/** * Return a list of validators to validate expiration time, issue time and not-before time. * * @param now Time that acts as the "now" instant (this allows us to validate if a token was valid at an instant in * the past * @param timeSkewAmount time skew allowed when validating (amount - such as 5) * @param timeSkewUnit time skew allowed when validating (unit - such as {@link ChronoUnit#SECONDS}) * @param mandatory whether the field is mandatory. True for mandatory, false for optional (for all default time * validators) * @return list of validators */ public static List<Validator<Jwt>> defaultTimeValidators(Instant now, int timeSkewAmount, ChronoUnit timeSkewUnit, boolean mandatory) { List<Validator<Jwt>> validators = new LinkedList<>(); validators.add(new ExpirationValidator(now, timeSkewAmount, timeSkewUnit, mandatory)); validators.add(new IssueTimeValidator(now, timeSkewAmount, timeSkewUnit, mandatory)); validators.add(new NotBeforeValidator(now, timeSkewAmount, timeSkewUnit, mandatory)); return validators; }
@Override public void validate(Jwt token, Errors.Collector collector) { token.issueTime().ifPresent(it -> { // must be issued in the past if (latest().isBefore(it)) { collector.fatal(token, "Token was not issued in the past: " + it); } }); } }
/** * Return a list of validators to validate expiration time, issue time and not-before time. * * @param now Time that acts as the "now" instant (this allows us to validate if a token was valid at an instant in * the past * @param timeSkewAmount time skew allowed when validating (amount - such as 5) * @param timeSkewUnit time skew allowed when validating (unit - such as {@link ChronoUnit#SECONDS}) * @param mandatory whether the field is mandatory. True for mandatory, false for optional (for all default time * validators) * @return list of validators */ public static List<Validator<Jwt>> defaultTimeValidators(Instant now, int timeSkewAmount, ChronoUnit timeSkewUnit, boolean mandatory) { List<Validator<Jwt>> validators = new LinkedList<>(); validators.add(new ExpirationValidator(now, timeSkewAmount, timeSkewUnit, mandatory)); validators.add(new IssueTimeValidator(now, timeSkewAmount, timeSkewUnit, mandatory)); validators.add(new NotBeforeValidator(now, timeSkewAmount, timeSkewUnit, mandatory)); return validators; }
/** * New instance with explicit values. * * @param now time to validate against (to be able to validate past tokens) * @param allowedTimeSkew allowed time skew amount (such as 5) * @param allowedTimeSkewUnit allowed time skew unit (such as {@link ChronoUnit#SECONDS} * @param mandatory true for mandatory, false for optional * @return configured issue time validator */ public static IssueTimeValidator create(Instant now, int allowedTimeSkew, TemporalUnit allowedTimeSkewUnit, boolean mandatory) { return new IssueTimeValidator(now, allowedTimeSkew, allowedTimeSkewUnit, mandatory); }
/** * Return a list of validators to validate expiration time, issue time and not-before time. * * By default the time skew allowed is 5 seconds and all fields are optional. * * @return list of validators */ public static List<Validator<Jwt>> defaultTimeValidators() { List<Validator<Jwt>> validators = new LinkedList<>(); validators.add(new ExpirationValidator()); validators.add(new IssueTimeValidator()); validators.add(new NotBeforeValidator()); return validators; }
@Override public void validate(Jwt token, Errors.Collector collector) { token.issueTime().ifPresent(it -> { // must be issued in the past if (latest().isBefore(it)) { collector.fatal(token, "Token was not issued in the past: " + it); } }); } }
/** * New instance with default values (allowed time skew 5 seconds, optional). * * @return issue time validator with defaults */ public static IssueTimeValidator create() { return new IssueTimeValidator(); }
/** * New instance with explicit values. * * @param now time to validate against (to be able to validate past tokens) * @param allowedTimeSkew allowed time skew amount (such as 5) * @param allowedTimeSkewUnit allowed time skew unit (such as {@link ChronoUnit#SECONDS} * @param mandatory true for mandatory, false for optional * @return configured issue time validator */ public static IssueTimeValidator create(Instant now, int allowedTimeSkew, TemporalUnit allowedTimeSkewUnit, boolean mandatory) { return new IssueTimeValidator(now, allowedTimeSkew, allowedTimeSkewUnit, mandatory); }
/** * Return a list of validators to validate expiration time, issue time and not-before time. * * By default the time skew allowed is 5 seconds and all fields are optional. * * @return list of validators */ public static List<Validator<Jwt>> defaultTimeValidators() { List<Validator<Jwt>> validators = new LinkedList<>(); validators.add(new ExpirationValidator()); validators.add(new IssueTimeValidator()); validators.add(new NotBeforeValidator()); return validators; }
/** * New instance with default values (allowed time skew 5 seconds, optional). * * @return issue time validator with defaults */ public static IssueTimeValidator create() { return new IssueTimeValidator(); }