com.nimbusds.jwt.proc.ClockSkewAware
, com.nimbusds.jwt.proc.JWTClaimsSetVerifier
@ThreadSafe public class IDTokenClaimsVerifier extends Object implements com.nimbusds.jwt.proc.JWTClaimsSetVerifier, com.nimbusds.jwt.proc.ClockSkewAware
Related specifications:
Constructor | Description |
---|---|
IDTokenClaimsVerifier(Issuer issuer,
ClientID clientID,
Nonce nonce,
int maxClockSkew) |
Creates a new ID token claims verifier.
|
Modifier and Type | Method | Description |
---|---|---|
ClientID |
getClientID() |
Returns the client ID for verifying the ID token audience.
|
Issuer |
getExpectedIssuer() |
Returns the expected ID token issuer.
|
Nonce |
getExpectedNonce() |
Returns the expected nonce.
|
int |
getMaxClockSkew() |
|
void |
setMaxClockSkew(int maxClockSkew) |
|
void |
verify(com.nimbusds.jwt.JWTClaimsSet claimsSet,
com.nimbusds.jose.proc.SecurityContext ctx) |
public IDTokenClaimsVerifier(Issuer issuer, ClientID clientID, Nonce nonce, int maxClockSkew)
issuer
- The expected ID token issuer. Must not be
null
.clientID
- The client ID. Must not be null
.nonce
- The nonce, required in the implicit flow or for
ID tokens returned by the authorisation endpoint
int the hybrid flow. null
if not
required or specified.maxClockSkew
- The maximum acceptable clock skew (absolute
value), in seconds. Must be zero (no clock skew)
or positive integer.public Issuer getExpectedIssuer()
public ClientID getClientID()
public Nonce getExpectedNonce()
null
if not required or specified.public int getMaxClockSkew()
getMaxClockSkew
in interface com.nimbusds.jwt.proc.ClockSkewAware
public void setMaxClockSkew(int maxClockSkew)
setMaxClockSkew
in interface com.nimbusds.jwt.proc.ClockSkewAware
public void verify(com.nimbusds.jwt.JWTClaimsSet claimsSet, com.nimbusds.jose.proc.SecurityContext ctx) throws com.nimbusds.jwt.proc.BadJWTException
verify
in interface com.nimbusds.jwt.proc.JWTClaimsSetVerifier
com.nimbusds.jwt.proc.BadJWTException
Copyright © 2019 Connect2id Ltd.. All rights reserved.