From f3163c6c4e6c0fb0ddcb0b6a3bbc75f83c11a983 Mon Sep 17 00:00:00 2001 From: sergiishamrai-okta <71881713+sergiishamrai-okta@users.noreply.github.com> Date: Tue, 30 Mar 2021 20:00:58 +0300 Subject: [PATCH] Creating an OpenIDConnectApplication using private_key_jwt and JWKS (#568) New Method added OIdCApplicationBuilder.setJwks() --- MIGRATING.md | 8 +++ .../application/OIDCApplicationBuilder.java | 61 +++++++++++++++++++ .../application/OIdCApplicationBuilder.java | 61 ------------------- ...ava => DefaultOIDCApplicationBuilder.java} | 50 +++++++++------ ... DefaultOIDCApplicationBuilderTest.groovy} | 60 ++++++++++++++++-- ...tionIT.groovy => OIDCApplicationIT.groovy} | 46 +++++++++++++- .../AbstractOktaJavaClientCodegen.java | 5 ++ 7 files changed, 206 insertions(+), 85 deletions(-) create mode 100644 api/src/main/java/com/okta/sdk/resource/application/OIDCApplicationBuilder.java delete mode 100644 api/src/main/java/com/okta/sdk/resource/application/OIdCApplicationBuilder.java rename impl/src/main/java/com/okta/sdk/impl/resource/{DefaultOIdCApplicationBuilder.java => DefaultOIDCApplicationBuilder.java} (82%) rename impl/src/test/groovy/com/okta/sdk/impl/resource/{DefaultOIdcApplicationBuilderTest.groovy => DefaultOIDCApplicationBuilderTest.groovy} (77%) rename integration-tests/src/test/groovy/com/okta/sdk/tests/it/{OIdCApplicationIT.groovy => OIDCApplicationIT.groovy} (51%) diff --git a/MIGRATING.md b/MIGRATING.md index 6370765f980..521fcd37827 100644 --- a/MIGRATING.md +++ b/MIGRATING.md @@ -54,6 +54,14 @@ Below methods have been added. - `JsonWebKey setX5tS256(String x5tS256)` - `JsonWebKey setX5u(String x5u)` +### Package `com.okta.sdk.resource.application.OIDCApplicationBuilder` + +The interface has been renamed in the interest of naming consistency. +- From `OIdCApplicationBuilder` to `OIDCApplicationBuilder` + +Below method has been added. +- `OIDCApplicationBuilder setJwks(List jsonWebKeyList)` + ### Package `com.okta.sdk.resource.application.OpenIdConnectApplicationIdpInitiatedLogin` This is a newly created interface with methods listed below. diff --git a/api/src/main/java/com/okta/sdk/resource/application/OIDCApplicationBuilder.java b/api/src/main/java/com/okta/sdk/resource/application/OIDCApplicationBuilder.java new file mode 100644 index 00000000000..7c9b9d8ee88 --- /dev/null +++ b/api/src/main/java/com/okta/sdk/resource/application/OIDCApplicationBuilder.java @@ -0,0 +1,61 @@ +/* + * Copyright 2020-Present Okta, Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package com.okta.sdk.resource.application; + +import com.okta.commons.lang.Classes; + +import java.util.List; + +public interface OIDCApplicationBuilder extends ApplicationBuilder { + + static OIDCApplicationBuilder instance() { + return Classes.newInstance("com.okta.sdk.impl.resource.DefaultOIDCApplicationBuilder"); + } + + OIDCApplicationBuilder setApplicationType(OpenIdConnectApplicationType applicationType); + + OIDCApplicationBuilder setClientUri(String clientUri); + + OIDCApplicationBuilder setConsentMethod(OpenIdConnectApplicationConsentMethod consentMethod); + + OIDCApplicationBuilder setGrantTypes(List grantTypes); + + OIDCApplicationBuilder addGrantTypes(OAuthGrantType grantType); + + OIDCApplicationBuilder setLogoUri(String logoUri); + + OIDCApplicationBuilder setPolicyUri(String policyUri); + + OIDCApplicationBuilder setRedirectUris(List redirectUris); + + OIDCApplicationBuilder addRedirectUris(String redirectUri); + + OIDCApplicationBuilder setResponseTypes(List