org.forgerock.openig.filter.oauth2.cnf (IG Aggregated Javadoc 7.2.0 Documentation)

JWT confirmation key support for access tokens.

See Also:: RFC-7800, OAuth mTLS Draft 17

Interface Summary
Interface Description

ConfirmationKeyVerifier
A ConfirmationKeyVerifier is responsible to verify a confirmation key node.

Class Summary
Class	Description
CertificateThumbprintFilter	A filter that evaluates a required EL expression to establish the client certificate from both context and request, then calculates the thumbprint for that certificate (sha-256 hash and base64 url encoding) before storing it in the attributes context for later retrieval in downstream components.
CertificateThumbprintFilter.Heaplet	Creates and initializes a certificate thumbprint filter in a heap environment.
ClientContextCertificateThumbprintVerifier	Verifies a certificate thumbprint by computing a digest of the client certificate (found in `ClientContext`) and comparing the result with the base64-url-encoded value provided within the confirmation key node.
ConfirmationKeyVerifierAccessTokenResolver	A `ConfirmationKeyVerifierAccessTokenResolver` is responsible of validating confirmation keys bound to the access_token (such as certificate thumbprint).
ConfirmationKeyVerifierAccessTokenResolver.Heaplet	Creates and initializes a Confirmation Key Verifier access_token resolver in the heap environment.
Result	A `Result` represents the result of a validation operation: either a success or a failure (with an associated description).
Sha256AttributeCertificateThumbprintVerifier	Verifies a certificate thumbprint against a previously calculated thumbprint, stored in a specially named attribute stored in the context's attributes.