Package com.nimbusds.openid.connect.provider.spi.tokens

Class IdentifierAccessToken

  • @Immutable
public final class IdentifierAccessToken
extends Object
    Identifier-based access token. The identifier must be sufficiently long and random to make brute force guessing impractical. The value of the access token value may be a direct string representation of the identifier, have some other encoding, or include additional security protection (e.g. HMAC to detect illegal / fake tokens).

    Sample access token that is a 128 bit random identifier: 

    NNEYDTdMd2qRiwq-GS6UiQ

    Sample access token with the same 128 bit random identifier, protected with HMAC SHA-256 truncated to 128 bits: 

    NNEYDTdMd2qRiwq-GS6UiQ.ZTOq370aTUQbpljYhJPbHw

    • Constructor Detail

      • IdentifierAccessToken

        public IdentifierAccessToken​(com.nimbusds.oauth2.sdk.id.Identifier id)
        Creates a new identifier-based access token. The token value will be set to the string representation of the specified identifier.
        Parameters:
        id - The identifier to use as unique key for the token authorisation in the Connect2id server. Must be sufficiently long and random to make brute force guessing impractical. Must not be null.

      • IdentifierAccessToken

        public IdentifierAccessToken​(com.nimbusds.oauth2.sdk.id.Identifier id,
                             String tokenValue)
        Creates a new identifier-based access token.
        Parameters:
        id - The identifier to use as unique key for the token authorisation in the Connect2id server. Must be sufficiently long and random to make brute force guessing impractical. Must not be null.
        tokenValue - The value of the bearer access token. May represent the string representation of the specified identifier, some other encoding, or include additional security protection (e.g. HMAC to detect illegal / fake tokens). Must not be null.