Package org.forgerock.openig.filter.oauth2.cnf
package org.forgerock.openig.filter.oauth2.cnf
JWT confirmation key support for access tokens.
- See Also:
-
ClassDescriptionA filter that evaluates a required EL expression to establish the client certificate from both context and request, then calculates the thumbprint for that certificate (sha-256 hash and base64 url encoding) before storing it in the attributes context for later retrieval in downstream components.Creates and initializes a certificate thumbprint filter in a heap environment.Verifies a certificate thumbprint by computing a digest of the client certificate (found in
ClientContext
) and comparing the result with the base64-url-encoded value provided within the confirmation key node.AConfirmationKeyVerifier
is responsible to verify a confirmation key node.AConfirmationKeyVerifierAccessTokenResolver
is responsible of validating confirmation keys bound to the access_token (such as certificate thumbprint).Creates and initializes a Confirmation Key Verifier access_token resolver in the heap environment.AResult
represents the result of a validation operation: either a success or a failure (with an associated description).Verifies a certificate thumbprint against a previously calculated thumbprint, stored in a specially named attribute stored in the context's attributes.