| AuthServiceJwtFormatter | Provides functionality to format and sign JSON Web Tokens (JWTs) specifically for use within the authentication service. This class processes tokens issued by the authentication service itself, including access tokens, refresh tokens and Registration Access Tokens generated during client registration via the dynamic registration API. It leverages signing and optional encryption to generate JWTs that authenticate and authorize internal service operations. |
| ClientJwtEncryption | The encryption policy a caller hands to ClientJwtFormatter when formatting a client-addressed JWT. It makes explicit which registered client metadata governs encryption, so the formatter no longer has to infer it from the token type. Each client-JWT class (UserInfo, ID token, JARM authorization response, introspection) supplies its own policy via the static factories below. |
| ClientJwtFormatter | Provides functionality to format JSON Web Tokens (JWTs) issued to clients by the authentication service. This class handles the signing of JWTs and, if configured, their encryption, based on the needs of each client. |