001/* 002 * oauth2-oidc-sdk 003 * 004 * Copyright 2012-2023, Connect2id Ltd and contributors. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.oauth2.sdk.auth.verifier; 019 020import com.nimbusds.oauth2.sdk.auth.ClientAuthenticationMethod; 021import com.nimbusds.oauth2.sdk.id.ClientID; 022import com.nimbusds.oauth2.sdk.id.JWTID; 023 024import java.util.Date; 025 026 027/** 028 * Expended client authentication JWT ID {@code jti} claim checker. 029 */ 030public interface ExpendedJTIChecker<T> { 031 032 033 /** 034 * Checks if the specified JWT ID (@code jti) is expended. 035 * 036 * @param jti The JWT ID. Must not be {@code null}. 037 * @param clientID The client ID. Must not be {@code null}. 038 * @param method The client authentication method. Must not be 039 * {@code null}. 040 * @param context Additional context to be passed to the client 041 * credentials selector. May be {@code null}. 042 * 043 * @return {@code true} if the JWT ID is expended, {@code false} if 044 * not. 045 */ 046 boolean isExpended(final JWTID jti, 047 final ClientID clientID, 048 final ClientAuthenticationMethod method, 049 final Context<T> context); 050 051 052 /** 053 * Marks the specified JWT ID (@code jti) as expended. 054 * 055 * @param jti The JWT ID. Must not be {@code null}. 056 * @param exp The JWT expiration time. Must not be {@code null}. 057 * @param clientID The client ID. Must not be {@code null}. 058 * @param method The client authentication method. Must not be 059 * {@code null}. 060 * @param context Additional context to be passed to the client 061 * credentials selector. May be {@code null}. 062 */ 063 void markExpended(final JWTID jti, 064 final Date exp, 065 final ClientID clientID, 066 final ClientAuthenticationMethod method, 067 final Context<T> context); 068}