Class JWTAssertionDetailsVerifier
- java.lang.Object
-
- com.nimbusds.jwt.proc.DefaultJWTClaimsVerifier
-
- com.nimbusds.oauth2.sdk.assertions.jwt.JWTAssertionDetailsVerifier
-
- All Implemented Interfaces:
com.nimbusds.jwt.proc.ClockSkewAware
,com.nimbusds.jwt.proc.JWTClaimsSetVerifier
@Immutable public class JWTAssertionDetailsVerifier extends com.nimbusds.jwt.proc.DefaultJWTClaimsVerifier
JSON Web Token (JWT) bearer assertion details (claims set) verifier for OAuth 2.0 client authentication and authorisation grants. Intended for initial validation of JWT assertions:- Audience check
- Expiration time check
- Not-before time check (is set)
- Subject and issuer presence check
Related specifications:
- JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants (RFC 7523).
-
-
Constructor Summary
Constructors Constructor Description JWTAssertionDetailsVerifier(Set<Audience> expectedAudience)
Creates a new JWT bearer assertion details (claims set) verifier.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description Set<Audience>
getExpectedAudience()
Returns the expected audience values.void
verify(com.nimbusds.jwt.JWTClaimsSet claimsSet, com.nimbusds.jose.proc.SecurityContext securityContext)
-
-
-
Constructor Detail
-
JWTAssertionDetailsVerifier
public JWTAssertionDetailsVerifier(Set<Audience> expectedAudience)
Creates a new JWT bearer assertion details (claims set) verifier.- Parameters:
expectedAudience
- The expected audience (aud) claim values. Must not be empty ornull
. Should typically contain the token endpoint URI and for OpenID provider it may also include the issuer URI.
-
-
Method Detail
-
getExpectedAudience
public Set<Audience> getExpectedAudience()
Returns the expected audience values.- Returns:
- The expected audience (aud) claim values.
-
verify
public void verify(com.nimbusds.jwt.JWTClaimsSet claimsSet, com.nimbusds.jose.proc.SecurityContext securityContext) throws com.nimbusds.jwt.proc.BadJWTException
- Specified by:
verify
in interfacecom.nimbusds.jwt.proc.JWTClaimsSetVerifier
- Overrides:
verify
in classcom.nimbusds.jwt.proc.DefaultJWTClaimsVerifier
- Throws:
com.nimbusds.jwt.proc.BadJWTException
-
-