Source code

001/*
002 * oauth2-oidc-sdk
003 *
004 * Copyright 2012-2021, Connect2id Ltd and contributors.
005 *
006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use
007 * this file except in compliance with the License. You may obtain a copy of the
008 * License at
009 *
010 *    http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software distributed
013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the
015 * specific language governing permissions and limitations under the License.
016 */
017
018package com.nimbusds.oauth2.sdk.dpop.verifiers;
019
020
021import com.nimbusds.jose.proc.SecurityContext;
022import com.nimbusds.jose.util.Base64URL;
023import com.nimbusds.jwt.JWTClaimsSet;
024
025import java.util.Objects;
026
027
028/**
029 * DPoP proof JWT verification context.
030 */
031public class DPoPProofContext implements SecurityContext {
032        
033        
034        /**
035         * The DPoP issuer.
036         */
037        private final DPoPIssuer issuer;
038
039
040        /**
041         * The JWT claims set, {@code null} if not available.
042         */
043        private JWTClaimsSet claimsSet;
044        
045        
046        /**
047         * The "ath" (access token hash) claim, {@code null} if not applicable.
048         */
049        private Base64URL ath;
050        
051        
052        /**
053         * Creates a new DPoP proof JWT verification context.
054         *
055         * @param issuer The DPoP proof issuer. Must not be {@code null}.
056         */
057        public DPoPProofContext(final DPoPIssuer issuer) {
058                this.issuer = Objects.requireNonNull(issuer);
059        }
060        
061        
062        /**
063         * Returns the DPoP proof issuer.
064         *
065         * @return The DPoP proof issuer.
066         */
067        public DPoPIssuer getIssuer() {
068                return issuer;
069        }
070        
071        
072        /**
073         * Sets the "ath" (access token hash) claim.
074         *
075         * @param ath The "ath" claim, {@code null} if not applicable.
076         */
077        public void setAccessTokenHash(final Base64URL ath) {
078                this.ath = ath;
079        }
080        
081        
082        /**
083         * Gets the "ath" (access token hash) claim.
084         *
085         * @return The "ath" claim, {@code null} if not applicable.
086         */
087        public Base64URL getAccessTokenHash() {
088                return ath;
089        }
090
091
092        /**
093         * Sets the DPoP proof JWT claims set.
094         *
095         * @param claimsSet The claims set, {@code null} if not available.
096         */
097        public void setJWTClaimsSet(final JWTClaimsSet claimsSet) {
098                this.claimsSet = claimsSet;
099        }
100
101
102        /**
103         * Gets the DPoP proof JWT claims set.
104         *
105         * @return The claims set, {@code null} if not available.
106         */
107        public JWTClaimsSet getJWTClaimsSet() {
108                return claimsSet;
109        }
110}