public interface JWTAuthority extends JWTConsumer
JWTAuthority is the core component of spring security JWT extension. It
is responsible for create, validate, renew tokens and handle authentication
requests.| Modifier and Type | Method and Description |
|---|---|
JWTContext |
authenticateLoginRequest(Credentials credentials,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Authenticate login request if the provided credentials are valid.
The created JWTAuthentication object (which is also the part of
JWTContext) is implicitly attached into SecurityContextHolder to
inform spring security about the authenticated user. |
JWTContext |
create(String principal,
Parameters parameters)
Create a fully fledged
JWTContext for given principal. |
JWTContext |
createAndAttach(String principal,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
Parameters parameters)
Create a fully fledged
JWTContext for given principal and attach
it into given HTTP Response. |
JWTContext |
renew(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Authenticate HTTP request if the request contains JWT and renew it if renewable.
|
JWTContext |
renew(TokenContainer tokenContainer,
Parameters parameters)
Renew tokens given in the
TokenContainer object. |
authenticateJWTRequest, validateJWTContext authenticateLoginRequest(Credentials credentials, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
JWTAuthentication object (which is also the part of
JWTContext) is implicitly attached into SecurityContextHolder to
inform spring security about the authenticated user.credentials - Credentials instance which contains principal (unique
user identifier like user name, user id, email address etc.)
and password.request - HTTP requestresponse - HTTP responseJWTContext object.JWTContext createAndAttach(String principal, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, Parameters parameters)
JWTContext for given principal and attach
it into given HTTP Response. JWTAuthentication object (which is also the part of
JWTContext) is implicitly attached into SecurityContextHolder to
inform spring security about the authenticated user.principal - Unique user identifier. This can be the user name or user id
according to underlying implementation.request - HTTP request (may be used to read clients preferences for
token handling)response - HTTP responseparameters - Additional parameters to customize processing of the request.
Possible parameters and their effects may differ depending on
specific implementation. The parameters may be empty or null.JWTContext object.JWTContext create(String principal, Parameters parameters)
JWTContext for given principal.principal - Unique user identifier. This can be the user name or user id
according to underlying implementation.parameters - Additional parameters to customize processing of the request.
Possible parameters and their effects may differ depending on
specific implementation. The parameters may be empty or null.JWTContext object.JWTContext renew(TokenContainer tokenContainer, Parameters parameters)
TokenContainer object.tokenContainer - TokenContainer instance which contains JWT and XSRF
tokens.parameters - Additional parameters to customize processing of the request.
Possible parameters and their effects may differ depending on
specific implementation. The parameters may be empty or null.JWTContext object.JWTContext renew(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
JWTAuthentication object (which is also the part of JWTContext) is implicitly
attached into SecurityContextHolder to inform spring security about the authenticated user.request - HTTP request (may be used to read clients preferences for token handling)response - HTTP responseJWTContext object.Copyright © 2017 S&C Software. All rights reserved.