Class OidcIdTokenValidator
- java.lang.Object
-
- org.springframework.security.oauth2.client.oidc.authentication.OidcIdTokenValidator
-
- All Implemented Interfaces:
OAuth2TokenValidator<Jwt>
public final class OidcIdTokenValidator extends java.lang.Object implements OAuth2TokenValidator<Jwt>
AnOAuth2TokenValidator
responsible for validating the claims in anID Token
.- Since:
- 5.1
- See Also:
OAuth2TokenValidator
,Jwt
, ID Token Validation
-
-
Constructor Summary
Constructors Constructor Description OidcIdTokenValidator(ClientRegistration clientRegistration)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
setClock(java.time.Clock clock)
void
setClockSkew(java.time.Duration clockSkew)
Sets the maximum acceptable clock skew.OAuth2TokenValidatorResult
validate(Jwt idToken)
Verify the validity and/or constraints of the provided OAuth 2.0 Token.
-
-
-
Constructor Detail
-
OidcIdTokenValidator
public OidcIdTokenValidator(ClientRegistration clientRegistration)
-
-
Method Detail
-
validate
public OAuth2TokenValidatorResult validate(Jwt idToken)
Description copied from interface:OAuth2TokenValidator
Verify the validity and/or constraints of the provided OAuth 2.0 Token.- Specified by:
validate
in interfaceOAuth2TokenValidator<Jwt>
- Parameters:
idToken
- an OAuth 2.0 token- Returns:
- OAuth2TokenValidationResult the success or failure detail of the validation
-
setClockSkew
public void setClockSkew(java.time.Duration clockSkew)
Sets the maximum acceptable clock skew. The default is 60 seconds. The clock skew is used when validating theexp
andiat
claims.- Parameters:
clockSkew
- the maximum acceptable clock skew- Since:
- 5.2
-
setClock
public void setClock(java.time.Clock clock)
- Parameters:
clock
- the clock- Since:
- 5.3
-
-