public class JwtAuthenticator extends InitializableWebObject implements TokenAuthenticator
AuthenticatorProfileCreator
.Modifier and Type | Field and Description |
---|---|
protected org.slf4j.Logger |
logger |
Constructor and Description |
---|
JwtAuthenticator() |
JwtAuthenticator(String signingSecret) |
JwtAuthenticator(String signingSecret,
String encryptionSecret)
Initializes the authenticator that will validate JWT tokens.
|
JwtAuthenticator(String publicKeyPEM,
String algorithm,
String encryptionSecret) |
Modifier and Type | Method and Description |
---|---|
String |
getEncryptionSecret() |
Key |
getKey() |
String |
getSigningSecret() |
protected void |
internalInit(WebContext context)
Internal initialization of the object.
|
void |
setEncryptionSecret(String encryptionSecret) |
void |
setKey(Key key) |
void |
setSigningPem(String publicKeyPEM,
String algorithm) |
void |
setSigningSecret(String signingSecret) |
void |
validate(TokenCredentials credentials,
WebContext context)
Validate the credentials.
|
CommonProfile |
validateToken(String token)
Validates the token and returns the corresponding user profile.
|
init, reinit
public JwtAuthenticator()
public JwtAuthenticator(String signingSecret)
public JwtAuthenticator(String signingSecret, String encryptionSecret)
signingSecret
- The signingSecret. Must be at least 256 bits long and not null
encryptionSecret
- The encryptionSecret. Must be at least 256 bits long and not null
for encrypted JWTpublic JwtAuthenticator(String publicKeyPEM, String algorithm, String encryptionSecret) throws NoSuchAlgorithmException, InvalidKeySpecException
InvalidKeySpecException
NoSuchAlgorithmException
protected void internalInit(WebContext context)
InitializableWebObject
internalInit
in class InitializableWebObject
context
- the web contextpublic CommonProfile validateToken(String token)
token
- the JWTpublic void validate(TokenCredentials credentials, WebContext context) throws HttpAction
Authenticator
CredentialsException
in case of failure.validate
in interface Authenticator<TokenCredentials>
validate
in interface TokenAuthenticator
credentials
- the given credentialscontext
- the web contextHttpAction
- requires a specific HTTP action if necessarypublic String getSigningSecret()
public void setSigningSecret(String signingSecret)
public void setSigningPem(String publicKeyPEM, String algorithm) throws NoSuchAlgorithmException, InvalidKeySpecException
NoSuchAlgorithmException
InvalidKeySpecException
public String getEncryptionSecret()
public void setEncryptionSecret(String encryptionSecret)
public Key getKey()
public void setKey(Key key)
Copyright © 2016. All rights reserved.