responseTypes); + + OIDCApplicationBuilder addResponseTypes(OAuthResponseType responseType); + + OIDCApplicationBuilder setTosUri(String tosUri); + + OIDCApplicationBuilder setClientId(String clientId); + + OIDCApplicationBuilder setClientSecret(String clientSecret); + + OIDCApplicationBuilder setAutoKeyRotation(Boolean autoKeyRotation); + + OIDCApplicationBuilder setTokenEndpointAuthMethod(OAuthEndpointAuthenticationMethod tokenEndpointAuthMethod); + + OIDCApplicationBuilder setJwks(List jsonWebKeyList); +} diff --git a/api/src/main/java/com/okta/sdk/resource/application/OIdCApplicationBuilder.java b/api/src/main/java/com/okta/sdk/resource/application/OIdCApplicationBuilder.java deleted file mode 100644 index e4dc8f8c5da..00000000000 --- a/api/src/main/java/com/okta/sdk/resource/application/OIdCApplicationBuilder.java +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright 2020-Present Okta, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.okta.sdk.resource.application; - -import com.okta.commons.lang.Classes; - -import java.util.List; - -public interface OIdCApplicationBuilder extends ApplicationBuilder { - - static OIdCApplicationBuilder instance() { - return Classes.newInstance("com.okta.sdk.impl.resource.DefaultOIdCApplicationBuilder"); - } - - OIdCApplicationBuilder setApplicationType(OpenIdConnectApplicationType applicationType); - - OIdCApplicationBuilder setClientUri(String clientUri); - - OIdCApplicationBuilder setConsentMethod(OpenIdConnectApplicationConsentMethod consentMethod); - - OIdCApplicationBuilder setGrantTypes(List grantTypes); - - OIdCApplicationBuilder addGrantTypes(OAuthGrantType grantType); - - OIdCApplicationBuilder setLogoUri(String logoUri); - - OIdCApplicationBuilder setPolicyUri(String policyUri); - - OIdCApplicationBuilder setRedirectUris(List redirectUris); - - OIdCApplicationBuilder addRedirectUris(String redirectUri); - - OIdCApplicationBuilder setResponseTypes(List responseTypes); - - OIdCApplicationBuilder addResponseTypes(OAuthResponseType responseType); - - OIdCApplicationBuilder setTosUri(String tosUri); - - OIdCApplicationBuilder setClientId(String clientId); - - OIdCApplicationBuilder setClientSecret(String clientSecret); - - OIdCApplicationBuilder setAutoKeyRotation(Boolean autoKeyRotation); - - OIdCApplicationBuilder setTokenEndpointAuthMethod(OAuthEndpointAuthenticationMethod tokenEndpointAuthMethod); - - -} diff --git a/impl/src/main/java/com/okta/sdk/impl/resource/DefaultOIdCApplicationBuilder.java b/impl/src/main/java/com/okta/sdk/impl/resource/DefaultOIDCApplicationBuilder.java similarity index 82% rename from impl/src/main/java/com/okta/sdk/impl/resource/DefaultOIdCApplicationBuilder.java rename to impl/src/main/java/com/okta/sdk/impl/resource/DefaultOIDCApplicationBuilder.java index 64c02a13bf7..43348829620 100644 --- a/impl/src/main/java/com/okta/sdk/impl/resource/DefaultOIdCApplicationBuilder.java +++ b/impl/src/main/java/com/okta/sdk/impl/resource/DefaultOIDCApplicationBuilder.java @@ -23,7 +23,7 @@ import java.util.List; import java.util.Objects; -public class DefaultOIdCApplicationBuilder extends DefaultApplicationBuilder implements OIdCApplicationBuilder { +public class DefaultOIDCApplicationBuilder extends DefaultApplicationBuilder implements OIDCApplicationBuilder { private OpenIdConnectApplicationType applicationType; private String clientUri; @@ -38,104 +38,111 @@ public class DefaultOIdCApplicationBuilder extends DefaultApplicationBuilder jsonWebKeyList = new ArrayList<>(); @Override - public