/** * Creates a new and reusable instance of the JWTVerifier with the configuration already provided. * ONLY FOR TEST PURPOSES. * * @param clock the instance that will handle the current time. * @return a new JWTVerifier instance with a custom Clock. */ public JWTVerifier build(Clock clock) { addLeewayToDateClaims(); return new JWTVerifier(algorithm, claims, clock); }
/** * Add a specific Subject ("sub") claim to the Payload. * * @param subject the Subject value. * @return this same Builder instance. */ public Builder withSubject(String subject) { addClaim(PublicClaims.SUBJECT, subject); return this; }
/** * Perform the verification against the given Token, using any previous configured options. * * @param token to verify. * @return a verified and decoded JWT. * @throws AlgorithmMismatchException if the algorithm stated in the token's header it's not equal to the one defined in the {@link JWTVerifier}. * @throws SignatureVerificationException if the signature is invalid. * @throws TokenExpiredException if the token has expired. * @throws InvalidClaimException if a claim contained a different value than the expected one. */ @Override public DecodedJWT verify(String token) throws JWTVerificationException { DecodedJWT jwt = new JWTDecoder(parser, token); return verify(jwt); }
/** * Returns a Json Web Token builder used to create and sign tokens * * @return a token builder. */ public static JWTCreator.Builder create() { return JWTCreator.init(); } }
/** * Returns a {@link JWTVerifier} builder with the algorithm to be used to validate token signature. * * @param algorithm that will be used to verify the token's signature. * @return {@link JWTVerifier} builder * @throws IllegalArgumentException if the provided algorithm is null. */ public static Verification require(Algorithm algorithm) { return JWTVerifier.init(algorithm); }
/** * Require a specific Issuer ("iss") claim. * * @param issuer the required Issuer value * @return this same Verification instance. */ @Override public Verification withIssuer(String issuer) { requireClaim(PublicClaims.ISSUER, issuer); return this; }
/** * Decode a given Json Web Token. * <p> * Note that this method <b>doesn't verify the token's signature!</b> Use it only if you trust the token or you already verified it. * * @param token with jwt format as string. * @return a decoded JWT. * @throws JWTDecodeException if any part of the token contained an invalid jwt or JSON format of each of the jwt parts. */ public DecodedJWT decodeJwt(String token) throws JWTDecodeException { return new JWTDecoder(parser, token); }
/** * Initialize a JWTVerifier instance using the given Algorithm. * * @param algorithm the Algorithm to use on the JWT verification. * @return a JWTVerifier.Verification instance to configure. * @throws IllegalArgumentException if the provided algorithm is null. */ static Verification init(Algorithm algorithm) throws IllegalArgumentException { return new BaseVerification(algorithm); }
/** * Initialize a JWTCreator instance. * * @return a JWTCreator.Builder instance to configure. */ static JWTCreator.Builder init() { return new Builder(); }
private JsonMatcher(String key, Object value, Matcher valueMatcher) { this.key = key; this.matcher = valueMatcher; if (value != null) { String stringValue = objectToString(value); entry = getStringKey(key) + stringValue; } else { entry = null; } }
/** * Add a specific Audience ("aud") claim to the Payload. * * @param audience the Audience value. * @return this same Builder instance. */ public Builder withAudience(String... audience) { addClaim(PublicClaims.AUDIENCE, audience); return this; }
/** * Require a specific Subject ("sub") claim. * * @param subject the required Subject value * @return this same Verification instance. */ @Override public Verification withSubject(String subject) { requireClaim(PublicClaims.SUBJECT, subject); return this; }
/** * Decode a given Json Web Token. * <p> * Note that this method <b>doesn't verify the token's signature!</b> Use it only if you trust the token or you already verified it. * * @param token with jwt format as string. * @return a decoded JWT. * @throws JWTDecodeException if any part of the token contained an invalid jwt or JSON format of each of the jwt parts. */ public static DecodedJWT decode(String token) throws JWTDecodeException { return new JWTDecoder(token); }
/** * Add a specific JWT Id ("jti") claim to the Payload. * * @param jwtId the Token Id value. * @return this same Builder instance. */ public Builder withJWTId(String jwtId) { addClaim(PublicClaims.JWT_ID, jwtId); return this; }
/** * Require a specific JWT Id ("jti") claim. * * @param jwtId the required Id value * @return this same Verification instance. */ @Override public Verification withJWTId(String jwtId) { requireClaim(PublicClaims.JWT_ID, jwtId); return this; }
/** * Add a specific Expires At ("exp") claim to the Payload. * * @param expiresAt the Expires At value. * @return this same Builder instance. */ public Builder withExpiresAt(Date expiresAt) { addClaim(PublicClaims.EXPIRES_AT, expiresAt); return this; }
/** * Add a specific Issued At ("iat") claim to the Payload. * * @param issuedAt the Issued At value. * @return this same Builder instance. */ public Builder withIssuedAt(Date issuedAt) { addClaim(PublicClaims.ISSUED_AT, issuedAt); return this; }
/** * Add a specific Issuer ("iss") claim to the Payload. * * @param issuer the Issuer value. * @return this same Builder instance. */ public Builder withIssuer(String issuer) { addClaim(PublicClaims.ISSUER, issuer); return this; }
/** * Add a specific Not Before ("nbf") claim to the Payload. * * @param notBefore the Not Before value. * @return this same Builder instance. */ public Builder withNotBefore(Date notBefore) { addClaim(PublicClaims.NOT_BEFORE, notBefore); return this; }