java.lang.Object
- net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
- - org.opensaml.profile.action.AbstractProfileAction
  - - org.opensaml.profile.action.AbstractConditionalProfileAction
    - - net.shibboleth.idp.profile.AbstractProfileAction
      - net.shibboleth.idp.plugin.oidc.op.profile.impl.AbstractOIDCRequestAction<com.nimbusds.openid.connect.sdk.UserInfoRequest>
        
        net.shibboleth.idp.plugin.oidc.op.userinfo.profile.impl.AbstractOIDCUserInfoRequestAction
        
        net.shibboleth.idp.plugin.oidc.op.userinfo.profile.impl.AbstractOIDCUserInfoValidationResponseAction
        
        net.shibboleth.idp.plugin.oidc.op.userinfo.profile.impl.ValidateAccessToken

All Implemented Interfaces:

Component, DestructableComponent, InitializableComponent, ProfileAction, Aware, MessageSource, MessageSourceAware, Action
```
public class ValidateAccessToken
extends AbstractOIDCUserInfoValidationResponseAction
```
Action that validates the claims pulled from an access token as usable for access to the OP's UserInfo endpoint.
The parsed claims are pulled from OIDCAuthenticationResponseContext.getAuthorizationGrantClaimsSet().

Event:

EventIds.PROCEED_EVENT_ID, IdPEventIds.INVALID_PROFILE_CONFIG, OidcEventIds.INVALID_GRANT

Field Summary

Fields
Modifier and Type	Field	Description
`private net.shibboleth.oidc.jwt.claims.ClaimsValidator`	`claimsValidator`	The claims validator to use.
`private Function<ProfileRequestContext,net.shibboleth.oidc.jwt.claims.ClaimsValidator>`	`claimsValidatorLookupStrategy`	Lookup strategy for claims validator.
`private org.slf4j.Logger`	`log`	Class logger.

Constructor Summary

Constructors
Constructor Description

ValidateAccessToken()
Constructor.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`protected void`	`doExecute(ProfileRequestContext profileRequestContext)`
`protected boolean`	`doPreExecute(ProfileRequestContext profileRequestContext)`
`void`	`setClaimsValidatorLookupStrategy(Function<ProfileRequestContext,net.shibboleth.oidc.jwt.claims.ClaimsValidator> strategy)`	Set the claims validator lookup strategy.

Methods inherited from class net.shibboleth.idp.plugin.oidc.op.userinfo.profile.impl.AbstractOIDCUserInfoValidationResponseAction
getOidcResponseContext

Methods inherited from class net.shibboleth.idp.plugin.oidc.op.userinfo.profile.impl.AbstractOIDCUserInfoRequestAction
getUserInfoRequest

Methods inherited from class net.shibboleth.idp.plugin.oidc.op.profile.impl.AbstractOIDCRequestAction
getRequest

Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction
doExecute, execute, getMessage, getMessage, getMessage, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategy

Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction
getActivationCondition, setActivationCondition

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction
doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, doInitialize, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent
initialize, isInitialized

Field Detail

log
```
@Nonnull
private org.slf4j.Logger log
```
Class logger.

claimsValidatorLookupStrategy

@Nonnull
private Function<ProfileRequestContext,net.shibboleth.oidc.jwt.claims.ClaimsValidator> claimsValidatorLookupStrategy

Lookup strategy for claims validator.

claimsValidator

@Nullable
private net.shibboleth.oidc.jwt.claims.ClaimsValidator claimsValidator

The claims validator to use.

Constructor Detail
- ValidateAccessToken
```
public ValidateAccessToken()
```
  Constructor.

Method Detail

setClaimsValidatorLookupStrategy

public void setClaimsValidatorLookupStrategy(@Nonnull
                                             Function<ProfileRequestContext,net.shibboleth.oidc.jwt.claims.ClaimsValidator> strategy)

Set the claims validator lookup strategy.

Parameters:: strategy - lookup strategy

doPreExecute

protected boolean doPreExecute(@Nonnull
                               ProfileRequestContext profileRequestContext)

Overrides:: doPreExecute in class AbstractOIDCUserInfoValidationResponseAction

doExecute

protected void doExecute(@Nonnull
                         ProfileRequestContext profileRequestContext)

Overrides:: doExecute in class AbstractProfileAction

Class ValidateAccessToken

Field Summary

Constructor Summary

Method Summary

Methods inherited from class net.shibboleth.idp.plugin.oidc.op.userinfo.profile.impl.AbstractOIDCUserInfoValidationResponseAction

Methods inherited from class net.shibboleth.idp.plugin.oidc.op.userinfo.profile.impl.AbstractOIDCUserInfoRequestAction

Methods inherited from class net.shibboleth.idp.plugin.oidc.op.profile.impl.AbstractOIDCRequestAction

Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction

Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

Methods inherited from class java.lang.Object

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent

Field Detail

log

claimsValidatorLookupStrategy

claimsValidator

Constructor Detail

ValidateAccessToken

Method Detail

setClaimsValidatorLookupStrategy

doPreExecute

doExecute