Class ClientContextCertificateThumbprintVerifier
java.lang.Object
org.forgerock.openig.filter.oauth2.cnf.ClientContextCertificateThumbprintVerifier
- All Implemented Interfaces:
ConfirmationKeyVerifier
public class ClientContextCertificateThumbprintVerifier
extends Object
implements ConfirmationKeyVerifier
Verifies a certificate thumbprint by computing a digest of the client certificate (found in
ClientContext
)
and comparing the result with the base64-url-encoded value provided within the confirmation key node.-
Field Summary
Fields inherited from interface org.forgerock.openig.filter.oauth2.cnf.ConfirmationKeyVerifier
UNKNOWN
-
Constructor Summary
ConstructorDescriptionClientContextCertificateThumbprintVerifier
(String algorithm) Constructs a new verifier with the givenMessageDigest
algorithm name. -
Method Summary
Modifier and TypeMethodDescriptionverify
(Context context, AccessTokenInfo tokenInfo, JsonValue cnfKey) Verifies the given confirmation key value.
-
Constructor Details
-
ClientContextCertificateThumbprintVerifier
Constructs a new verifier with the givenMessageDigest
algorithm name.- Parameters:
algorithm
- algorithm name
-
-
Method Details
-
verify
public Promise<Result,NeverThrowsException> verify(Context context, AccessTokenInfo tokenInfo, JsonValue cnfKey) Description copied from interface:ConfirmationKeyVerifier
Verifies the given confirmation key value.- Specified by:
verify
in interfaceConfirmationKeyVerifier
- Parameters:
context
- execution contexttokenInfo
- resolved (but not authorized) access_token infocnfKey
- cnf child node such as x5t#S256.- Returns:
- a promise of a validation result
-