Source code

001/*
002 * oauth2-oidc-sdk
003 *
004 * Copyright 2012-2023, Connect2id Ltd and contributors.
005 *
006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use
007 * this file except in compliance with the License. You may obtain a copy of the
008 * License at
009 *
010 *    http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software distributed
013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the
015 * specific language governing permissions and limitations under the License.
016 */
017
018package com.nimbusds.oauth2.sdk.auth.verifier;
019
020import com.nimbusds.oauth2.sdk.auth.ClientAuthenticationMethod;
021import com.nimbusds.oauth2.sdk.id.ClientID;
022import com.nimbusds.oauth2.sdk.id.JWTID;
023
024import java.util.Date;
025
026
027/**
028 * Expended client authentication JWT ID {@code jti} claim checker.
029 */
030public interface ExpendedJTIChecker<T> {
031
032
033        /**
034         * Checks if the specified JWT ID (@code jti) is expended.
035         *
036         * @param jti      The JWT ID. Must not be {@code null}.
037         * @param clientID The client ID. Must not be {@code null}.
038         * @param method   The client authentication method. Must not be
039         *                 {@code null}.
040         * @param context  Additional context to be passed to the client
041         *                 credentials selector. May be {@code null}.
042         *
043         * @return {@code true} if the JWT ID is expended, {@code false} if
044         *         not.
045         */
046        boolean isExpended(final JWTID jti,
047                           final ClientID clientID,
048                           final ClientAuthenticationMethod method,
049                           final Context<T> context);
050
051
052        /**
053         * Marks the specified JWT ID (@code jti) as expended.
054         *
055         * @param jti      The JWT ID. Must not be {@code null}.
056         * @param exp      The JWT expiration time. Must not be {@code null}.
057         * @param clientID The client ID. Must not be {@code null}.
058         * @param method   The client authentication method. Must not be
059         *                 {@code null}.
060         * @param context  Additional context to be passed to the client
061         *                 credentials selector. May be {@code null}.
062         */
063        void markExpended(final JWTID jti,
064                          final Date exp,
065                          final ClientID clientID,
066                          final ClientAuthenticationMethod method,
067                          final Context<T> context);
068}