@ThreadSafe public abstract class BaseSelfContainedAccessTokenClaimsCodec extends Object implements SelfContainedAccessTokenClaimsCodec
Provides encoding and decoding for all token parameters for which there is an appropriate standard JWT claim (see JSON Web Token (JWT) (RFC 7519), section 4.1, OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens (RFC 8705), section 3.1):
subject
- "sub"
actor
- "act"
expiration time
- "exp"
issue time
- "iat"
issuer
- "iss"
audience
- "aud"
JWT ID
- "jti"
client X.509 certificate SHA-256 thumbprint (mTLS)
- "cnf.x5t#S256"
The extending class should implement encoding and decoding for the remaining token parameters:
Modifier and Type | Field and Description |
---|---|
static Set<String> |
SUPPORTED_CLAIM_NAMES
The supported claim names.
|
Constructor and Description |
---|
BaseSelfContainedAccessTokenClaimsCodec() |
Modifier and Type | Method and Description |
---|---|
AccessTokenAuthorization |
advancedDecode(JWTDetails jwtDetails,
TokenCodecContext context)
Decodes the specified JWT details into an access token
authorisation.
|
JWTDetails |
advancedEncode(AccessTokenAuthorization tokenAuthz,
TokenEncoderContext context)
Encodes the specified access token authorisation into a JWT.
|
AccessTokenAuthorization |
decode(com.nimbusds.jwt.JWTClaimsSet claimsSet,
TokenCodecContext context)
Decodes the specified JWT claims set into an access token
authorisation.
|
com.nimbusds.jwt.JWTClaimsSet |
encode(AccessTokenAuthorization tokenAuthz,
TokenEncoderContext context)
Encodes the specified access token authorisation into a JWT claims
set.
|
public static final Set<String> SUPPORTED_CLAIM_NAMES
public BaseSelfContainedAccessTokenClaimsCodec()
public com.nimbusds.jwt.JWTClaimsSet encode(AccessTokenAuthorization tokenAuthz, TokenEncoderContext context)
SelfContainedAccessTokenClaimsCodec
encode
in interface SelfContainedAccessTokenClaimsCodec
tokenAuthz
- The access token authorisation. Not null
.context
- The token encoder context. Not null
.public JWTDetails advancedEncode(AccessTokenAuthorization tokenAuthz, TokenEncoderContext context)
SelfContainedAccessTokenClaimsCodec
advancedEncode
in interface SelfContainedAccessTokenClaimsCodec
tokenAuthz
- The access token authorisation. Not null
.context
- The token encoder context. Not null
.public AccessTokenAuthorization decode(com.nimbusds.jwt.JWTClaimsSet claimsSet, TokenCodecContext context) throws TokenDecodeException
SelfContainedAccessTokenClaimsCodec
decode
in interface SelfContainedAccessTokenClaimsCodec
claimsSet
- The JWT claims set. Not null
.context
- The token codec context. Not null
.TokenDecodeException
- If decoding failed.public AccessTokenAuthorization advancedDecode(JWTDetails jwtDetails, TokenCodecContext context) throws TokenDecodeException
SelfContainedAccessTokenClaimsCodec
advancedDecode
in interface SelfContainedAccessTokenClaimsCodec
jwtDetails
- The JWT claims set and other details. Not
null
.context
- The token codec context. Not null
.TokenDecodeException
- If decoding failed.Copyright © 2021 Connect2id Ltd.. All rights reserved.