OIdCApplicationBuilder setApplicationType(OpenIdConnectApplicationType applicationType) { + public OIDCApplicationBuilder setApplicationType(OpenIdConnectApplicationType applicationType) { this.applicationType = applicationType; return this; } @Override - public OIdCApplicationBuilder setClientUri(String clientUri) { + public OIDCApplicationBuilder setClientUri(String clientUri) { this.clientUri = clientUri; return this; } @Override - public OIdCApplicationBuilder setConsentMethod(OpenIdConnectApplicationConsentMethod consentMethod) { + public OIDCApplicationBuilder setConsentMethod(OpenIdConnectApplicationConsentMethod consentMethod) { this.consentMethod = consentMethod; return this; } @Override - public OIdCApplicationBuilder setGrantTypes(List grantTypes) { + public OIDCApplicationBuilder setGrantTypes(List grantTypes) { this.grantTypes = grantTypes; return this; } @Override - public OIdCApplicationBuilder addGrantTypes(OAuthGrantType grantType) { + public OIDCApplicationBuilder addGrantTypes(OAuthGrantType grantType) { this.grantTypes.add(grantType); return this; } @Override - public OIdCApplicationBuilder setLogoUri(String logoUri) { + public OIDCApplicationBuilder setLogoUri(String logoUri) { this.logoUri = logoUri; return this; } @Override - public OIdCApplicationBuilder setPolicyUri(String policyUri) { + public OIDCApplicationBuilder setPolicyUri(String policyUri) { this.policyUri = policyUri; return this; } @Override - public OIdCApplicationBuilder setRedirectUris(List redirectUris) { + public OIDCApplicationBuilder setRedirectUris(List redirectUris) { this.redirectUris = redirectUris; return this; } @Override - public OIdCApplicationBuilder addRedirectUris(String redirectUri) { + public OIDCApplicationBuilder addRedirectUris(String redirectUri) { this.redirectUris.add(redirectUri); return this; } @Override - public OIdCApplicationBuilder setResponseTypes(List responseTypes) { + public OIDCApplicationBuilder setResponseTypes(List responseTypes) { this.responseTypes = responseTypes; return this; } @Override - public OIdCApplicationBuilder addResponseTypes(OAuthResponseType responseType) { + public OIDCApplicationBuilder addResponseTypes(OAuthResponseType responseType) { this.responseTypes.add(responseType); return this; } @Override - public OIdCApplicationBuilder setTosUri(String tosUri) { + public OIDCApplicationBuilder setTosUri(String tosUri) { this.tosUri = tosUri; return this; } @Override - public OIdCApplicationBuilder setClientId(String clientId) { + public OIDCApplicationBuilder setClientId(String clientId) { this.clientId = clientId; return this; } @Override - public OIdCApplicationBuilder setClientSecret(String clientSecret) { + public OIDCApplicationBuilder setClientSecret(String clientSecret) { this.clientSecret = clientSecret; return this; } @Override - public OIdCApplicationBuilder setAutoKeyRotation(Boolean autoKeyRotation) { + public OIDCApplicationBuilder setAutoKeyRotation(Boolean autoKeyRotation) { this.autoKeyRotation = autoKeyRotation; return this; } @Override - public OIdCApplicationBuilder setTokenEndpointAuthMethod(OAuthEndpointAuthenticationMethod tokenEndpointAuthMethod) { + public OIDCApplicationBuilder setTokenEndpointAuthMethod(OAuthEndpointAuthenticationMethod tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; return this; } + @Override + public OIDCApplicationBuilder setJwks(List jsonWebKeyList) { + this.jsonWebKeyList = jsonWebKeyList; + return this; + } + @Override public OpenIdConnectApplication buildAndCreate(Client