Package org.imixs.security.oidc

Class TokenValidator

java.lang.Object

org.imixs.security.oidc.TokenValidator

public class TokenValidator
extends Object

The TokenValidator is used to validate OIDC access tokens against the identity provider

Constructor Summary

Constructors

Constructor	Description
TokenValidator()

Method Summary

Modifier and Type	Method	Description
static jakarta.json.JsonObject	decodeJwtPayload(String jwt)
static List<String>	extractRoles(jakarta.json.JsonObject claims, String claimPath)	This method extracts the roles form a given json path.
static String	extractUsername(jakarta.json.JsonObject claims, String claimCallerName)	This method extract the caller name from the claim object.
static boolean	isTokenValid(String jwt, Map<String,com.nimbusds.jose.jwk.RSAKey> publicKeys)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

TokenValidator

public TokenValidator()

Method Details

decodeJwtPayload

public static jakarta.json.JsonObject decodeJwtPayload(String jwt)
                                                throws Exception

Throws:

Exception

isTokenValid

public static boolean isTokenValid(String jwt,
 Map<String,com.nimbusds.jose.jwk.RSAKey> publicKeys)

extractUsername

public static String extractUsername(jakarta.json.JsonObject claims,
 String claimCallerName)

This method extract the caller name from the claim object. If not provided the method will default to preferred_username|sub|name

Parameters:

claims -

claimCallerName -

Returns:

extractRoles

public static List<String> extractRoles(jakarta.json.JsonObject claims,
 String claimPath)

This method extracts the roles form a given json path. If no path is provided, the method automatically tries to extract the roles based on default locations within the claims.

Parameters:

claims -

claimPath -

Returns: