View Javadoc

1   package com.atlassian.asap.core.validator;
2   
3   import com.atlassian.asap.api.Jwt;
4   import com.atlassian.asap.api.exception.CannotRetrieveKeyException;
5   import com.atlassian.asap.api.exception.InvalidTokenException;
6   
7   import java.util.Optional;
8   
9   /**
10   * Interface for parsing, verifying and validating a {@link Jwt} token.
11   */
12  public interface JwtValidator {
13      /**
14       * Parses the encoded JWT message from {@link String}, verifies its signature, validates its claims and on success
15       * returns the decoded {@link Jwt}.
16       *
17       * @param serializedJwt a JSON Web Token
18       * @return a signature verified and syntactically valid {@link Jwt}
19       * @throws InvalidTokenException      if the JWT string was malformed (see subclasses)
20       * @throws CannotRetrieveKeyException if the public key to verify the signature of the JWT can't be retrieved
21       */
22      Jwt readAndValidate(String serializedJwt)
23              throws InvalidTokenException, CannotRetrieveKeyException;
24  
25      /**
26       * Extracts the issuer, if at all possible, from the claims section by parsing the given serialized JWT.
27       * This will NOT validate anything in the JWT, and is only intended to be used to assist in returning useful
28       * authentication failure messages to clients, not for real issuer validation.
29       *
30       * @param serializedJwt a JSON Web Token
31       * @return the issuer claim from that JWT, or else empty if none could be parsed or found
32       */
33      Optional<String> determineUnverifiedIssuer(String serializedJwt);
34  }