Package org.wildfly.security.http.oidc

Class TokenValidator

java.lang.Object

org.wildfly.security.http.oidc.TokenValidator

public class TokenValidator
extends Object

Validator for an ID token or bearer token, as per OpenID Connect Core 1.0 and RFC 7523.

Author:

Farah Juma

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	TokenValidator.Builder
static class	TokenValidator.VerifiedTokens

Method Summary

Modifier and Type	Method	Description
static TokenValidator.Builder	builder(OidcClientConfiguration clientConfiguration)	Construct a new builder instance.
AccessToken	parseAndVerifyToken(String bearerToken)	Parse and verify the given bearer token.
TokenValidator.VerifiedTokens	parseAndVerifyToken(String idToken, String accessToken)
TokenValidator.VerifiedTokens	parseAndVerifyToken(String idToken, String accessToken, OidcHttpFacade.Cookie cookie, boolean isValidateNonce)	Parse and verify the given ID token.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

parseAndVerifyToken

public TokenValidator.VerifiedTokens parseAndVerifyToken(String idToken,
                                                         String accessToken)
                                                  throws OidcException

Throws:

OidcException

parseAndVerifyToken

public TokenValidator.VerifiedTokens parseAndVerifyToken(String idToken,
                                                         String accessToken,
                                                         OidcHttpFacade.Cookie cookie,
                                                         boolean isValidateNonce)
                                                  throws OidcException

Parse and verify the given ID token.

Parameters:

idToken - the ID token

Returns:

the VerifiedTokens if the ID token was valid

Throws:

OidcException - if the ID token is invalid

parseAndVerifyToken

public AccessToken parseAndVerifyToken(String bearerToken)
                                throws OidcException

Parse and verify the given bearer token.

Parameters:

bearerToken - the bearer token

Returns:

the AccessToken if the bearer token was valid

Throws:

OidcException - if the bearer token is invalid

builder

public static TokenValidator.Builder builder(OidcClientConfiguration clientConfiguration)

Construct a new builder instance.

Parameters:

clientConfiguration - the OIDC client configuration

Returns:

the new builder instance