API Business Services - OAUTH2 token validation
Implement a class extending class com.noheto.restapi.OAuth2IdTokenValidatorAdapter
to validate id_token.
Method
validate(OAuth2IdTokenValidationContext context): must return true if the token is valid or else, false
Context
Provides some claims from the token, or properties from userinfo, or other variables…​
getLocale(): returns locale
getProperty(String name) returns value of property (from userinfo, token, etc)
hasProperty(String name) returns true if property exists
getOrganizationProperty() returns name of organization property name, or null if not supported (example: hd, for Google Suite)
getOrganization() returns organization if supported
getConfigurationURI() returns the configuration URI (also called server discovery end point, some URI finishing with /.well-known/openid-configuration by example)
getAud(): returns aud (audience) from the JWT token
getClientID(): returns clientid
getISS(): returns iss (issuer) from the JWT token
getExp(): returns exp (expiration date) from the JWT token
getNbf(): returns nbf (not before date) from the JWT token
getIDToken(): returns id_token
getHeader(): returns header of the JWT token (as org.json.JSONObject)
getPayload(): returns payload of the JWT token (as org.json.JSONObject)
getSignature(): : returns signature of the JWT token
getServerId(): returns authentication/identification server id (name of corresponding configuration)