java.lang.Object
- com.nimbusds.openid.connect.sdk.validators.IDTokenClaimsVerifier

All Implemented Interfaces:

com.nimbusds.jwt.proc.ClockSkewAware, com.nimbusds.jwt.proc.JWTClaimsSetVerifier
```
@ThreadSafe
public class IDTokenClaimsVerifier
extends Object
implements com.nimbusds.jwt.proc.JWTClaimsSetVerifier, com.nimbusds.jwt.proc.ClockSkewAware
```
ID token claims verifier.
Related specifications:
- OpenID Connect Core 1.0, section 3.1.3.7 for code flow.
- OpenID Connect Core 1.0, section 3.2.2.11 for implicit flow.
- OpenID Connect Core 1.0, sections 3.3.2.12 and 3.3.3.7 for hybrid flow.

Constructor Summary

Constructors
Constructor	Description
`IDTokenClaimsVerifier(Issuer issuer, ClientID clientID, Nonce nonce, int maxClockSkew)`	Creates a new ID token claims verifier.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`ClientID`	`getClientID()`	Returns the client ID for verifying the ID token audience.
`Issuer`	`getExpectedIssuer()`	Returns the expected ID token issuer.
`Nonce`	`getExpectedNonce()`	Returns the expected nonce.
`int`	`getMaxClockSkew()`
`void`	`setMaxClockSkew(int maxClockSkew)`
`void`	`verify(com.nimbusds.jwt.JWTClaimsSet claimsSet, com.nimbusds.jose.proc.SecurityContext ctx)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - IDTokenClaimsVerifier
```
public IDTokenClaimsVerifier(Issuer issuer,
                             ClientID clientID,
                             Nonce nonce,
                             int maxClockSkew)
```
    Creates a new ID token claims verifier.
    
    Parameters:
    
    issuer - The expected ID token issuer. Must not be null.
    
    clientID - The client ID. Must not be null.
    
    nonce - The nonce, required in the implicit flow or for ID tokens returned by the authorisation endpoint int the hybrid flow. null if not required or specified.
    
    maxClockSkew - The maximum acceptable clock skew (absolute value), in seconds. Must be zero (no clock skew) or positive integer.
- Method Detail
  - getExpectedIssuer
```
public Issuer getExpectedIssuer()
```
    Returns the expected ID token issuer.
    
    Returns:
    
    The ID token issuer.
  - getClientID
```
public ClientID getClientID()
```
    Returns the client ID for verifying the ID token audience.
    
    Returns:
    
    The client ID.
  - getExpectedNonce
```
public Nonce getExpectedNonce()
```
    Returns the expected nonce.
    
    Returns:
    
    The nonce, null if not required or specified.
  - getMaxClockSkew
```
public int getMaxClockSkew()
```
    Specified by:
    
    getMaxClockSkew in interface com.nimbusds.jwt.proc.ClockSkewAware
  - setMaxClockSkew
```
public void setMaxClockSkew(int maxClockSkew)
```
    Specified by:
    
    setMaxClockSkew in interface com.nimbusds.jwt.proc.ClockSkewAware
  - verify
```
public void verify(com.nimbusds.jwt.JWTClaimsSet claimsSet,
                   com.nimbusds.jose.proc.SecurityContext ctx)
            throws com.nimbusds.jwt.proc.BadJWTException
```
    Specified by:
    
    verify in interface com.nimbusds.jwt.proc.JWTClaimsSetVerifier
    
    Throws:
    
    com.nimbusds.jwt.proc.BadJWTException

Class IDTokenClaimsVerifier

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

IDTokenClaimsVerifier

Method Detail

getExpectedIssuer

getClientID

getExpectedNonce

getMaxClockSkew

setMaxClockSkew

verify