Class CertificateThumbprintConfirmationKeyVerifier

  • All Implemented Interfaces:
    ConfirmationKeyVerifier

    public class CertificateThumbprintConfirmationKeyVerifier
    extends Object
    implements ConfirmationKeyVerifier
    Verifies a certificate thumbprint by computing a digest of the client certificate (found in ClientContext) and comparing the result with the base64-url-encoded value provided within the confirmation key node.
    • Constructor Detail

      • CertificateThumbprintConfirmationKeyVerifier

        public CertificateThumbprintConfirmationKeyVerifier​(String algorithm)
        Constructs a new verifier with the given MessageDigest algorithm name.
        Parameters:
        algorithm - algorithm name
    • Method Detail

      • verify

        public Promise<Result,​NeverThrowsException> verify​(Context context,
                                                                 org.forgerock.http.oauth2.AccessTokenInfo tokenInfo,
                                                                 JsonValue cnfKey)
        Description copied from interface: ConfirmationKeyVerifier
        Verifies the given confirmation key value.
        Specified by:
        verify in interface ConfirmationKeyVerifier
        Parameters:
        context - execution context
        tokenInfo - resolved (but not authorized) access_token info
        cnfKey - cnf child node such as x5t#S256.
        Returns:
        a promise of a validation result