Package dev.relism.flash.ext.oidc

package dev.relism.flash.ext.oidc

Class	Description
Authenticated	Marks a handler as requiring a valid JWT.
ClaimsHolder	Thread-local store for JWT claims, populated by the OIDC middleware before the handler runs and cleared in the finally block afterward.
ClientAuthMethod	OAuth2 client authentication method for the token endpoint (RFC 6749 §2.3).
InMemoryOidcSessionStore	Thread-safe in-memory OidcSessionStore.
JwtValidator	Validates JWTs against a remote JWKS endpoint using Nimbus JOSE+JWT.
OidcConfig	Full OIDC client configuration.
OidcConfig.Builder
OidcExtension	Full OIDC Authorization Code + PKCE flow for Flash.
OidcMiddleware	Request-level OIDC middleware.
OidcProviderMetadata	OIDC provider endpoints discovered from {issuer}/.well-known/openid-configuration.
OidcSession	An authenticated user's OIDC session — persisted in OidcSessionStore and looked up via the oidc_session cookie on every request.
OidcSessionStore	Backing store for OidcSession objects.
OidcUser	Type-safe view over the JWT claims stored in ClaimsHolder.
OidcValidationException	Thrown when OIDC token validation fails (signature, claims, nonce, expiry, etc.).
RolesAllowed	Restricts a handler to callers whose JWT contains at least one of the specified roles.
ScopesAllowed	Restricts a handler to callers whose token carries the required OAuth2 scopes.
ScopesAllowed.Match