Source code

001package com.nimbusds.openid.connect.provider.spi.reg;
002
003
004import net.jcip.annotations.ThreadSafe;
005
006import com.nimbusds.openid.connect.provider.spi.Lifecycle;
007import com.nimbusds.openid.connect.sdk.rp.OIDCClientMetadata;
008
009
010/**
011 * Service Provider Interface (SPI) for for performing additional validation
012 * and / or shaping of OAuth 2.0 client / OpenID relying party metadata, after
013 * the Connect2id server has completed its own standard validations. The
014 * loaded and {@link #isEnabled() enabled} SPI implementations will be called
015 * (in no particular order) when a new client is registered (via HTTP POST
016 * request) or updated (via HTTP PUT request).
017 *
018 * <p>Implementations must be thread-safe.
019 */
020@ThreadSafe
021public interface FinalMetadataValidator extends Lifecycle {
022        
023        
024        /**
025         * Validates the specified OAuth 2.0 client / OpenID relying party
026         * metadata.
027         *
028         * @param metadata     The OAuth 2.0 client / OpenID relying party
029         *                     metadata. Not {@code null}.
030         * @param validatorCtx The validator context. Not {@code null}.
031         *
032         * @return The validated metadata. It may be modified. Must not be
033         *         {@code null}.
034         *
035         * @throws InvalidRegistrationException If validation failed.
036         */
037        OIDCClientMetadata validate(final OIDCClientMetadata metadata,
038                                    final ValidatorContext validatorCtx)
039                throws InvalidRegistrationException;
040}