JsonWebToken

@Serializable
data class JsonWebToken(val issuer: String? = null, val subject: String? = null, val audience: String? = null, val nonce: String? = null, val notBefore: Instant? = null, val issuedAt: Instant? = null, val expiration: Instant? = null, val jwtId: String? = null, val confirmationClaim: ConfirmationClaim? = null, val httpMethod: String? = null, val httpTargetUrl: String? = null, val accessTokenHash: String? = null, val authenticationLevel: String? = null)(source)

Content of a JWT (JsonWebToken), with many optional keys, since no claim is strongly required.

See RFC 7519

Constructors

Link copied to clipboard
constructor(issuer: String? = null, subject: String? = null, audience: String? = null, nonce: String? = null, notBefore: Instant? = null, issuedAt: Instant? = null, expiration: Instant? = null, jwtId: String? = null, confirmationClaim: ConfirmationClaim? = null, httpMethod: String? = null, httpTargetUrl: String? = null, accessTokenHash: String? = null, authenticationLevel: String? = null)

Types

Link copied to clipboard
object Companion

Properties

Link copied to clipboard
@SerialName(value = "ath")
val accessTokenHash: String? = null

RFC 9449: Hash of the access token. The value MUST be the result of a base64url encoding (as defined in Section 2 of RFC7515 the SHA-256 hash of the ASCII encoding of the associated access token's value.

Link copied to clipboard
@SerialName(value = "aud")
val audience: String? = null
Link copied to clipboard
@SerialName(value = "aal")
val authenticationLevel: String? = null

OID4VC HAIP: String asserting the authentication level of the Wallet and the key as asserted in the cnf claim.

Link copied to clipboard
@SerialName(value = "cnf")
val confirmationClaim: ConfirmationClaim? = null

OID4VP: This claim contains the confirmation method as defined in RFC7800. It MUST contain a JWK as defined in Section 3.2 of RFC7800. This claim determines the public key for which the corresponding private key the Verifier MUST proof possession of when presenting the Verifier Attestation JWT. This additional security measure allows the Verifier to obtain a Verifier Attestation JWT from a trusted issuer and use it for a long time independent of that issuer without the risk of an adversary impersonating the Verifier by replaying a captured attestation.

Link copied to clipboard
@SerialName(value = "exp")
@Serializable(with = InstantLongSerializer::class)
val expiration: Instant? = null
Link copied to clipboard
@SerialName(value = "htm")
val httpMethod: String? = null

RFC 9449: The value of the HTTP method (Section 9.1 of RFC9110) of the request to which the JWT is attached.

Link copied to clipboard
@SerialName(value = "htu")
val httpTargetUrl: String? = null

RFC 9449: The HTTP target URI (Section 7.1 of RFC9110) of the request to which the JWT is attached, without query and fragment parts.

Link copied to clipboard
@SerialName(value = "iat")
@Serializable(with = InstantLongSerializer::class)
val issuedAt: Instant? = null
Link copied to clipboard
@SerialName(value = "iss")
val issuer: String? = null
Link copied to clipboard
@SerialName(value = "jti")
val jwtId: String? = null
Link copied to clipboard
@SerialName(value = "nonce")
val nonce: String? = null
Link copied to clipboard
@SerialName(value = "nbf")
@Serializable(with = InstantLongSerializer::class)
val notBefore: Instant? = null
Link copied to clipboard
@SerialName(value = "sub")
val subject: String? = null

Functions

Link copied to clipboard
open operator override fun equals(other: Any?): Boolean
Link copied to clipboard
open override fun hashCode(): Int
Link copied to clipboard