com.atlassian.asap.core.parser

Interface JwtParser

All Known Implementing Classes:

NimbusJwtParser

public interface JwtParser

Parses a JWT token without verifying its signature or checking the validity of its claims.

Method Summary

Modifier and Type	Method and Description
Optional<String>	determineUnverifiedIssuer(String serializedJwt) Extracts the issuer, if at all possible, from the claims section of the given serialized JWT.
VerifiableJwt	parse(String serializedJwt) Parses the encoded JWT message from String, and returns a verifiable JWT object without verifying its signature or validating its claims.

Method Detail

parse

VerifiableJwt parse(String serializedJwt)
             throws JwtParseException,
                    UnsupportedAlgorithmException

Parses the encoded JWT message from String, and returns a verifiable JWT object without verifying its signature or validating its claims. All the required headers and claims must be present.

Parameters:

serializedJwt - a JSON Web Token

Returns:

a VerifiableJwt that has all the required claims and headers

Throws:

JwtParseException - if the JWT string was malformed (see subclasses)

UnsupportedAlgorithmException - if the signature algorithm is not recognised

determineUnverifiedIssuer

Optional<String> determineUnverifiedIssuer(String serializedJwt)

Extracts the issuer, if at all possible, from the claims section of the given serialized JWT. This will NOT validate anything in the JWT, and is only intended to be used to assist in returning useful authentication failure messages to clients, not for real issuer validation.

Parameters:

serializedJwt - a JSON Web Token

Returns:

the issuer claim from that JWT, or else empty if none could be parsed or found