public class TokenVerifier<T extends JsonWebToken> extends Object
Modifier and Type | Class and Description |
---|---|
static interface |
TokenVerifier.Predicate<T extends JsonWebToken>
Functional interface of checks that verify some part of a JWT.
|
static class |
TokenVerifier.RealmUrlCheck |
static class |
TokenVerifier.TokenTypeCheck |
Modifier and Type | Field and Description |
---|---|
static TokenVerifier.Predicate<JsonWebToken> |
IS_ACTIVE
Check for token being neither expired nor used before it gets valid.
|
static TokenVerifier.Predicate<JsonWebToken> |
SUBJECT_EXISTS_CHECK |
Modifier | Constructor and Description |
---|---|
protected |
TokenVerifier(String tokenString,
Class<T> clazz) |
protected |
TokenVerifier(T token) |
Modifier and Type | Method and Description |
---|---|
static <T extends JsonWebToken> |
alternative(TokenVerifier.Predicate<? super T>... predicates)
Creates a predicate that will proceed with checks of the given predicates
and will pass if and only if at least one of the given predicates passes.
|
TokenVerifier<T> |
checkActive(boolean checkActive)
Deprecated.
This method is here only for backward compatibility with previous version of
TokenVerifier . |
TokenVerifier<T> |
checkRealmUrl(boolean checkRealmUrl)
Deprecated.
This method is here only for backward compatibility with previous version of
TokenVerifier . |
TokenVerifier<T> |
checkTokenType(boolean checkTokenType)
Deprecated.
This method is here only for backward compatibility with previous version of
TokenVerifier . |
static <T extends JsonWebToken> |
create(String tokenString,
Class<T> clazz)
Creates an instance of
TokenVerifier from the given string on a JWT of the given class. |
static <T extends JsonWebToken> |
createWithoutSignature(T token)
Creates an instance of
TokenVerifier for the given token. |
JWSHeader |
getHeader() |
T |
getToken() |
static <T extends JsonWebToken> |
optional(TokenVerifier.Predicate<T> mandatoryPredicate)
Creates an optional predicate from a predicate that will proceed with check but always pass.
|
TokenVerifier<T> |
parse() |
TokenVerifier<T> |
publicKey(PublicKey publicKey)
Sets the key for verification of RSA-based signature.
|
TokenVerifier<T> |
realmUrl(String realmUrl)
Deprecated.
This method is here only for backward compatibility with previous version of
TokenVerifier . |
TokenVerifier<T> |
secretKey(SecretKey secretKey)
Sets the key for verification of HMAC-based signature.
|
TokenVerifier<T> |
tokenType(String tokenType)
Deprecated.
This method is here only for backward compatibility with previous version of
TokenVerifier . |
TokenVerifier<T> |
verify() |
void |
verifySignature() |
TokenVerifier<T> |
withChecks(TokenVerifier.Predicate<? super T>... checks)
Will test the given checks in
verify() method in addition to already set checks. |
TokenVerifier<T> |
withDefaultChecks()
Adds default checks to the token verification:
Realm URL (JWT issuer field:
iss ) has to be defined and match realm set via realmUrl(java.lang.String) method
Subject (JWT subject field: sub ) has to be defined
Token type (JWT type field: typ ) has to be Bearer . |
public static final TokenVerifier.Predicate<JsonWebToken> SUBJECT_EXISTS_CHECK
public static final TokenVerifier.Predicate<JsonWebToken> IS_ACTIVE
JsonWebToken.isActive()
protected TokenVerifier(T token)
public static <T extends JsonWebToken> TokenVerifier<T> create(String tokenString, Class<T> clazz)
TokenVerifier
from the given string on a JWT of the given class.
The token verifier has no checks defined. Note that the checks are only tested when
verify()
method is invoked.T
- Type of the tokentokenString
- String representation of JWTclazz
- Class of the tokenpublic static <T extends JsonWebToken> TokenVerifier<T> createWithoutSignature(T token)
TokenVerifier
for the given token.
The token verifier has no checks defined. Note that the checks are only tested when
verify()
method is invoked.
NOTE: The returned token verifier cannot verify token signature since
that is not part of the JsonWebToken
object.
public TokenVerifier<T> withDefaultChecks()
iss
) has to be defined and match realm set via realmUrl(java.lang.String)
methodsub
) has to be definedtyp
) has to be Bearer
. The type can be set via tokenType(java.lang.String)
methodexp
and nbf
)public TokenVerifier<T> withChecks(TokenVerifier.Predicate<? super T>... checks)
verify()
method in addition to already set checks.checks
- public TokenVerifier<T> publicKey(PublicKey publicKey)
publicKey
- public TokenVerifier<T> secretKey(SecretKey secretKey)
secretKey
- public TokenVerifier<T> realmUrl(String realmUrl)
TokenVerifier
.public TokenVerifier<T> checkTokenType(boolean checkTokenType)
TokenVerifier
.public TokenVerifier<T> tokenType(String tokenType)
TokenVerifier
.public TokenVerifier<T> checkActive(boolean checkActive)
TokenVerifier
.public TokenVerifier<T> checkRealmUrl(boolean checkRealmUrl)
TokenVerifier
.public TokenVerifier<T> parse() throws VerificationException
VerificationException
public T getToken() throws VerificationException
VerificationException
public JWSHeader getHeader() throws VerificationException
VerificationException
public void verifySignature() throws VerificationException
VerificationException
public TokenVerifier<T> verify() throws VerificationException
VerificationException
public static <T extends JsonWebToken> TokenVerifier.Predicate<T> optional(TokenVerifier.Predicate<T> mandatoryPredicate)
T
- mandatoryPredicate
- public static <T extends JsonWebToken> TokenVerifier.Predicate<T> alternative(TokenVerifier.Predicate<? super T>... predicates)
T
- predicates
- Copyright © 2018 JBoss by Red Hat. All rights reserved.