JWTAssertionDetailsVerifier (Nimbus OAuth 2.0 SDK with OpenID Connect 1.0 extensions v7.5)

java.lang.Object
- com.nimbusds.jwt.proc.DefaultJWTClaimsVerifier
- - com.nimbusds.oauth2.sdk.assertions.jwt.JWTAssertionDetailsVerifier

All Implemented Interfaces:

com.nimbusds.jwt.proc.ClockSkewAware, com.nimbusds.jwt.proc.JWTClaimsSetVerifier, com.nimbusds.jwt.proc.JWTClaimsVerifier
```
@Immutable
public class JWTAssertionDetailsVerifier
extends com.nimbusds.jwt.proc.DefaultJWTClaimsVerifier
```
JSON Web Token (JWT) bearer assertion details (claims set) verifier for OAuth 2.0 client authentication and authorisation grants. Intended for initial validation of JWT assertions:
- Audience check
- Expiration time check
- Not-before time check (is set)
- Subject and issuer presence check
Related specifications:
- JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants (RFC 7523).

Field Summary
- Fields inherited from class com.nimbusds.jwt.proc.DefaultJWTClaimsVerifier
  DEFAULT_MAX_CLOCK_SKEW_SECONDS

Constructor Summary

Constructors
Constructor Description

JWTAssertionDetailsVerifier(Set<Audience> expectedAudience)
Creates a new JWT bearer assertion details (claims set) verifier.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`Set<Audience>`	`getExpectedAudience()`	Returns the expected audience values.
`void`	`verify(com.nimbusds.jwt.JWTClaimsSet claimsSet, com.nimbusds.jose.proc.SecurityContext securityContext)`

Methods inherited from class com.nimbusds.jwt.proc.DefaultJWTClaimsVerifier
getAcceptedAudienceValues, getExactMatchClaims, getMaxClockSkew, getProhibitedClaims, getRequiredClaims, setMaxClockSkew, verify

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - JWTAssertionDetailsVerifier
```
public JWTAssertionDetailsVerifier(Set<Audience> expectedAudience)
```
    Creates a new JWT bearer assertion details (claims set) verifier.
    
    Parameters:
    
    expectedAudience - The expected audience (aud) claim values. Must not be empty or null. Should typically contain the token endpoint URI and for OpenID provider it may also include the issuer URI.
- Method Detail
  - getExpectedAudience
```
public Set<Audience> getExpectedAudience()
```
    Returns the expected audience values.
    
    Returns:
    
    The expected audience (aud) claim values.
  - verify
```
public void verify(com.nimbusds.jwt.JWTClaimsSet claimsSet,
                   com.nimbusds.jose.proc.SecurityContext securityContext)
            throws com.nimbusds.jwt.proc.BadJWTException
```
    Specified by:
    
    verify in interface com.nimbusds.jwt.proc.JWTClaimsSetVerifier
    
    Overrides:
    
    verify in class com.nimbusds.jwt.proc.DefaultJWTClaimsVerifier
    
    Throws:
    
    com.nimbusds.jwt.proc.BadJWTException