Package org.keycloak.adapters.rotation
Class AdapterTokenVerifier
java.lang.Object
org.keycloak.adapters.rotation.AdapterTokenVerifier
- Author:
- Marek Posolda
-
Nested Class Summary
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionstatic <T extends JsonWebToken>
TokenVerifier<T>createVerifier
(String tokenString, KeycloakDeployment deployment, boolean withDefaultChecks, Class<T> tokenClass) Creates verifier, initializes it from the KeycloakDeployment and adds the publicKey and some default basic checks (activeness and tokenType).static AccessToken
verifyToken
(String tokenString, KeycloakDeployment deployment) Verifies bearer token.verifyTokens
(String accessTokenString, String idTokenString, KeycloakDeployment deployment) Verify access token and ID token.
-
Constructor Details
-
AdapterTokenVerifier
public AdapterTokenVerifier()
-
-
Method Details
-
verifyToken
public static AccessToken verifyToken(String tokenString, KeycloakDeployment deployment) throws org.keycloak.common.VerificationException Verifies bearer token. Typically called when bearer token (access token) is sent to the service, which wants to verify it. Hence it also checks the audience in the token.- Parameters:
tokenString
-deployment
-- Returns:
- Throws:
org.keycloak.common.VerificationException
-
verifyTokens
public static AdapterTokenVerifier.VerifiedTokens verifyTokens(String accessTokenString, String idTokenString, KeycloakDeployment deployment) throws org.keycloak.common.VerificationException Verify access token and ID token. Typically called after successful tokenResponse is received from Keycloak- Parameters:
accessTokenString
-idTokenString
-deployment
-- Returns:
- verified and parsed accessToken and idToken
- Throws:
org.keycloak.common.VerificationException
-
createVerifier
public static <T extends JsonWebToken> TokenVerifier<T> createVerifier(String tokenString, KeycloakDeployment deployment, boolean withDefaultChecks, Class<T> tokenClass) throws org.keycloak.common.VerificationException Creates verifier, initializes it from the KeycloakDeployment and adds the publicKey and some default basic checks (activeness and tokenType). Useful if caller wants to add/remove/update some checks- Type Parameters:
T
-- Parameters:
tokenString
-deployment
-withDefaultChecks
-tokenClass
-- Returns:
- tokenVerifier
- Throws:
org.keycloak.common.VerificationException
-