1 /* 2 * Copyright 2012-2017 the original author or authors. 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * https://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 package org.springframework.security.oauth2.provider.token.store; 17 18 import org.springframework.security.oauth2.common.exceptions.InvalidTokenException; 19 20 import java.util.Map; 21 22 /** 23 * This interface provides the capability of verifying the claim(s) 24 * contained in a JWT Claims Set, for example, expiration time (exp), 25 * not before (nbf), issuer (iss), audience (aud), subject (sub), etc. 26 * 27 * @author Joe Grandja 28 * @since 2.2 29 * @see JwtAccessTokenConverter 30 */ 31 public interface JwtClaimsSetVerifier { 32 33 /** 34 * Verify the claim(s) in the JWT Claims Set. 35 * 36 * @param claims the JWT Claims Set 37 * @throws InvalidTokenException if at least one claim failed verification 38 */ 39 void verify(Map<String, Object> claims) throws InvalidTokenException; 40 41 }