|
10Duke Scale SDK for Java
|
The 10Duke Scale SDK for Java defines its configuration using the interface tenduke.scale.api.config.TendukeScaleConfig.
The following table explains the configuration schema, listing all available configuration options:
| Name | Purpose | Data type |
|---|---|---|
| token_path | Directory path for storing license data. This configuration entry can be used by applications that do not have access to a database. We recommend that applications that have access to a database store license tokens in the database. | Path |
| public_key_path | Directory path for storing public keys. This configuration can be used by applications that do not have access to a database or cache. We recommend that applications using a database store public keys in a cache or in the database. | Path |
| licensing_api_url | Scheme and host name for the licensing API. | URL |
| licensing_api_authorization_model | Method of authorization used for 10Duke Scale API calls. Omit this configuration entry for license key based licensing. | enum: [id_token, scale_jwt] |
| idp_oidc_discovery_url | Used to retrieve the details of the Open ID Connect endpoints for the identity provider. | URL |
| idp_oauth_authorization_url | Endpoint for the Authorization Request in Authorization Code or Implicit Grant flows (can be omitted if idp_oidc_discovery_url is present). | URL |
| idp_oauth_device_code_url | Endpoint for Device Authorization Request in Device Authorization Grant flow (can be omitted if idp_oidc_discovery_url is present, only required when Device Authorization Grant flow is being used). | URL |
| idp_oauth_token_url | Endpoint for Access Token Request or Device Access Token Request (can be omitted if idp_oidc_discovery_url is present). | URL |
| idp_oauth_client_id | Application credentials for OAuth/Open ID Connect. | String |
| idp_oauth_client_secret | Application credentials for OAuth/Open ID Connect. Required for some OAuth flows or for some Identity Providers. | String |
| idp_oauth_scope | Scopes to include in the Access and ID tokens requested via Open ID Connect. | Array (space separated Strings), minimum: "openid", common: "openid profile email" |
| idp_userinfo_url | Endpoint handling the UserInfo Request (can be omitted if idp_oidc_discovery_url is present). | URL |
| token_refresh_leeway_seconds | The number of seconds before expiry time that an ID token or Scale JWT is automatically refreshed (default: 30 seconds). | float (seconds) |
| idp_jwks_uri | URL path to read public key used to verify JWTs received from Authorization Server authenticating Open ID Connect session. | URL |
| auth_redirect_path | Path fragment for local redirect URL to use for PKCE Flow Client. This is the path that the IDP redirects to for successful authentication during the PKCE flow. Defaults to /login/callback (interpreted as http://localhost/login/callback for the localhost HTTP listener provided for use in desktop scenarios). If this value is not specified here, the default URL must be configured for the application at the IDP. Note This value is ignored if auth_redirect_uri is specified. | URL |
| auth_redirect_port | Local port number to list for PKCE Flow redirect. Defaults to a random port. | int (tcp port number) |
| auth_redirect_uri | Fully specified URI for redirect_uri in OAuth. This configuration entry is applicable for Java web applications and cases where the 10Duke SDK OAuth client is NOT responsible for the HTTP server. | int (tcp port number) |
| auth_success_message | Java resource containing response content for successful login (see 10Duke Core PKCE Flow Client). | Resource path |
| http_timeout_seconds | Timeout for HTTP requests (default: 30.0 seconds). | float (seconds) |
| https_proxy | Proxy to use for HTTPS requests. | URL |
A Typesafe-based implementation is provided via an optional dependency. See the installation article for details on how to link the tenduke-scale-sdk-config-typesafe artifact.
Use the class tenduke.scale.config.typesafe.TendukeScaleConfigLoader to bootstrap the configuration:
In the resource pointed to by configResourceName, for example, src/main/resources/tenduke.conf, configure the SDK accordingly if the application requires the license key-based licensing or identity-based licensing.
A configuration example for license key-based licensing:
A configuration example for identity-based licensing using the PKCE flow:
See the example in examples/cli-with-identity-based-licensing for an identity-based licensing application configured to use the Typesafe-based implementation.
For applications with an existing configuration implementation, it can make more sense to provide a programmatic implementation of the tenduke.scale.api.config.TendukeScaleConfig interface. Such applications can benefit from using the class tenduke.scale.api.config.InMemoryTendukeScaleConfig, which provides a plain old Java object (POJO) implementation of the tenduke.scale.api.config.TendukeScaleConfig interface.
A configuration example for license key-based licensing, using the tenduke.scale.api.config.InMemoryTendukeScaleConfig class:
A configuration example for identity-based licensing, using the InMemoryTendukeScaleConfig class: