public interface TokenCertificateValidator

TokenCertificateValidator can be used to verify X509 certificate chain that is inlined in the JWT token as a 'x5c' header value. Use TenantFeature qualifier to bind this validator to specific OIDC tenants.

Method Summary

Modifier and Type

Method

Description

void

validate(OidcTenantConfig oidcConfig, List<X509Certificate> chain, String tokenClaims)

Validate X509 certificate chain

Method Details
- validate
  
  void validate(OidcTenantConfig oidcConfig, List<X509Certificate> chain, String tokenClaims) throws CertificateException
  
  Validate X509 certificate chain
  
  Parameters:
  
  oidcConfig - current OIDC tenant configuration.
  
  chain - the certificate chain. The first element in the list is a leaf certificate, the last element - the root certificate.
  
  tokenClaims - the decoded JWT token claims in JSON format. If necessary, implementations can convert it to JSON object.
  
  Throws:
  
  CertificateException

Interface TokenCertificateValidator

Method Summary

Method Details

validate