com.nimbusds.jwt.proc.ClockSkewAware
IDTokenValidator
, JARMValidator
, LogoutTokenValidator
public abstract class AbstractJWTValidator extends Object implements com.nimbusds.jwt.proc.ClockSkewAware
Modifier and Type | Field | Description |
---|---|---|
static int |
DEFAULT_MAX_CLOCK_SKEW |
The default maximum acceptable clock skew for verifying token
timestamps, in seconds.
|
Constructor | Description |
---|---|
AbstractJWTValidator(Issuer expectedIssuer,
ClientID clientID,
com.nimbusds.jose.proc.JWSKeySelector jwsKeySelector,
com.nimbusds.jose.proc.JWEKeySelector jweKeySelector) |
Creates a new abstract JWT validator.
|
Modifier and Type | Method | Description |
---|---|---|
ClientID |
getClientID() |
Returns the client ID (the expected JWT audience).
|
Issuer |
getExpectedIssuer() |
Returns the expected token issuer.
|
com.nimbusds.jose.proc.JWEKeySelector |
getJWEKeySelector() |
Returns the configured JWE key selector for encrypted token
decryption.
|
com.nimbusds.jose.proc.JWSKeySelector |
getJWSKeySelector() |
Returns the configured JWS key selector for signed token
verification.
|
int |
getMaxClockSkew() |
Gets the maximum acceptable clock skew for verifying the token
timestamps.
|
void |
setMaxClockSkew(int maxClockSkew) |
Sets the maximum acceptable clock skew for verifying the token
timestamps.
|
public static final int DEFAULT_MAX_CLOCK_SKEW
public AbstractJWTValidator(Issuer expectedIssuer, ClientID clientID, com.nimbusds.jose.proc.JWSKeySelector jwsKeySelector, com.nimbusds.jose.proc.JWEKeySelector jweKeySelector)
expectedIssuer
- The expected token issuer (OpenID Provider).
Must not be null
.clientID
- The client ID. Must not be null
.jwsKeySelector
- The key selector for JWS verification,
null
if unsecured (plain) tokens are
expected.jweKeySelector
- The key selector for JWE decryption,
null
if encrypted tokens are not
expected.public Issuer getExpectedIssuer()
public ClientID getClientID()
public com.nimbusds.jose.proc.JWSKeySelector getJWSKeySelector()
null
if none.public com.nimbusds.jose.proc.JWEKeySelector getJWEKeySelector()
null
.public int getMaxClockSkew()
getMaxClockSkew
in interface com.nimbusds.jwt.proc.ClockSkewAware
public void setMaxClockSkew(int maxClockSkew)
setMaxClockSkew
in interface com.nimbusds.jwt.proc.ClockSkewAware
maxClockSkew
- The maximum acceptable clock skew, in seconds.
Zero indicates none. Must not be negative.Copyright © 2019 Connect2id Ltd.. All rights reserved.