Package org.springframework.security.oauth2.client.oidc.authentication

Class OidcIdTokenValidator

java.lang.Object
org.springframework.security.oauth2.client.oidc.authentication.OidcIdTokenValidator
All Implemented Interfaces:
OAuth2TokenValidator<Jwt>
public final class OidcIdTokenValidator extends Object implements OAuth2TokenValidator<Jwt>
An OAuth2TokenValidator responsible for validating the claims in an ID Token.
Since:
5.1
See Also:

  • Constructor Details

    • OidcIdTokenValidator

      public OidcIdTokenValidator(ClientRegistration clientRegistration)

  • Method Details

    • validate

      public OAuth2TokenValidatorResult validate(Jwt idToken)
      Description copied from interface: OAuth2TokenValidator
      Verify the validity and/or constraints of the provided OAuth 2.0 Token.
      Specified by:
      validate in interface OAuth2TokenValidator<Jwt>
      Parameters:
      idToken - an OAuth 2.0 token
      Returns:
      OAuth2TokenValidationResult the success or failure detail of the validation

    • setClockSkew

      public void setClockSkew(Duration clockSkew)
      Sets the maximum acceptable clock skew. The default is 60 seconds. The clock skew is used when validating the exp and iat claims.
      Parameters:
      clockSkew - the maximum acceptable clock skew
      Since:
      5.2

    • setClock

      public void setClock(Clock clock)
      Sets the Clock used in Instant.now(Clock) when validating the exp and iat claims.
      Parameters:
      clock - the clock
      Since:
      5.3