
      setUnknownFields in interface com.google.protobuf.Message.Builder
      Overrides:
      setUnknownFields in class com.google.protobuf.GeneratedMessageV3.Builder<OAuth2Config.Builder>

    • mergeUnknownFields

      public final OAuth2Config.Builder mergeUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)
      Specified by:
      mergeUnknownFields in interface com.google.protobuf.Message.Builder
      Overrides:
      mergeUnknownFields in class com.google.protobuf.GeneratedMessageV3.Builder<OAuth2Config.Builder>