Package com.nimbusds.openid.connect.sdk.validators

Class StateValidator

java.lang.Object

com.nimbusds.openid.connect.sdk.validators.StateValidator

@ThreadSafe
public class StateValidator
extends Object

State validator, using the optional s_hash ID token claim. Required for applications that must comply with Financial Services – Financial API - Part 2: Read and Write API Security Profile.

Related specifications:

• Financial Services – Financial API - Part 2: Read and Write API Security Profile, section 5.1.

Constructor Summary

Constructors

Constructor	Description
StateValidator()

Method Summary

Modifier and Type	Method	Description
static void	validate(State state, com.nimbusds.jose.JWSAlgorithm jwsAlgorithm, StateHash stateHash)	Validates the specified state.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

StateValidator

public StateValidator()

Method Details

validate

public static void validate(State state,
 com.nimbusds.jose.JWSAlgorithm jwsAlgorithm,
 StateHash stateHash)
                     throws InvalidHashException

Validates the specified state.

Parameters:

state - The state received at the redirection URI. Must not be null.

jwsAlgorithm - The JWS algorithm of the ID token. Must not be be null.

stateHash - The state hash, as set in the s_hash ID token claim. Must not be null.

Throws:

InvalidHashException - If the received state doesn't match the hash.