@ThreadSafe public interface PARValidator
The validateRequest(com.nimbusds.oauth2.sdk.AuthorizationRequest, com.nimbusds.openid.connect.provider.spi.par.ValidatorContext)
method will be called after the Connect2id
server has performed standard validation of the OAuth 2.0 authorisation /
OpenID authentication request, such as such as checking the
client_id
and ensuring the client is authorised the use the OAuth
2.0 grant. JWT-secured authorisation requests (JAR) will be unwrapped /
resolved before that.
The validate(com.nimbusds.oauth2.sdk.AuthorizationRequest, com.nimbusds.openid.connect.provider.spi.par.ValidatorContext)
method can reject the request by throwing an
InvalidPARException
with an appropriate HTTP status code and
error code. The exception message will be logged and not output to the
client.
Example:
throw new InvalidPARException("Scope not accepted scope", // will be logged OAuth2Error.INVALID_SCOPE .setHTTPStatusCode(400) .setDescription("Scope not accepted: some_scope"));The resulting HTTP response:
HTTP/1.1 400 Bad Request Content-Type: application/json;charset=UTF-8 Cache-Control: no-store Pragma: no-cache { "error" : "invalid_scope", "error_description" : "Scope not accepted: some_scope" }
Implementations must be thread-safe.
Modifier and Type | Method and Description |
---|---|
default void |
validate(com.nimbusds.oauth2.sdk.AuthorizationRequest authzRequest,
ValidatorContext validatorCtx)
Deprecated.
|
default void |
validateRequest(com.nimbusds.oauth2.sdk.AuthorizationRequest authzRequest,
ValidatorContext validatorCtx)
Validates the specified OAuth 2.0 authorisation / OpenID
authentication request.
|
@Deprecated default void validate(com.nimbusds.oauth2.sdk.AuthorizationRequest authzRequest, ValidatorContext validatorCtx) throws com.nimbusds.oauth2.sdk.GeneralException
Deprecated in v4.28, use validateRequest(com.nimbusds.oauth2.sdk.AuthorizationRequest, com.nimbusds.openid.connect.provider.spi.par.ValidatorContext)
instead.
authzRequest
- The request to perform additional validation on.
Not null
.validatorCtx
- The PAR validator context. Not null
.com.nimbusds.oauth2.sdk.GeneralException
- If the request is rejected. Should include
an appropriate HTTP status and error code.default void validateRequest(com.nimbusds.oauth2.sdk.AuthorizationRequest authzRequest, ValidatorContext validatorCtx) throws InvalidPARException
authzRequest
- The request to perform additional validation on.
Not null
.validatorCtx
- The PAR validator context. Not null
.InvalidPARException
- If the request is rejected.Copyright © 2021 Connect2id Ltd.. All rights reserved.