Package com.nimbusds.openid.connect.provider.spi.tokens

Class IdentifierAccessToken

java.lang.Object
com.nimbusds.openid.connect.provider.spi.tokens.IdentifierAccessToken
@Immutable public final class IdentifierAccessToken extends Object
Identifier-based access token. The identifier must be sufficiently long and random to make brute force guessing impractical. The value of the access token value may be a direct string representation of the identifier, have some other encoding, or include additional security protection (e.g. HMAC to detect illegal / fake tokens).

Sample access token that is a 128 bit random identifier: 

NNEYDTdMd2qRiwq-GS6UiQ

Sample access token with the same 128 bit random identifier, protected with HMAC SHA-256 truncated to 128 bits: 

NNEYDTdMd2qRiwq-GS6UiQ.ZTOq370aTUQbpljYhJPbHw

  • Constructor Details

    • IdentifierAccessToken

      public IdentifierAccessToken(com.nimbusds.oauth2.sdk.id.Identifier id)
      Creates a new identifier-based access token. The token value will be set to the string representation of the specified identifier.
      Parameters:
      id - The identifier to use as unique key for the token authorisation in the Connect2id server. Must be sufficiently long and random to make brute force guessing impractical. Must not be null.

    • IdentifierAccessToken

      public IdentifierAccessToken(com.nimbusds.oauth2.sdk.id.Identifier id, String tokenValue)
      Creates a new identifier-based access token.
      Parameters:
      id - The identifier to use as unique key for the token authorisation in the Connect2id server. Must be sufficiently long and random to make brute force guessing impractical. Must not be null.
      tokenValue - The value of the bearer access token. May represent the string representation of the specified identifier, some other encoding, or include additional security protection (e.g. HMAC to detect illegal / fake tokens). Must not be null.

  • Method Details