/** * Add a generic payload claim. * * @param claim claim to add * @param value value of the payload claim * @return updated builder instance */ public Builder addPayloadClaim(String claim, Object value) { addClaim(payloadClaims, claim, value); return this; }
/** * New instance with default values (allowed time skew 5 seconds, optional). * * @return expiration time validator with defaults */ public static ExpirationValidator create() { return new ExpirationValidator(); }
/** * New instance with default values (allowed time skew 5 seconds, optional). * * @return not before time validator with defaults */ public static NotBeforeValidator create() { return new NotBeforeValidator(); }
/** * Extract a key value from json object that is base64-url encoded and convert it to big integer. * * @param json JsonObject to read key from * @param key key of the value we want to read * @param description description of the field for error handling * @return BigInteger value * @throws JwtException in case the key is not present or is of invalid content */ public static BigInteger asBigInteger(JsonObject json, String key, String description) throws JwtException { return getBigInteger(json, key, description) .orElseThrow(() -> new JwtException("Key \"" + key + "\" is mandatory for " + description)); }
/** * Extract a key value from json object that is string. * * @param json JsonObject to read key from * @param key key of the value we want to read * @param description description of the field for error handling * @return String value * @throws JwtException in case the key is not present or is of invalid content */ public static String asString(JsonObject json, String key, String description) throws JwtException { return getString(json, key) .orElseThrow(() -> new JwtException("Key \"" + key + "\" is mandatory for " + description)); }
/** * Extract a key value from json object that is a base64-url encoded byte array. * * @param json JsonObject to read key from * @param key key of the value we want to read * @param description description of the field for error handling * @return byte array value * @throws JwtException in case the key is not present, is of invalid content or not base64 encoded */ public static byte[] asByteArray(JsonObject json, String key, String description) throws JwtException { return getByteArray(json, key, description) .orElseThrow(() -> new JwtException("Key \"" + key + "\" is mandatory for " + description)); }
/** * Verify signature against the provided keys (the kid of this * JWT should be present in the {@link JwkKeys} provided). * * @param keys JwkKeys to obtain a key to verify signature * @return Errors with collected messages, see {@link Errors#isValid()} and {@link Errors#checkValid()} */ public Errors verifySignature(JwkKeys keys) { return verifySignature(keys, null); }
/** * Return a list of validators to validate expiration time, issue time and not-before time. * * By default the time skew allowed is 5 seconds and all fields are optional. * * @return list of validators */ public static List<Validator<Jwt>> defaultTimeValidators() { List<Validator<Jwt>> validators = new LinkedList<>(); validators.add(new ExpirationValidator()); validators.add(new IssueTimeValidator()); validators.add(new NotBeforeValidator()); return validators; }
/** * Return a Jwt instance from this signed JWT. * * @return Jwt instance * @throws RuntimeException in case one of the fields has invalid content (e.g. timestamp is invalid) */ public Jwt getJwt() { return new Jwt(headerJson, payloadJson); }
/** * New instance with default values (allowed time skew 5 seconds, optional). * * @return issue time validator with defaults */ public static IssueTimeValidator create() { return new IssueTimeValidator(); }
/** * Get a builder to create a JWT. * * @return new builder */ public static Builder builder() { return new Builder(); }
/** * Create an address object from json representation. * * @param jsonObject object with expected keys */ public Address(JsonObject jsonObject) { this.formatted = getString(jsonObject, "formatted"); this.streetAddress = getString(jsonObject, "street_address"); this.locality = getString(jsonObject, "locality"); this.region = getString(jsonObject, "region"); this.postalCode = getString(jsonObject, "postal_code"); this.country = getString(jsonObject, "country"); }
/** * A generic optional field validator based on a function to get the field. * * @param fieldAccessor function to extract field from JWT * @param name descriptive name of the field * @param expectedValue value to expect * @return validator instance */ public static FieldValidator create(Function<Jwt, Optional<String>> fieldAccessor, String name, String expectedValue) { return create(fieldAccessor, name, expectedValue, false); }
/** * An optional header field validator. * * @param fieldKey name of the header claim * @param name descriptive name of the field * @param expectedValue value to expect * @return validator instance */ public static FieldValidator createForHeader(String fieldKey, String name, String expectedValue) { return createForHeader(fieldKey, name, expectedValue, false); }
/** * An optional payload field validator. * * @param fieldKey name of the payload claim * @param name descriptive name of the field * @param expectedValue value to expect * @return validator instance */ public static FieldValidator createForPayload(String fieldKey, String name, String expectedValue) { return createForPayload(fieldKey, name, expectedValue, false); }
/** * A generic field validator based on a function to get the field. * * @param fieldAccessor function to extract field from JWT * @param name descriptive name of the field * @param expectedValue value to expect * @param mandatory true for mandatory, false for optional * @return validator instance */ public static FieldValidator create(Function<Jwt, Optional<String>> fieldAccessor, String name, String expectedValue, boolean mandatory) { return new FieldValidator(fieldAccessor, name, expectedValue, mandatory); }
/** * Add a generic header claim. * * @param claim claim to add * @param value value of the header claim * @return updated builder instance */ public Builder addHeaderClaim(String claim, Object value) { addClaim(headerClaims, claim, value); return this; }
/** * New instance with explicit values. * * @param now time to validate against (to be able to validate past tokens) * @param allowedTimeSkew allowed time skew amount (such as 5) * @param allowedTimeSkewUnit allowed time skew unit (such as {@link ChronoUnit#SECONDS} * @param mandatory true for mandatory, false for optional * @return expiration time validator */ public static ExpirationValidator create(Instant now, int allowedTimeSkew, TemporalUnit allowedTimeSkewUnit, boolean mandatory) { return new ExpirationValidator(now, allowedTimeSkew, allowedTimeSkewUnit, mandatory); }
/** * Build and instance of the {@link Jwt}. * * @return a new token instance */ @Override public Jwt build() { return new Jwt(this); }
/** * New instance with explicit values. * * @param now time to validate against (to be able to validate past tokens) * @param allowedTimeSkew allowed time skew amount (such as 5) * @param allowedTimeSkewUnit allowed time skew unit (such as {@link ChronoUnit#SECONDS} * @param mandatory true for mandatory, false for optional * @return configured issue time validator */ public static IssueTimeValidator create(Instant now, int allowedTimeSkew, TemporalUnit allowedTimeSkewUnit, boolean mandatory) { return new IssueTimeValidator(now, allowedTimeSkew, allowedTimeSkewUnit, mandatory); }