Package org.forgerock.oauth.resolvers

Interface GenericOpenIdResolver<J extends Jwt>

Type Parameters:

J - the Jwt type supported by the implemented resolver

All Known Subinterfaces:

EncryptedOpenIdResolver, OpenIdResolver

All Known Implementing Classes:

BaseOpenIdResolver, JWKOpenIdResolverImpl, PublicKeyOpenIdResolverImpl, SharedSecretOpenIdResolverImpl

public interface GenericOpenIdResolver<J extends Jwt>

Validation of Open ID Connect JWTs via verification of their internals (issuer, audience, signature, etc.). Each Resolver performs validation against a supplied Jwt, throwing an OpenIdConnectVerificationException if there are any issues which do not conform to the verification spec as per: More details on how the verification should be completed can be found at http://openid.net/specs/openid-authentication-2_0.html validateIdentity(Jwt) performs all individual checks.

Method Summary

Modifier and Type	Method	Description
Class<J>	getExpectedJwtType()	The Jwt type this resolver supports.
void	validateIdentity(J idClaim)	Validates the supplied Jwt against this OpenId Connect Idp.

Method Details

validateIdentity

void validateIdentity(J idClaim)
               throws OpenIdConnectVerificationException

Validates the supplied Jwt against this OpenId Connect Idp.

Parameters:

idClaim - The Jwt to test is authenticated

Throws:

OpenIdConnectVerificationException - If the Jwt is unable to be verified

getExpectedJwtType

Class<J> getExpectedJwtType()

The Jwt type this resolver supports.

Returns:

the supported Jwt type