Package com.nimbusds.openid.connect.provider.spi.clientauth

Interface CertificateVerification

public interface CertificateVerification

X.509 certificate verification for a private_key_jwt client authentication.

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static interface	CertificateVerification.Context	The X.509 certificate verification context.

Method Summary

Modifier and Type	Method	Description
void	verify(List<X509Certificate> x5c, CertificateVerification.Context ctx)	Called to verify the specified X.509 certificate for a private_key_jwt client authentication.

Method Details

verify

void verify(List<X509Certificate> x5c,
 CertificateVerification.Context ctx)
     throws com.nimbusds.oauth2.sdk.auth.verifier.InvalidClientException

Called to verify the specified X.509 certificate for a private_key_jwt client authentication.

Parameters:

x5c - The X.509 certificate, with optional chain. Not null or empty.

ctx - The certificate verification context. Not null.

Throws:

com.nimbusds.oauth2.sdk.auth.verifier.InvalidClientException - If the X.509 certificate is invalid. Throwing an ExposedInvalidClientException will override the default Connect2id server error_description and error_uri in the HTTP 401 Unauthorized error response.