aud - the Audience claim identifies the recipient(s) that the JWT is intended forJwt Validator that contains all standard validators.Jwt Validator that contains all standard validators when an issuer is known.Jwt.Jwt.exp - the Expiration time claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processingJwtDecoder using the provided
Issuer by making an
OpenID Provider
Configuration Request and using the values in the
OpenID
Provider Configuration Response to initialize the JwtDecoder.ReactiveJwtDecoder using the provided
Issuer by making an
OpenID Provider
Configuration Request and using the values in the
OpenID
Provider Configuration Response to initialize the ReactiveJwtDecoder.(aud) claim which identifies the recipient(s)
that the JWT is intended for.OAuth2Errors associated with this exception(exp) claim which identifies the expiration time
on or after which the JWT MUST NOT be accepted for processing.(jti) claim which provides a unique identifier for the JWT.(iat) claim which identifies the time at which the JWT was issued.(iss) claim which identifies the principal that issued the JWT.(nbf) claim which identifies the time
before which the JWT MUST NOT be accepted for processing.(sub) claim which identifies the principal
that is the subject of the JWT.iat - The Issued at claim identifies the time at which the JWT was issuediss - the Issuer claim identifies the principal that issued the JWTjti - The JWT ID claim provides a unique identifier for the JWTAbstractOAuth2Token representing a JSON Web Token (JWT).Jwt using the provided parameters.ClaimAccessor for the "claims" that may be contained
in the JSON object JWT Claims Set of a JSON Web Token (JWT).Jwt.JwtDecoder from an
OpenID Provider Configuration.JwtException using the provided parameters.JwtException using the provided parameters.Jwt, that is matches a configured valueJwtIssuerValidator using the provided parametersOAuth2TokenValidator for verifying claims in a Jwt-based access tokenOAuth2TokenValidatorResultJwtValidationException using the provided parameters
While each OAuth2Error does contain an error description, this constructor
can take an overarching description that encapsulates the composition of failures
That said, it is appropriate to pass one of the messages from the error list in as
the exception description, for example:OAuth2TokenValidator<Jwt>MappedJwtClaimSetConverter with the provided arguments
This will completely replace any set of default converters.nbf - the Not Before claim identifies the time before which the JWT MUST NOT be accepted for processingJwtDecoder that "decodes" a
JSON Web Token (JWT) and additionally verifies it's digital signature if the JWT is a
JSON Web Signature (JWS).NimbusJwtDecoderJwkSupport using the provided parameters.NimbusJwtDecoderJwkSupport using the provided parameters.ReactiveJwtDecoder that "decodes" a
JSON Web Token (JWT) and additionally verifies it's digital signature if the JWT is a
JSON Web Signature (JWS).NimbusJwtDecoderJwkSupport using the provided parameters.Jwt.ReactiveJwtDecoder from an
OpenID Provider Configuration.Converter for manipulating the JWT's claim setClock with Instant.now() for assessing
timestamp validityJwt ValidatorOAuth2TokenValidator to validate incoming Jwts.RestOperations used when requesting the JSON Web Key (JWK) Set.sub - the Subject claim identifies the principal that is the subject of the JWTMappedJwtClaimSetConverter, overriding individual claim
converters with the provided Map of Converters.