Package io.jans.as.model.jwt

Class JwtStateClaimName

java.lang.Object
io.jans.as.model.jwt.JwtStateClaimName
public class JwtStateClaimName extends Object
Version:
May 3, 2017
Author:
Javier Rojas Blum

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final String
    ADDITIONAL_CLAIMS
    Additional claims
    static final String
    AS
    public static final String identifying the authorization server that this request was sent to.
    static final String
    AT_HASH
    Access Token hash value.
    static final String
    AUD
    public static final String identifying the client that this state value is intended for.
    static final String
    C_HASH
    Code hash value.
    static final String
    EXP
    The expiration time claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing.
    static final String
    IAT
    Timestamp of when this Authorization Request was issued.
    static final String
    ISS
    public static final String identifying the party that issued this state value.
    static final String
    JTI
    The "jti" (JWT ID) claim provides a unique identifier for the JWT.
    static final String
    KID
    Identifier of the key used to sign this state token at the issuer.
    static final String
    RFP
    public static final String containing a verifiable identifier for the browser session, that cannot be guessed by a third party.
    static final String
    TARGET_LINK_URI
    URI containing the location the user agent is to be redirected to after authorization.

  • Method Summary

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

    • RFP

      public static final String RFP
      public static final String containing a verifiable identifier for the browser session, that cannot be guessed by a third party. The verification of this element by the client protects it from accepting authorization responses generated in response to forged requests generated by third parties.
      See Also:

    • KID

      public static final String KID
      Identifier of the key used to sign this state token at the issuer. Identifier of the key used to encrypt this JWT state token at the issuer.
      See Also:

    • IAT

      public static final String IAT
      Timestamp of when this Authorization Request was issued.
      See Also:

    • EXP

      public static final String EXP
      The expiration time claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing. The processing of the "exp" claim requires that the current date/time MUST be before the expiration date/time listed in the "exp" claim. Implementers MAY provide for some small leeway, usually no more than a few minutes, to account for clock skew. Its value MUST be a number containing an IntDate value.
      See Also:

    • ISS

      public static final String ISS
      public static final String identifying the party that issued this state value.
      See Also:

    • AUD

      public static final String AUD
      public static final String identifying the client that this state value is intended for.
      See Also:

    • AS

      public static final String AS
      public static final String identifying the authorization server that this request was sent to.
      See Also:

    • JTI

      public static final String JTI
      The "jti" (JWT ID) claim provides a unique identifier for the JWT. The identifier value MUST be assigned in a manner that ensures that there is a negligible probability that the same value will be accidentally assigned to a different data object. The "jti" claim can be used to prevent the JWT from being replayed. The "jti" value is a case-sensitive string.
      See Also:

    • AT_HASH

      public static final String AT_HASH
      Access Token hash value. Its value is the base64url encoding of the left-most half of the hash of the octets of the ASCII representation of the "access_token" value, where the hash algorithm used is the hash algorithm used in the "alg" parameter of the State Token's JWS header. For instance, if the "alg" is "RS256", hash the "access_token" value with SHA-256, then take the left-most 128 bits and base64url encode them. The "at_hash" value is a case sensitive string. This is REQUIRED if the JWT [RFC7519] state token is being produced by the AS and issued with a "access_token" in the authorization response.
      See Also:

    • C_HASH

      public static final String C_HASH
      Code hash value. Its value is the base64url encoding of the left-most half of the hash of the octets of the ASCII representation of the "code" value, where the hash algorithm used is the hash algorithm used in the "alg" header parameter of the State Token's JWS [RFC7515] header. For instance, if the "alg" is "HS512", hash the "code" value with SHA-512, then take the left-most 256 bits and base64url encode them. The "c_hash" value is a case sensitive string. This is REQUIRED if the JWT [RFC7519] state token is being produced by the AS and issued with a "code" in the authorization response.
      See Also:

    • ADDITIONAL_CLAIMS

      public static final String ADDITIONAL_CLAIMS
      Additional claims
      See Also: