Issue #12644 - use builder API to construct OpenIdConfiguration

jetty-ee9/jetty-ee9-openid/src/main/java/org/eclipse/jetty/ee9/security/openid/OpenIdAuthenticator.java

@@ -638,7 +638,7 @@ protected String getChallengeUri(Request request)
             scopes.append(" ").append(s);
         }
 
-        return _openIdConfiguration.getAuthEndpoint() +
+        return _openIdConfiguration.getAuthorizationEndpoint() +
             "?client_id=" + UrlEncoded.encodeString(_openIdConfiguration.getClientId(), StandardCharsets.UTF_8) +
             "&redirect_uri=" + UrlEncoded.encodeString(getRedirectUri(request), StandardCharsets.UTF_8) +
             "&scope=openid" + UrlEncoded.encodeString(scopes.toString(), StandardCharsets.UTF_8) +

jetty-ee9/jetty-ee9-openid/src/test/java/org/eclipse/jetty/ee9/security/openid/OpenIdAuthenticationTest.java

@@ -19,7 +19,6 @@
 import java.util.List;
 import java.util.Map;
 import java.util.concurrent.atomic.AtomicBoolean;
-import java.util.function.Consumer;
 
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServlet;
@@ -70,10 +69,10 @@ public class OpenIdAuthenticationTest
 
     public void setup(LoginService loginService) throws Exception
     {
-        setup(loginService, null);
+        setup(loginService, false);
     }
 
-    public void setup(LoginService loginService, Consumer<OpenIdConfiguration> configure) throws Exception
+    public void setup(LoginService loginService, boolean logoutWhenIdTokenIsExpired) throws Exception
     {
         openIdProvider = new OpenIdProvider(CLIENT_ID, CLIENT_SECRET);
         openIdProvider.start();
@@ -123,9 +122,9 @@ public void setup(LoginService loginService, Consumer<OpenIdConfiguration> confi
         securityHandler.addConstraintMapping(adminMapping);
 
         // Authentication using local OIDC Provider
-        OpenIdConfiguration openIdConfiguration = new OpenIdConfiguration(openIdProvider.getProvider(), CLIENT_ID, CLIENT_SECRET);
-        if (configure != null)
-            configure.accept(openIdConfiguration);
+        OpenIdConfiguration openIdConfiguration = new OpenIdConfiguration.Builder(openIdProvider.getProvider(), CLIENT_ID, CLIENT_SECRET)
+            .logoutWhenIdTokenIsExpired(logoutWhenIdTokenIsExpired)
+            .build();
         server.addBean(openIdConfiguration);
         securityHandler.setInitParameter(OpenIdAuthenticator.REDIRECT_PATH, "/redirect_path");
         securityHandler.setInitParameter(OpenIdAuthenticator.ERROR_PAGE, "/error");
@@ -284,7 +283,7 @@ public boolean validate(UserIdentity user)
     @Test
     public void testExpiredIdToken() throws Exception
     {
-        setup(null, config -> config.setLogoutWhenIdTokenIsExpired(true));
+        setup(null, true);
         long idTokenExpiryTime = 2000;
         openIdProvider.setIdTokenDuration(idTokenExpiryTime);
         openIdProvider.setUser(new OpenIdProvider.User("123456789", "Alice"));

