public Object getClaim(String name) { return claims.getClaim(name); } public int hashCode() {
public Object getClaim(String name) { return claims.getClaim(name); } public int hashCode() {
public String getSubject() { return (String)getClaim(JwtConstants.CLAIM_SUBJECT); }
public String getTokenId() { return (String)getClaim(JwtConstants.CLAIM_JWT_ID); }
public String getTokenId() { return (String)getClaim(JwtConstants.CLAIM_JWT_ID); }
public String getIssuer() { return (String)getClaim(JwtConstants.CLAIM_ISSUER); }
public String getSubject() { return (String)getClaim(JwtConstants.CLAIM_SUBJECT); }
public String getIssuer() { return (String)getClaim(JwtConstants.CLAIM_ISSUER); }
/** * Get an array of audiences * @return the audiences array */ public List<String> getAudiences() { Object audiences = getClaim(JwtConstants.CLAIM_AUDIENCE); if (audiences instanceof List<?>) { return CastUtils.cast((List<?>)audiences); } else if (audiences instanceof String) { return Collections.singletonList((String)audiences); } return Collections.emptyList(); }
/** * Get an array of audiences * @return the audiences array */ public List<String> getAudiences() { Object audiences = getClaim(JwtConstants.CLAIM_AUDIENCE); if (audiences instanceof List<?>) { return CastUtils.cast((List<?>)audiences); } else if (audiences instanceof String) { return Collections.singletonList((String)audiences); } return Collections.emptyList(); }
public static void validateCodeHash(String code, JwtToken jwt, boolean required) { if (required) { validateHash(code, (String)jwt.getClaims().getClaim(IdToken.AUTH_CODE_HASH_CLAIM), jwt.getJwsHeaders().getSignatureAlgorithm()); } } private static void validateHash(String value, String theHash, SignatureAlgorithm joseAlgo) {
public static void validateAccessTokenHash(String accessToken, JwtToken jwt, boolean required) { if (required) { validateHash(accessToken, (String)jwt.getClaims().getClaim(IdToken.ACCESS_TOKEN_HASH_CLAIM), jwt.getJwsHeaders().getSignatureAlgorithm()); } } public static void validateCodeHash(String code, JwtToken jwt) {
public static void validateCodeHash(String code, JwtToken jwt, boolean required) { if (required) { validateHash(code, (String)jwt.getClaims().getClaim(IdToken.AUTH_CODE_HASH_CLAIM), jwt.getJwsHeaders().getSignatureAlgorithm()); } } private static void validateHash(String value, String theHash, SignatureAlgorithm joseAlgo) {
public static void validateAccessTokenHash(String accessToken, JwtToken jwt, boolean required) { if (required) { validateHash(accessToken, (String)jwt.getClaims().getClaim(IdToken.ACCESS_TOKEN_HASH_CLAIM), jwt.getJwsHeaders().getSignatureAlgorithm()); } } public static void validateCodeHash(String code, JwtToken jwt) {
protected void validateClaims(Client client, JwtClaims claims) { if (getAudience() != null) { JAXRSUtils.getCurrentMessage().put(JwtConstants.EXPECTED_CLAIM_AUDIENCE, getAudience()); } JwtUtils.validateTokenClaims(claims, ttl, clockOffset, true); validateIssuer(claims.getIssuer()); validateSubject(client, claims.getSubject()); // We must have an Expiry if (claims.getClaim(JwtConstants.CLAIM_EXPIRY) == null) { throw new OAuthServiceException(OAuthConstants.INVALID_GRANT); } }
protected void validateClaims(Client client, JwtClaims claims) { if (getAudience() != null) { JAXRSUtils.getCurrentMessage().put(JwtConstants.EXPECTED_CLAIM_AUDIENCE, getAudience()); } JwtUtils.validateTokenClaims(claims, ttl, clockOffset, true); validateIssuer(claims.getIssuer()); validateSubject(client, claims.getSubject()); // We must have an Expiry if (claims.getClaim(JwtConstants.CLAIM_EXPIRY) == null) { throw new OAuthServiceException(OAuthConstants.INVALID_GRANT); } }
Assert.assertNull(jwt.getClaims().getClaim(IdToken.ACCESS_TOKEN_HASH_CLAIM));
assertNotNull(jwt.getClaims().getClaim(IdToken.AUTH_TIME_CLAIM));