com.nimbusds.jwt.proc.ClockSkewAware
@Immutable public class SAML2AssertionDetailsVerifier extends Object implements com.nimbusds.jwt.proc.ClockSkewAware
Related specifications:
Modifier and Type | Field | Description |
---|---|---|
static int |
DEFAULT_MAX_CLOCK_SKEW_SECONDS |
The default maximum acceptable clock skew, in seconds (60).
|
Constructor | Description |
---|---|
SAML2AssertionDetailsVerifier(Set<Audience> expectedAudience) |
Creates a new SAML 2.0 bearer assertion details verifier.
|
Modifier and Type | Method | Description |
---|---|---|
Set<Audience> |
getExpectedAudience() |
Returns the expected audience values.
|
int |
getMaxClockSkew() |
|
void |
setMaxClockSkew(int maxClockSkewSeconds) |
|
void |
verify(SAML2AssertionDetails assertionDetails) |
Verifies the specified SAML 2.0 bearer assertion details.
|
public static final int DEFAULT_MAX_CLOCK_SKEW_SECONDS
public SAML2AssertionDetailsVerifier(Set<Audience> expectedAudience)
expectedAudience
- The expected audience values. Must not be
empty or null
. Should typically
contain the token endpoint URI and for
OpenID provider it may also include the
issuer URI.public Set<Audience> getExpectedAudience()
public int getMaxClockSkew()
getMaxClockSkew
in interface com.nimbusds.jwt.proc.ClockSkewAware
public void setMaxClockSkew(int maxClockSkewSeconds)
setMaxClockSkew
in interface com.nimbusds.jwt.proc.ClockSkewAware
public void verify(SAML2AssertionDetails assertionDetails) throws BadSAML2AssertionException
assertionDetails
- The SAML 2.0 bearer assertion details. Must
not be null
.BadSAML2AssertionException
- If verification didn't pass
successfully.Copyright © 2019 Connect2id Ltd.. All rights reserved.