A convenience class that parses an ID Token and extracts the claims but does not verify its signature. AppAuth only supports the OpenID Code flow, meaning ID Tokens received by AppAuth are sent from the token endpoint on a TLS protected channel, offering some assurances as to the origin of the token. You may wish to additionally verify the ID Token signature using a JWT signature verification library of your choosing.
More...
#import <OIDIDToken.h>
|
|
NSDictionary * | header |
| | The header JWT values.
|
| |
|
NSDictionary * | claims |
| | All ID Token claims.
|
| |
| NSURL * | issuer |
| | Issuer Identifier for the Issuer of the response. More...
|
| |
| NSString * | subject |
| | Subject Identifier. More...
|
| |
| NSArray * | audience |
| | Audience(s) that this ID Token is intended for. More...
|
| |
| NSDate * | expiresAt |
| | Expiration time on or after which the ID Token MUST NOT be accepted for processing. More...
|
| |
| NSDate * | issuedAt |
| | Time at which the JWT was issued. More...
|
| |
| NSString * | nonce |
| | String value used to associate a Client session with an ID Token, and to mitigate replay attacks. More...
|
| |
A convenience class that parses an ID Token and extracts the claims but does not verify its signature. AppAuth only supports the OpenID Code flow, meaning ID Tokens received by AppAuth are sent from the token endpoint on a TLS protected channel, offering some assurances as to the origin of the token. You may wish to additionally verify the ID Token signature using a JWT signature verification library of your choosing.
- See also
- http://openid.net/specs/openid-connect-core-1_0.html#IDToken
-
https://tools.ietf.org/html/rfc7519
-
https://jwt.io/
◆ initWithIDTokenString:()
| - (nullable instancetype) initWithIDTokenString: |
|
(NSString *) |
idToken |
|
Parses the given ID Token string.
- Parameters
-
| idToken | The ID Token spring. |
◆ audience
◆ expiresAt
◆ issuedAt
◆ issuer
◆ nonce
◆ subject
The documentation for this class was generated from the following file:
