Class ClientContextCertificateThumbprintVerifier
- java.lang.Object
-
- org.forgerock.openig.filter.oauth2.cnf.ClientContextCertificateThumbprintVerifier
-
- All Implemented Interfaces:
ConfirmationKeyVerifier
public class ClientContextCertificateThumbprintVerifier extends Object implements ConfirmationKeyVerifier
Verifies a certificate thumbprint by computing a digest of the client certificate (found inClientContext
) and comparing the result with the base64-url-encoded value provided within the confirmation key node.
-
-
Field Summary
-
Fields inherited from interface org.forgerock.openig.filter.oauth2.cnf.ConfirmationKeyVerifier
UNKNOWN
-
-
Constructor Summary
Constructors Constructor Description ClientContextCertificateThumbprintVerifier(String algorithm)
Constructs a new verifier with the givenMessageDigest
algorithm name.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description Promise<Result,NeverThrowsException>
verify(Context context, AccessTokenInfo tokenInfo, JsonValue cnfKey)
Verifies the given confirmation key value.
-
-
-
Constructor Detail
-
ClientContextCertificateThumbprintVerifier
public ClientContextCertificateThumbprintVerifier(String algorithm)
Constructs a new verifier with the givenMessageDigest
algorithm name.- Parameters:
algorithm
- algorithm name
-
-
Method Detail
-
verify
public Promise<Result,NeverThrowsException> verify(Context context, AccessTokenInfo tokenInfo, JsonValue cnfKey)
Description copied from interface:ConfirmationKeyVerifier
Verifies the given confirmation key value.- Specified by:
verify
in interfaceConfirmationKeyVerifier
- Parameters:
context
- execution contexttokenInfo
- resolved (but not authorized) access_token infocnfKey
- cnf child node such as x5t#S256.- Returns:
- a promise of a validation result
-
-