private void setAtHashAndNonce(IdToken idToken, ServerAccessToken st) {
if (idToken.getAccessTokenHash() == null) {
Properties props = JwsUtils.loadSignatureOutProperties(false);
SignatureAlgorithm sigAlgo = null;
if (super.isSignWithClientSecret()) {
sigAlgo = OAuthUtils.getClientSecretSignatureAlgorithm(props);
} else {
sigAlgo = JwsUtils.getSignatureAlgorithm(props, SignatureAlgorithm.RS256);
}
if (sigAlgo != SignatureAlgorithm.NONE) {
String atHash = OidcUtils.calculateAccessTokenHash(st.getTokenKey(), sigAlgo);
idToken.setAccessTokenHash(atHash);
}
}
Message m = JAXRSUtils.getCurrentMessage();
if (m != null && m.getExchange().containsKey(OAuthConstants.NONCE)) {
idToken.setNonce((String) m.getExchange().get(OAuthConstants.NONCE));
} else if (st.getNonce() != null) {
idToken.setNonce(st.getNonce());
}
}
