Package io.jans.as.model.jwt

Class JwtStateClaimName

  • public class JwtStateClaimName
extends Object
    Version:
    May 3, 2017
    Author:
    Javier Rojas Blum

    • Field Summary

      Fields 
      Modifier and Type Field Description
      static String ADDITIONAL_CLAIMS
      Additional claims
      static String AS
      public static final String identifying the authorization server that this request was sent to.
      static String AT_HASH
      Access Token hash value.
      static String AUD
      public static final String identifying the client that this state value is intended for.
      static String C_HASH
      Code hash value.
      static String EXP
      The expiration time claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing.
      static String IAT
      Timestamp of when this Authorization Request was issued.
      static String ISS
      public static final String identifying the party that issued this state value.
      static String JTI
      The "jti" (JWT ID) claim provides a unique identifier for the JWT.
      static String KID
      Identifier of the key used to sign this state token at the issuer.
      static String RFP
      public static final String containing a verifiable identifier for the browser session, that cannot be guessed by a third party.
      static String TARGET_LINK_URI
      URI containing the location the user agent is to be redirected to after authorization.

    • Field Detail

      • RFP

        public static final String RFP
        public static final String containing a verifiable identifier for the browser session, that cannot be guessed by a third party. The verification of this element by the client protects it from accepting authorization responses generated in response to forged requests generated by third parties.
        See Also:
        Constant Field Values

      • KID

        public static final String KID
        Identifier of the key used to sign this state token at the issuer. Identifier of the key used to encrypt this JWT state token at the issuer.
        See Also:
        Constant Field Values

      • EXP

        public static final String EXP
        The expiration time claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing. The processing of the "exp" claim requires that the current date/time MUST be before the expiration date/time listed in the "exp" claim. Implementers MAY provide for some small leeway, usually no more than a few minutes, to account for clock skew. Its value MUST be a number containing an IntDate value.
        See Also:
        Constant Field Values

      • ISS

        public static final String ISS
        public static final String identifying the party that issued this state value.
        See Also:
        Constant Field Values

      • AUD

        public static final String AUD
        public static final String identifying the client that this state value is intended for.
        See Also:
        Constant Field Values

      • TARGET_LINK_URI

        public static final String TARGET_LINK_URI
        URI containing the location the user agent is to be redirected to after authorization.
        See Also:
        Constant Field Values

      • AS

        public static final String AS
        public static final String identifying the authorization server that this request was sent to.
        See Also:
        Constant Field Values

      • JTI

        public static final String JTI
        The "jti" (JWT ID) claim provides a unique identifier for the JWT. The identifier value MUST be assigned in a manner that ensures that there is a negligible probability that the same value will be accidentally assigned to a different data object. The "jti" claim can be used to prevent the JWT from being replayed. The "jti" value is a case-sensitive string.
        See Also:
        Constant Field Values

      • AT_HASH

        public static final String AT_HASH
        Access Token hash value. Its value is the base64url encoding of the left-most half of the hash of the octets of the ASCII representation of the "access_token" value, where the hash algorithm used is the hash algorithm used in the "alg" parameter of the State Token's JWS header. For instance, if the "alg" is "RS256", hash the "access_token" value with SHA-256, then take the left-most 128 bits and base64url encode them. The "at_hash" value is a case sensitive string. This is REQUIRED if the JWT [RFC7519] state token is being produced by the AS and issued with a "access_token" in the authorization response.
        See Also:
        Constant Field Values

      • C_HASH

        public static final String C_HASH
        Code hash value. Its value is the base64url encoding of the left-most half of the hash of the octets of the ASCII representation of the "code" value, where the hash algorithm used is the hash algorithm used in the "alg" header parameter of the State Token's JWS [RFC7515] header. For instance, if the "alg" is "HS512", hash the "code" value with SHA-512, then take the left-most 256 bits and base64url encode them. The "c_hash" value is a case sensitive string. This is REQUIRED if the JWT [RFC7519] state token is being produced by the AS and issued with a "code" in the authorization response.
        See Also:
        Constant Field Values