Package org.jenkinsci.plugins.oic

Class OicJsonWebTokenVerifier

  • public class OicJsonWebTokenVerifier
extends com.google.api.client.auth.openidconnect.IdTokenVerifier
    Extend IdTokenVerifier to verify UserInfo webtoken

    • Nested Class Summary

      • Nested classes/interfaces inherited from class com.google.api.client.auth.openidconnect.IdTokenVerifier

        com.google.api.client.auth.openidconnect.IdTokenVerifier.Builder

    • Field Summary

      • Fields inherited from class com.google.api.client.auth.openidconnect.IdTokenVerifier

        DEFAULT_TIME_SKEW_SECONDS

    • Constructor Detail

      • OicJsonWebTokenVerifier

        public OicJsonWebTokenVerifier()
        Default verifier

      • OicJsonWebTokenVerifier

        public OicJsonWebTokenVerifier​(String jwksServerUrl,
                               com.google.api.client.auth.openidconnect.IdTokenVerifier.Builder builder)
        Verifier with custom builder

    • Method Detail

      • isJwksServerUrlAvailable

        public boolean isJwksServerUrlAvailable()
        JWKS verfication enabled - for tests only

      • verifyIdToken

        public boolean verifyIdToken​(com.google.api.client.auth.openidconnect.IdToken idToken)
                      throws IOException
        Verify real idtoken
        Throws:
        IOException

      • verifyUserInfo

        public boolean verifyUserInfo​(com.google.api.client.json.webtoken.JsonWebSignature userinfo)
                       throws IOException
        Verify userinfo jwt token
        Throws:
        IOException

      • verifyPayload

        protected boolean verifyPayload​(com.google.api.client.auth.openidconnect.IdToken idToken)
        hack: verify payload only if idtoken is not userinfo
        Overrides:
        verifyPayload in class com.google.api.client.auth.openidconnect.IdTokenVerifier