Package org.springframework.security.oauth2.client.oidc.authentication

Class OidcIdTokenValidator

java.lang.Object
org.springframework.security.oauth2.client.oidc.authentication.OidcIdTokenValidator
All Implemented Interfaces:
org.springframework.security.oauth2.core.OAuth2TokenValidator<org.springframework.security.oauth2.jwt.Jwt>
public final class OidcIdTokenValidator extends Object implements org.springframework.security.oauth2.core.OAuth2TokenValidator<org.springframework.security.oauth2.jwt.Jwt>
An OAuth2TokenValidator responsible for validating the claims in an ID Token.
Since:
5.1
See Also:

  • Constructor Details

    • OidcIdTokenValidator

      public OidcIdTokenValidator(ClientRegistration clientRegistration)

  • Method Details

    • validate

      public org.springframework.security.oauth2.core.OAuth2TokenValidatorResult validate(org.springframework.security.oauth2.jwt.Jwt idToken)
      Specified by:
      validate in interface org.springframework.security.oauth2.core.OAuth2TokenValidator<org.springframework.security.oauth2.jwt.Jwt>

    • setClockSkew

      public void setClockSkew(Duration clockSkew)
      Sets the maximum acceptable clock skew. The default is 60 seconds. The clock skew is used when validating the exp and iat claims.
      Parameters:
      clockSkew - the maximum acceptable clock skew
      Since:
      5.2

    • setClock

      public void setClock(Clock clock)
      Sets the Clock used in Instant.now(Clock) when validating the exp and iat claims.
      Parameters:
      clock - the clock
      Since:
      5.3