org.apache.cxf.rs.security.oidc.rp

Class OidcClaimsValidator

java.lang.Object

org.apache.cxf.rs.security.jose.common.AbstractJoseConsumer

org.apache.cxf.rs.security.jose.jwt.JoseJwtConsumer

org.apache.cxf.rs.security.oauth2.provider.OAuthJoseJwtConsumer

org.apache.cxf.rs.security.oidc.rp.OidcClaimsValidator

Direct Known Subclasses:

IdTokenReader, UserInfoClient

public class OidcClaimsValidator
extends org.apache.cxf.rs.security.oauth2.provider.OAuthJoseJwtConsumer

Constructor Summary

Constructors

Constructor and Description
OidcClaimsValidator()

Method Summary

Modifier and Type	Method and Description
protected org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier	getInitializedSignatureVerifier(org.apache.cxf.rs.security.jose.jwt.JwtToken jwt)
void	setIssuerId(String issuerId)
void	setJwkSetClient(org.apache.cxf.jaxrs.client.WebClient jwkSetClient)
void	setStrictTimeValidation(boolean strictTimeValidation)
void	setSupportSelfIssuedProvider(boolean supportSelfIssuedProvider)
void	validateJwtClaims(org.apache.cxf.rs.security.jose.jwt.JwtClaims claims, String clientId, boolean validateClaimsAlways) Validate core JWT claims

Methods inherited from class org.apache.cxf.rs.security.oauth2.provider.OAuthJoseJwtConsumer

getInitializedDecryptionProvider, getInitializedSignatureVerifier, getJwtToken, isDecryptWithClientSecret, isVerifyWithClientSecret, setDecryptWithClientSecret, setVerifyWithClientSecret

Methods inherited from class org.apache.cxf.rs.security.jose.jwt.JoseJwtConsumer

getClockOffset, getJwtToken, getJwtToken, getTtl, setClockOffset, setTtl, validateToken

Methods inherited from class org.apache.cxf.rs.security.jose.common.AbstractJoseConsumer

checkProcessRequirements, getInitializedDecryptionProvider, getInitializedSignatureVerifier, getJweDecryptor, getJwsVerifier, isJweRequired, isJwsRequired, setJweDecryptor, setJweRequired, setJwsRequired, setJwsVerifier

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OidcClaimsValidator

public OidcClaimsValidator()

Method Detail

validateJwtClaims

public void validateJwtClaims(org.apache.cxf.rs.security.jose.jwt.JwtClaims claims,
                              String clientId,
                              boolean validateClaimsAlways)

Validate core JWT claims

Parameters:

claims - the claims

clientId - OAuth2 client id

validateClaimsAlways - if set to true then enforce that the claims to be validated must be set

setIssuerId

public void setIssuerId(String issuerId)

setJwkSetClient

public void setJwkSetClient(org.apache.cxf.jaxrs.client.WebClient jwkSetClient)

getInitializedSignatureVerifier

protected org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier getInitializedSignatureVerifier(org.apache.cxf.rs.security.jose.jwt.JwtToken jwt)

Overrides:

getInitializedSignatureVerifier in class org.apache.cxf.rs.security.jose.jwt.JoseJwtConsumer

setSupportSelfIssuedProvider

public void setSupportSelfIssuedProvider(boolean supportSelfIssuedProvider)

setStrictTimeValidation

public void setStrictTimeValidation(boolean strictTimeValidation)