client){ return (OpenIdConnectApplication) client.createApplication(build(client)); } @@ -210,6 +217,15 @@ private Application build(Client client){ else throw new IllegalArgumentException("Application Type cannot be null, value should be of type OpenIdConnectApplicationType"); + if(jsonWebKeyList.size() > 0) { + openIdConnectApplicationSettings + .getOAuthClient() + .setJwks( + client.instantiate(OpenIdConnectApplicationSettingsClientKeys.class) + .setKeys(this.jsonWebKeyList) + ); + } + // Credentials application.setCredentials(client.instantiate(OAuthApplicationCredentials.class)); OAuthApplicationCredentials oAuthApplicationCredentials = application.getCredentials(); diff --git a/impl/src/test/groovy/com/okta/sdk/impl/resource/DefaultOIdcApplicationBuilderTest.groovy b/impl/src/test/groovy/com/okta/sdk/impl/resource/DefaultOIDCApplicationBuilderTest.groovy similarity index 77% rename from impl/src/test/groovy/com/okta/sdk/impl/resource/DefaultOIdcApplicationBuilderTest.groovy rename to impl/src/test/groovy/com/okta/sdk/impl/resource/DefaultOIDCApplicationBuilderTest.groovy index 09e41448222..eb55fa89063 100644 --- a/impl/src/test/groovy/com/okta/sdk/impl/resource/DefaultOIdcApplicationBuilderTest.groovy +++ b/impl/src/test/groovy/com/okta/sdk/impl/resource/DefaultOIDCApplicationBuilderTest.groovy @@ -23,7 +23,7 @@ import static com.okta.sdk.impl.Util.expect import static org.mockito.ArgumentMatchers.eq import static org.mockito.Mockito.* -class DefaultOIdcApplicationBuilderTest { +class DefaultOIDCApplicationBuilderTest { @Test void basicUsage() { @@ -49,7 +49,7 @@ class DefaultOIdcApplicationBuilderTest { when(application.getSettings()).thenReturn(openIdConnectApplicationSettings) when(application.getCredentials())thenReturn(oAuthApplicationCredentials) - new DefaultOIdCApplicationBuilder() + new DefaultOIDCApplicationBuilder() .setName("oidc_client") .setLabel("test_app") .addRedirectUris("http://www.google.com") @@ -102,7 +102,7 @@ class DefaultOIdcApplicationBuilderTest { when(application.getCredentials())thenReturn(oAuthApplicationCredentials) expect IllegalArgumentException, { - new DefaultOIdCApplicationBuilder() + new DefaultOIDCApplicationBuilder() .setName("oidc_client") .setLabel("test_app") .addRedirectUris("http://www.google.com") @@ -147,7 +147,7 @@ class DefaultOIdcApplicationBuilderTest { when(application.getCredentials())thenReturn(oAuthApplicationCredentials) expect IllegalArgumentException, { - new DefaultOIdCApplicationBuilder() + new DefaultOIDCApplicationBuilder() .setName("oidc_client") .setLabel("test_app") .addRedirectUris("http://www.google.com") @@ -192,7 +192,7 @@ class DefaultOIdcApplicationBuilderTest { when(application.getCredentials())thenReturn(oAuthApplicationCredentials) expect IllegalArgumentException, { - new DefaultOIdCApplicationBuilder() + new DefaultOIDCApplicationBuilder() .setName("oidc_client") .setLabel("test_app") .addRedirectUris("http://www.google.com") @@ -211,4 +211,54 @@ class DefaultOIdcApplicationBuilderTest { } } + + @Test + void createOIDCApplicationWithPrivateKeyJwtTest(){ + + def client = mock(Client) + def application = mock(OpenIdConnectApplication) + def applicationVisibilityHide = mock(ApplicationVisibilityHide) + def openIdConnectApplicationSettingsClient = mock(OpenIdConnectApplicationSettingsClient) + def applicationCredentialsOAuthClient = mock(ApplicationCredentialsOAuthClient) + def openIdConnectApplicationSettings = mock(OpenIdConnectApplicationSettings) + def clientKeys = mock(OpenIdConnectApplicationSettingsClientKeys) + def oAuthApplicationCredentials = mock(OAuthApplicationCredentials) + def jsonWebKey = mock(JsonWebKey) + + jsonWebKey.setKid("kid_value") + jsonWebKey.setKty("kty_value") + jsonWebKey.setE("e_value") + jsonWebKey.setN("n_value") + + when(client.instantiate(OpenIdConnectApplication.class)).thenReturn(application); + when(client.instantiate(ApplicationVisibilityHide.class)).thenReturn(applicationVisibilityHide) + when(client.instantiate(OpenIdConnectApplicationSettingsClient.class))thenReturn(openIdConnectApplicationSettingsClient) + when(client.instantiate(ApplicationCredentialsOAuthClient.class))thenReturn(applicationCredentialsOAuthClient) + when(application.getSettings()).thenReturn(openIdConnectApplicationSettings) + when(application.getSettings().getOAuthClient()).thenReturn(openIdConnectApplicationSettingsClient) + when(client.instantiate(OpenIdConnectApplicationSettingsClientKeys.class)).thenReturn(clientKeys) + when(application.getCredentials())thenReturn(oAuthApplicationCredentials) + + new DefaultOIDCApplicationBuilder() + .setName("oidc_client") + .setLabel("test_app") + .setSignOnMode(ApplicationSignOnMode.OPENID_CONNECT) + .setTokenEndpointAuthMethod(OAuthEndpointAuthenticationMethod.PRIVATE_KEY_JWT) + .addRedirectUris("http://www.example.com") + .setResponseTypes(Arrays.asList(OAuthResponseType.TOKEN, OAuthResponseType.CODE)) + .setGrantTypes(Arrays.asList(OAuthGrantType.IMPLICIT, OAuthGrantType.AUTHORIZATION_CODE)) + .setApplicationType(OpenIdConnectApplicationType.NATIVE) + .setJwks(Arrays.asList(jsonWebKey)) + .buildAndCreate(client) + + verify(client).createApplication(eq(application)) + verify(application).setLabel("test_app") + verify(application).setSignOnMode(ApplicationSignOnMode.OPENID_CONNECT) + verify(applicationCredentialsOAuthClient).setTokenEndpointAuthMethod(OAuthEndpointAuthenticationMethod.PRIVATE_KEY_JWT) + verify(openIdConnectApplicationSettingsClient).setRedirectUris(Arrays.asList("http://www.example.com")) + verify(openIdConnectApplicationSettingsClient).setResponseTypes(Arrays.asList(OAuthResponseType.TOKEN, OAuthResponseType.CODE)) + verify(openIdConnectApplicationSettingsClient).setGrantTypes(Arrays.asList(OAuthGrantType.IMPLICIT, OAuthGrantType.AUTHORIZATION_CODE)) + verify(openIdConnectApplicationSettingsClient).setApplicationType(OpenIdConnectApplicationType.NATIVE) + verify(clientKeys).setKeys(Arrays.asList(jsonWebKey)) + } } diff --git a/integration-tests/src/test/groovy/com/okta/sdk/tests/it/OIdCApplicationIT.groovy b/integration-tests/src/test/groovy/com/okta/sdk/tests/it/OIDCApplicationIT.groovy similarity index 51% rename from integration-tests/src/test/groovy/com/okta/sdk/tests/it/OIdCApplicationIT.groovy rename to integration-tests/src/test/groovy/com/okta/sdk/tests/it/OIDCApplicationIT.groovy index 660623326f6..d5a393341ce 100644 --- a/integration-tests/src/test/groovy/com/okta/sdk/tests/it/OIdCApplicationIT.groovy +++ b/integration-tests/src/test/groovy/com/okta/sdk/tests/it/OIDCApplicationIT.groovy @@ -18,18 +18,22 @@ package com.okta.sdk.tests.it import com.okta.sdk.client.Client import com.okta.sdk.resource.application.