public static void validateTokenClaims(JwtClaims claims, int timeToLive, int clockOffset, boolean validateAudienceRestriction) { // If we have no issued time then we need to have an expiry boolean expiredRequired = claims.getIssuedAt() == null; validateJwtExpiry(claims, clockOffset, expiredRequired); validateJwtNotBefore(claims, clockOffset, false); // If we have no expiry then we must have an issued at boolean issuedAtRequired = claims.getExpiryTime() == null; validateJwtIssuedAt(claims, timeToLive, clockOffset, issuedAtRequired); if (validateAudienceRestriction) { validateJwtAudienceRestriction(claims, PhaseInterceptorChain.getCurrentMessage()); } }
public static void validateTokenClaims(JwtClaims claims, int timeToLive, int clockOffset, boolean validateAudienceRestriction) { // If we have no issued time then we need to have an expiry boolean expiredRequired = claims.getIssuedAt() == null; validateJwtExpiry(claims, clockOffset, expiredRequired); validateJwtNotBefore(claims, clockOffset, false); // If we have no expiry then we must have an issued at boolean issuedAtRequired = claims.getExpiryTime() == null; validateJwtIssuedAt(claims, timeToLive, clockOffset, issuedAtRequired); if (validateAudienceRestriction) { validateJwtAudienceRestriction(claims, PhaseInterceptorChain.getCurrentMessage()); } }
JwtUtils.validateJwtNotBefore(claims, getClockOffset(), strictTimeValidation); } catch (JwtException ex) { throw new OAuthServiceException("ID Token can not be used yet", ex);
JwtUtils.validateJwtNotBefore(claims, getClockOffset(), strictTimeValidation); } catch (JwtException ex) { throw new OAuthServiceException("ID Token can not be used yet", ex);