jetty-integrations/jetty-openid/src/main/config/etc/jetty-openid.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0"?>
-<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://jetty.org/configure_9_3.dtd">
+<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "https://www.eclipse.org/jetty/configure_10_0.dtd">
 <Configure id="Server" class="org.eclipse.jetty.server.Server">
   <Get id="ThreadPool" name="threadPool"/>
   <New id="HttpClient" class="org.eclipse.jetty.client.HttpClient">
@@ -20,35 +20,34 @@
     </Arg>
     <Set name="executor"><Ref refid="ThreadPool"/></Set>
   </New>
+  <New class="org.eclipse.jetty.security.openid.OpenIdConfiguration$Builder">
+    <Arg name="issuer"><Property name="jetty.openid.provider"/></Arg>
+    <Arg name="clientId"><Property name="jetty.openid.clientId"/></Arg>
+    <Arg name="clientSecret"><Property name="jetty.openid.clientSecret"/></Arg>
+    <Set name="authorizationEndpoint" property="jetty.openid.provider.authorizationEndpoint"/>
+    <Set name="tokenEndpoint" property="jetty.openid.provider.tokenEndpoint"/>
+    <Set name="authenticationMethod" property="jetty.openid.authenticationMethod"/>
+    <Set name="httpClient"><Ref refid="HttpClient"/></Set>
+    <Set name="authenticateNewUsers" type="boolean" property="jetty.openid.authenticateNewUsers"/>
+    <Set name="logoutWhenIdTokenIsExpired" type="boolean" property="jetty.openid.logoutWhenIdTokenIsExpired"/>
+    <Call name="scopes">
+      <Arg>
+        <Call class="org.eclipse.jetty.util.StringUtil" name="csvSplit">
+          <Arg><Property name="jetty.openid.scopes"/></Arg>
+        </Call>
+      </Arg>
+    </Call>
+
+    <Call id="OpenIdConfiguration" name="build"/>
+  </New>
   <Call name="addBean">
     <Arg>
-      <Ref refid="BaseLoginService"/>
+      <Ref refid="OpenIdConfiguration"/>
     </Arg>
   </Call>
   <Call name="addBean">
     <Arg>
-      <New id="OpenIdConfiguration" class="org.eclipse.jetty.security.openid.OpenIdConfiguration">
-        <Arg name="issuer"><Property name="jetty.openid.provider" deprecated="jetty.openid.openIdProvider"/></Arg>
-        <Arg name="authorizationEndpoint"><Property name="jetty.openid.provider.authorizationEndpoint"/></Arg>
-        <Arg name="tokenEndpoint"><Property name="jetty.openid.provider.tokenEndpoint"/></Arg>
-        <Arg name="clientId"><Property name="jetty.openid.clientId"/></Arg>
-        <Arg name="clientSecret"><Property name="jetty.openid.clientSecret"/></Arg>
-        <Arg name="authenticationMethod"><Property name="jetty.openid.authenticationMethod" deprecated="jetty.openid.authMethod" default="client_secret_post"/></Arg>
-        <Arg name="httpClient"><Ref refid="HttpClient"/></Arg>
-        <Set name="authenticateNewUsers">
-          <Property name="jetty.openid.authenticateNewUsers" default="false"/>
-        </Set>
-        <Set name="logoutWhenIdTokenIsExpired">
-          <Property name="jetty.openid.logoutWhenIdTokenIsExpired" default="false"/>
-        </Set>
-        <Call name="addScopes">
-          <Arg>
-            <Call class="org.eclipse.jetty.util.StringUtil" name="csvSplit">
-              <Arg><Property name="jetty.openid.scopes"/></Arg>
-            </Call>
-          </Arg>
-        </Call>
-      </New>
+      <Ref refid="BaseLoginService"/>
     </Arg>
   </Call>
 </Configure>

jetty-integrations/jetty-openid/src/main/java/org/eclipse/jetty/security/openid/OpenIdAuthenticator.java

@@ -687,7 +687,7 @@ protected String getChallengeUri(Request request)
             scopes.append(" ").append(s);
         }
 
-        return _openIdConfiguration.getAuthEndpoint() +
+        return _openIdConfiguration.getAuthorizationEndpoint() +
             "?client_id=" + UrlEncoded.encodeString(_openIdConfiguration.getClientId(), StandardCharsets.UTF_8) +
             "&redirect_uri=" + UrlEncoded.encodeString(getRedirectUri(request), StandardCharsets.UTF_8) +
             "&scope=openid" + UrlEncoded.encodeString(scopes.toString(), StandardCharsets.UTF_8) +