Reference Implementation of Financial-grade API 1.0(FAPI 1.0) Client Application and Resource Server following Financial-grade API Security Profile 1.0 - Part 2: Advanced
Hitachi has certified that Reference Implementation of FAPI 1.0 Client Application conforms to the following profiles of the OpenID Connect™ protocol
- FAPI Adv. RP w/ MTLS
- FAPI Adv. RP w/ Private Key
- TLS
- JSON Web Key (RFC7517)
- Support Obtaining Authorization Server Metadata (Chapter 3 of RFC8414)
- Hybrid Flow (Section 3.3 of OpenID Connect Core 1.0 incorporating errata set 1)
- OAuth 2.0 Form Post Response Mode
- Proof Key for Code Exchange by OAuth Public Clients (RFC7636)
- Support Passing a Request Object by Value (Section 6.1 of OpenID Connect Core 1.0 incorporating errata set 1)
- Support signature algorithm
- PS256
- ES256
- Support key encryption algorithm
- RSA-OAEP
- RSA-OAEP-256
- ID Token as Detached Signature
- Client Authentication
- private_key_jwt (Chapter 9 of OpenID Connect Core 1.0 incorporating errata set 1)
- tls_client_auth (Section 2.1 of RFC8705)
- OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens (RFC8705)
- Refresh Request (Chapter 12 of of OpenID Connect Core 1.0 incorporating errata set 1)
- OAuth 2.0 Token Revocation (RFC7009)
- TLS
- Client Authentication
- tls_client_auth (Section 2.1 of RFC8705)
- OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens (RFC8705)
- Token Introspection (RFC7662)
- Java 11
- Apache Maven 3.6
-
client
$ cd client $ mvn spring-boot:run -
resource server
$ cd server $ mvn spring-boot:run
- This code is provided "as is" without warranty of any kind.
- We don't take responsibility for any damage by using this sample source code.