Class LoginAccessTokenValidator

All Implemented Interfaces:

public class LoginAccessTokenValidator extends Object implements AccessTokenValidator
LoginAccessTokenValidator is an implementation of AccessTokenValidator that is used by the client to perform some rudimentary validation of the JWT access token that is received as part of the response from posting the client credentials to the OAuth/OIDC provider's token endpoint. The validation steps performed are:
  1. Basic structural validation of the b64token value as defined in RFC 6750 Section 2.1
  2. Basic conversion of the token into an in-memory map
  3. Presence of scope, exp, subject, and iat claims
  • Field Details

  • Constructor Details

    • LoginAccessTokenValidator

      public LoginAccessTokenValidator(String scopeClaimName, String subClaimName)
      Creates a new LoginAccessTokenValidator that will be used by the client for lightweight validation of the JWT.
      scopeClaimName - Name of the scope claim to use; must be non-null
      subClaimName - Name of the subject claim to use; must be non-null
  • Method Details