Package io.quarkus.oidc
Interface TokenCertificateValidator
public interface TokenCertificateValidator
TokenCertificateValidator can be used to verify X509 certificate chain
that is inlined in the JWT token as a 'x5c' header value.
Use
TenantFeature
qualifier to bind this validator to specific OIDC tenants.-
Method Summary
Modifier and TypeMethodDescriptionvoid
validate
(OidcTenantConfig oidcConfig, List<X509Certificate> chain, String tokenClaims) Validate X509 certificate chain
-
Method Details
-
validate
void validate(OidcTenantConfig oidcConfig, List<X509Certificate> chain, String tokenClaims) throws CertificateException Validate X509 certificate chain- Parameters:
oidcConfig
- current OIDC tenant configuration.chain
- the certificate chain. The first element in the list is a leaf certificate, the last element - the root certificate.tokenClaims
- the decoded JWT token claims in JSON format. If necessary, implementations can convert it to JSON object.- Throws:
CertificateException
-