public class JwtValidatorImpl extends Object implements JwtValidator
JwtParser, the verification of its signature using
the provided KeyProvider and the validation of its claims using the
provided JwtClaimsValidator.| Constructor and Description |
|---|
JwtValidatorImpl(KeyProvider<PublicKey> publicKeyProvider,
JwtParser jwtParser,
JwtClaimsValidator claimValidator,
Set<String> resourceServerAudiences)
Create a new instance of
JwtValidatorImpl. |
JwtValidatorImpl(KeyProvider<PublicKey> publicKeyProvider,
JwtParser jwtParser,
JwtClaimsValidator claimValidator,
String resourceServerAudience)
Create a new instance of
JwtValidatorImpl. |
JwtValidatorImpl(KeyProvider<PublicKey> publicKeyProvider,
JwtParser jwtParser,
JwtClaimsValidator claimValidator,
Supplier<Set<String>> resourceServerAudiences)
Create a new instance of
JwtValidatorImpl. |
| Modifier and Type | Method and Description |
|---|---|
static JwtValidator |
createDefault(AuthenticationContext authenticationContext)
A factory method that returns an instance with a typical configuration.
|
static JwtValidator |
createDefault(Set<String> audiences,
String publicKeyRepoBaseUrl)
A factory method that returns an instance with a typical configuration.
|
static JwtValidator |
createDefault(String audience,
String publicKeyRepoBaseUrl)
A factory method that returns an instance with a typical configuration.
|
Optional<String> |
determineUnverifiedIssuer(String serializedJwt)
Extracts the issuer, if at all possible, from the claims section by parsing the given serialized JWT.
|
Jwt |
readAndValidate(String serializedJwt)
|
public JwtValidatorImpl(KeyProvider<PublicKey> publicKeyProvider, JwtParser jwtParser, JwtClaimsValidator claimValidator, Supplier<Set<String>> resourceServerAudiences)
JwtValidatorImpl.publicKeyProvider - the key provider to use for retrieving public keys for signature verificationjwtParser - the parser to use for parsing a serialized jwt stringclaimValidator - the validator to use for verifying the claims set contained in a JWTresourceServerAudiences - all JWT messages will need to have one of these audiences to be valid.
the supplier is called every time a JWT token is validatedpublic JwtValidatorImpl(KeyProvider<PublicKey> publicKeyProvider, JwtParser jwtParser, JwtClaimsValidator claimValidator, Set<String> resourceServerAudiences)
JwtValidatorImpl.publicKeyProvider - the key provider to use for retrieving public keys for signature verificationjwtParser - the parser to use for parsing a serialized jwt stringclaimValidator - the validator to use for verifying the claims set contained in a JWTresourceServerAudiences - all JWT messages will need to have one of these audiences to be validpublic JwtValidatorImpl(KeyProvider<PublicKey> publicKeyProvider, JwtParser jwtParser, JwtClaimsValidator claimValidator, String resourceServerAudience)
JwtValidatorImpl.publicKeyProvider - the key provider to use for retrieving public keys for signature verificationjwtParser - the parser to use for parsing a serialized jwt stringclaimValidator - the validator to use for verifying the claims set contained in a JWTresourceServerAudience - all JWT messages will need to have this audience to be validpublic final Jwt readAndValidate(String serializedJwt) throws InvalidTokenException, CannotRetrieveKeyException
JwtValidatorString, verifies its signature, validates its claims and on success
returns the decoded Jwt.readAndValidate in interface JwtValidatorserializedJwt - a JSON Web TokenJwtInvalidTokenException - if the JWT string was malformed (see subclasses)CannotRetrieveKeyException - if the public key to verify the signature of the JWT can't be retrievedpublic final Optional<String> determineUnverifiedIssuer(String serializedJwt)
JwtValidatordetermineUnverifiedIssuer in interface JwtValidatorserializedJwt - a JSON Web Tokenpublic static JwtValidator createDefault(AuthenticationContext authenticationContext)
authenticationContext - context of the authenticationpublic static JwtValidator createDefault(String audience, String publicKeyRepoBaseUrl)
audience - the audience this filter will accept requests forpublicKeyRepoBaseUrl - the base URL of the public key repositorypublic static JwtValidator createDefault(Set<String> audiences, String publicKeyRepoBaseUrl)
audiences - the audiences this filter will accept requests forpublicKeyRepoBaseUrl - the base URL of the public key repositoryCopyright © 2017 Atlassian. All rights reserved.