Package com.nimbusds.openid.connect.sdk.validators

Class AccessTokenValidator

java.lang.Object

com.nimbusds.openid.connect.sdk.validators.AccessTokenValidator

@ThreadSafe
public class AccessTokenValidator
extends Object

Access token validator, using the at_hash ID token claim. Required in the implicit flow and the hybrid flow where the access token is returned at the authorisation endpoint.

Related specifications:

• OpenID Connect Core 1.0, sections 3.1.3.8, 3.2.2.9 and 3.3.2.9.

Constructor Summary

Constructors

Constructor	Description
AccessTokenValidator()

Method Summary

Modifier and Type	Method	Description
static void	validate(AccessToken accessToken, com.nimbusds.jose.JWSAlgorithm jwsAlgorithm, AccessTokenHash accessTokenHash)	Validates the specified access token.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AccessTokenValidator

public AccessTokenValidator()

Method Detail

validate

public static void validate(AccessToken accessToken,
                            com.nimbusds.jose.JWSAlgorithm jwsAlgorithm,
                            AccessTokenHash accessTokenHash)
                     throws InvalidHashException

Validates the specified access token.

Parameters:

accessToken - The access token. Must not be null.

jwsAlgorithm - The JWS algorithm of the ID token. Must not be null.

accessTokenHash - The access token hash, as set in the at_hash ID token claim. Must not be null,

Throws:

InvalidHashException - If the access token doesn't match the hash.