Class JwtTimestampValidator
java.lang.Object
org.springframework.security.oauth2.jwt.JwtTimestampValidator
- All Implemented Interfaces:
OAuth2TokenValidator<Jwt>
An implementation of
OAuth2TokenValidator
for verifying claims in a Jwt-based
access token
Because clocks can differ between the Jwt source, say the Authorization Server, and its destination, say the Resource Server, there is a default clock leeway exercised when deciding if the current time is within the Jwt's specified operating window
- Since:
- 5.1
- See Also:
-
Constructor Summary
ConstructorsConstructorDescriptionA basic instance with no custom verification and the default max clock skewJwtTimestampValidator
(Duration clockSkew) -
Method Summary
Modifier and TypeMethodDescriptionvoid
setAllowEmptyExpiryClaim
(boolean allowEmptyExpiryClaim) Whether to allow theexp
header to be empty.void
setAllowEmptyNotBeforeClaim
(boolean allowEmptyNotBeforeClaim) Whether to allow thenbf
header to be empty.void
Use thisClock
withInstant.now()
for assessing timestamp validityVerify the validity and/or constraints of the provided OAuth 2.0 Token.
-
Constructor Details
-
JwtTimestampValidator
public JwtTimestampValidator()A basic instance with no custom verification and the default max clock skew -
JwtTimestampValidator
-
-
Method Details
-
setAllowEmptyExpiryClaim
public void setAllowEmptyExpiryClaim(boolean allowEmptyExpiryClaim) Whether to allow theexp
header to be empty. The default value istrue
- Since:
- 7.0
-
setAllowEmptyNotBeforeClaim
public void setAllowEmptyNotBeforeClaim(boolean allowEmptyNotBeforeClaim) Whether to allow thenbf
header to be empty. The default value istrue
- Since:
- 7.0
-
validate
Description copied from interface:OAuth2TokenValidator
Verify the validity and/or constraints of the provided OAuth 2.0 Token.- Specified by:
validate
in interfaceOAuth2TokenValidator<Jwt>
- Parameters:
jwt
- an OAuth 2.0 token- Returns:
- OAuth2TokenValidationResult the success or failure detail of the validation
-
setClock
Use thisClock
withInstant.now()
for assessing timestamp validity- Parameters:
clock
-
-