@ThreadSafe public class ClientAuthenticationVerifier<T> extends Object
Related specifications:
Constructor and Description |
---|
ClientAuthenticationVerifier(ClientCredentialsSelector<T> clientCredentialsSelector,
Set<Audience> expectedAudience)
Creates a new client authentication verifier.
|
Modifier and Type | Method and Description |
---|---|
ClientCredentialsSelector<T> |
getClientCredentialsSelector()
Returns the client credentials selector.
|
Set<Audience> |
getExpectedAudience()
Returns the permitted audience values in JWT authentication
assertions.
|
boolean |
verify(ClientAuthentication clientAuth,
Context<T> context)
Verifies a client authentication request.
|
public ClientAuthenticationVerifier(ClientCredentialsSelector<T> clientCredentialsSelector, Set<Audience> expectedAudience)
clientCredentialsSelector
- The client credentials selector.
Must not be null
.expectedAudience
- The permitted audience (aud) claim
values in JWT authentication
assertions. Must not be empty or
null
. Should typically
contain the token endpoint URI and
for OpenID provider it may also
include the issuer URI.public ClientCredentialsSelector<T> getClientCredentialsSelector()
public Set<Audience> getExpectedAudience()
public boolean verify(ClientAuthentication clientAuth, Context<T> context) throws com.nimbusds.jose.JOSEException
clientAuth
- The client authentication. Must not be
null
.context
- Additional context to be passed to the client
credentials selector. May be null
.true
if the client was successfully authenticated,
false
if the authentication failed due to an unknown
client, invalid credential or unsupported authentication
method.com.nimbusds.jose.JOSEException
Copyright © 2016 Connect2id Ltd.. All rights reserved.