Class Nonce

  • All Implemented Interfaces:
    Serializable, Comparable<Identifier>, net.minidev.json.JSONAware

    public final class Nonce
    extends Identifier
    Nonce. This is a random, unique string value to associate a user-session with an ID Token and to mitigate replay attacks.

    Example generation of a 16 byte random nonce:

     Nonce nonce = new Nonce(16);

    Related specifications:

    • OpenID Connect Core 1.0, section and 15.5.2.
    See Also:
    Serialized Form
    • Constructor Detail

      • Nonce

        public Nonce​(String value)
        Creates a new nonce with the specified value.
        value - The nonce value. Must not be null or empty string.
      • Nonce

        public Nonce​(int byteLength)
        Creates a new nonce with a randomly generated value of the specified byte length, Base64URL-encoded.
        byteLength - The byte length of the value to generate. Must be greater than one.
      • Nonce

        public Nonce()
        Creates a new nonce with a randomly generated 256-bit (32-byte) value, Base64URL-encoded.
    • Method Detail

      • parse

        public static Nonce parse​(String s)
        Parses a nonce from the specified string.
        s - The string to parse, null or empty if no nonce is specified.
        The nonce, null if the parsed string was null or empty.
      • isRequired

        public static boolean isRequired​(ResponseType responseType)
        Returns true if the specified OAuth 2.0 response type requires a nonce.
        responseType - The response type. Must not be null.
        true if a nonce is required, false if not.