protected void validateToken(JwtToken jwt) { JwtUtils.validateTokenClaims(jwt.getClaims(), ttl, clockOffset, false); }
protected void validateToken(JwtToken jwt) { JwtUtils.validateTokenClaims(jwt.getClaims(), ttl, clockOffset, false); }
@Override protected void validateToken(JwtToken jwt) { JwtUtils.validateTokenClaims(jwt.getClaims(), getTtl(), getClockOffset(), isValidateAudience()); }
protected void validateToken(JwtToken jwt, String clientId) { // We must have the following claims if (jwt.getClaim(JwtConstants.CLAIM_ISSUER) == null || jwt.getClaim(JwtConstants.CLAIM_SUBJECT) == null || jwt.getClaim(JwtConstants.CLAIM_AUDIENCE) == null || jwt.getClaim(JwtConstants.CLAIM_EXPIRY) == null || jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT) == null) { LOG.warn("The IdToken is missing a required claim"); throw new IllegalStateException("The IdToken is missing a required claim"); } // The audience must match the client_id of this client boolean match = false; for (String audience : jwt.getClaims().getAudiences()) { if (clientId.equals(audience)) { match = true; break; } } if (!match) { LOG.warn("The audience of the token does not match this client"); throw new IllegalStateException("The audience of the token does not match this client"); } JwtUtils.validateTokenClaims(jwt.getClaims(), 300, 0, false); }
protected void validateClaims(Client client, JwtClaims claims) { if (getAudience() != null) { JAXRSUtils.getCurrentMessage().put(JwtConstants.EXPECTED_CLAIM_AUDIENCE, getAudience()); } JwtUtils.validateTokenClaims(claims, ttl, clockOffset, true); validateIssuer(claims.getIssuer()); validateSubject(client, claims.getSubject()); // We must have an Expiry if (claims.getClaim(JwtConstants.CLAIM_EXPIRY) == null) { throw new OAuthServiceException(OAuthConstants.INVALID_GRANT); } }
protected void validateClaims(Client client, JwtClaims claims) { if (getAudience() != null) { JAXRSUtils.getCurrentMessage().put(JwtConstants.EXPECTED_CLAIM_AUDIENCE, getAudience()); } JwtUtils.validateTokenClaims(claims, ttl, clockOffset, true); validateIssuer(claims.getIssuer()); validateSubject(client, claims.getSubject()); // We must have an Expiry if (claims.getClaim(JwtConstants.CLAIM_EXPIRY) == null) { throw new OAuthServiceException(OAuthConstants.INVALID_GRANT); } }
@Override protected void validateToken(JwtToken jwt) { super.validateToken(jwt); // We must have an issuer if (jwt.getClaim(JwtConstants.CLAIM_ISSUER) == null) { throw new OAuthServiceException(OAuthConstants.INVALID_GRANT); } // We must have a Subject if (jwt.getClaim(JwtConstants.CLAIM_SUBJECT) == null) { throw new OAuthServiceException(OAuthConstants.INVALID_GRANT); } // We must have an Expiry if (jwt.getClaim(JwtConstants.CLAIM_EXPIRY) == null) { throw new OAuthServiceException(OAuthConstants.INVALID_GRANT); } JwtUtils.validateTokenClaims(jwt.getClaims(), getTtl(), getClockOffset(), isValidateAudience()); }
@Override protected void validateToken(JwtToken jwt) { super.validateToken(jwt); // We must have an issuer if (jwt.getClaim(JwtConstants.CLAIM_ISSUER) == null) { throw new OAuthServiceException(OAuthConstants.INVALID_GRANT); } // We must have a Subject if (jwt.getClaim(JwtConstants.CLAIM_SUBJECT) == null) { throw new OAuthServiceException(OAuthConstants.INVALID_GRANT); } // We must have an Expiry if (jwt.getClaim(JwtConstants.CLAIM_EXPIRY) == null) { throw new OAuthServiceException(OAuthConstants.INVALID_GRANT); } JwtUtils.validateTokenClaims(jwt.getClaims(), getTtl(), getClockOffset(), isValidateAudience()); }