* import com.okta.sdk.tests.it.util.ITSupport +import org.testng.annotations.Test import static org.hamcrest.MatcherAssert.assertThat +import static org.hamcrest.Matchers.equalTo +import static org.hamcrest.Matchers.hasSize +import static org.hamcrest.Matchers.instanceOf import static org.hamcrest.Matchers.is import static org.hamcrest.Matchers.matchesPattern -class OIdCApplicationIT extends ITSupport implements CrudTestSupport { +class OIDCApplicationIT extends ITSupport implements CrudTestSupport { @Override def create(Client client) { String name = "java-sdk-it-" + UUID.randomUUID().toString() - Application app = OIdCApplicationBuilder.instance() + Application app = OIDCApplicationBuilder.instance() .setName(name) .setLabel(name) .addRedirectUris("http://www.example.com") @@ -50,6 +54,44 @@ class OIdCApplicationIT extends ITSupport implements CrudTestSupport { return (OpenIdConnectApplication) app } + @Test + void createOIDCApplicationWithPrivateKeyJwtTest() { + + String name = "java-sdk-it-" + UUID.randomUUID().toString() + + def createdKey = client.instantiate(JsonWebKey) + .setKty("RSA") + .setKid("SIGNING_KEY") + .setE("AQAB") + .setN("MIIBIzANBgkqhkiG9w0BAQEFAAOCARAAMIIBCwKCAQIAnFo/4e91na8x/BsPkNS5QkwankewxJ1uZU6p827W/gkRcNHtNi/cE644W5OVdB4UaXV6koT+TsC1prhUEhRR3g5ggE0B/lwYqBaLq/Ejy19Crc4XYU3Aah67Y6HiHWcHGZ+BbpebtTixJv/UYW/Gw+k8M+zj4O001mOeBPpwlEiZZLIo33m/Xkfn28jaCFqTQBJHr67IQh4zEUFs4e5D5D6UE8ee93yeSUJyhbifeIgYh3tS/+ZW4Uo1KLIc0rcLRrnEMsS3aOQbrv/SEKij+Syx4KXI0Gi2xMdXctnFOVT6NM6/EkLxFp2POEdv9SNBtTvXcxIGRwK51W4Jdgh/xZcCAwEAAQ==") + + Application app = OIDCApplicationBuilder.instance() + .setName(name) + .setLabel(name) + .setSignOnMode(ApplicationSignOnMode.OPENID_CONNECT) + .setTokenEndpointAuthMethod(OAuthEndpointAuthenticationMethod.PRIVATE_KEY_JWT) + .addRedirectUris("http://www.example.com") + .setResponseTypes(Arrays.asList(OAuthResponseType.TOKEN, OAuthResponseType.CODE)) + .setGrantTypes(Arrays.asList(OAuthGrantType.IMPLICIT, OAuthGrantType.AUTHORIZATION_CODE)) + .setApplicationType(OpenIdConnectApplicationType.NATIVE) + .setJwks(Arrays.asList(createdKey)) + .buildAndCreate(client) + registerForCleanup(app) + + assertThat(app, instanceOf(OpenIdConnectApplication)) + assertThat(app.getSettings().getOAuthClient().getJwks() , instanceOf(OpenIdConnectApplicationSettingsClientKeys)) + + OpenIdConnectApplicationSettingsClientKeys keys = app.getSettings().getOAuthClient().getJwks() + assertThat(keys.getKeys(), hasSize(1)) + assertThat(keys.getKeys().get(0), instanceOf(JsonWebKey)) + + JsonWebKey receivedKey = keys.getKeys().get(0) + assertThat(receivedKey.getKty(), equalTo(createdKey.getKty())) + assertThat(receivedKey.getKid(), equalTo(createdKey.getKid())) + assertThat(receivedKey.getE(), equalTo(createdKey.getE())) + assertThat(receivedKey.getN(), equalTo(createdKey.getN())) + } + @Override def read(Client client, String id) { return client.getApplication(id) diff --git a/swagger-templates/src/main/java/com/okta/swagger/codegen/AbstractOktaJavaClientCodegen.java b/swagger-templates/src/main/java/com/okta/swagger/codegen/AbstractOktaJavaClientCodegen.java index 054362eb47c..d8e785984fb 100644 --- a/swagger-templates/src/main/java/com/okta/swagger/codegen/AbstractOktaJavaClientCodegen.java +++ b/swagger-templates/src/main/java/com/okta/swagger/codegen/AbstractOktaJavaClientCodegen.java @@ -776,6 +776,11 @@ public void postProcessModelProperty(CodegenModel model, CodegenProperty propert super.postProcessModelProperty(model, property); if(!BooleanUtils.toBoolean(model.isEnum)) { + //Do not use JsonWebKeyList because it's based on Map but API require a simple List + if(model.name.equals("OpenIdConnectApplicationSettingsClientKeys")) { + property.datatypeWithEnum = property.baseType + "<" + property.complexType + ">"; + } + String datatype = property.datatype; if (datatype != null && datatype.matches(".+List$")