001package com.nimbusds.openid.connect.sdk.util; 002 003 004import java.text.ParseException; 005 006import com.nimbusds.jose.JOSEException; 007import com.nimbusds.jwt.JWT; 008import com.nimbusds.jwt.ReadOnlyJWTClaimsSet; 009 010 011/** 012 * Decoder of JSON Web Tokens (JWTs). Handles plain JWTs as well as JWTs 013 * secured by means of JSON Web Signature (JWS) and / or JSON Web Encryption 014 * (JWE). If the object is secured performs the necessary JWS validation and / 015 * or JWE decryption. 016 */ 017public interface JWTDecoder { 018 019 020 /** 021 * Decodes a JWT object, then applies JWS signature validation and / or 022 * JWE decryption if the token is secured. 023 * 024 * @param jwt The JWT to decode. Must not be {@code null}. 025 * 026 * @return The JWT claims set. 027 * 028 * @throws JOSEException If decoding, JWS validation and / or JWE 029 * decryption of the JWT failed. 030 * @throws ParseException If parsing of the JWT claims set failed. 031 */ 032 public ReadOnlyJWTClaimsSet decodeJWT(final JWT jwt) 033 throws JOSEException, ParseException; 034}