public final class JwtTimestampValidator extends java.lang.Object implements OAuth2TokenValidator<Jwt>
OAuth2TokenValidator for verifying claims in a Jwt-based access token
Because clocks can differ between the Jwt source, say the Authorization Server, and its destination, say the Resource Server, there is a default clock leeway exercised when deciding if the current time is within the Jwt's specified operating window
Jwt,
OAuth2TokenValidator,
JSON Web Token (JWT)| Constructor and Description |
|---|
JwtTimestampValidator()
A basic instance with no custom verification and the default max clock skew
|
JwtTimestampValidator(java.time.Duration maxClockSkew) |
| Modifier and Type | Method and Description |
|---|---|
void |
setClock(java.time.Clock clock)
'
Use this
Clock with Instant.now() for assessing
timestamp validity |
OAuth2TokenValidatorResult |
validate(Jwt jwt)
Verify the validity and/or constraints of the provided OAuth 2.0 Token.
|
public JwtTimestampValidator()
public JwtTimestampValidator(java.time.Duration maxClockSkew)
public OAuth2TokenValidatorResult validate(Jwt jwt)
validate in interface OAuth2TokenValidator<Jwt>jwt - an OAuth 2.0 tokenpublic void setClock(java.time.Clock clock)
Clock with Instant.now() for assessing
timestamp validityclock -