public interface JWTConsumer
JWTConsumer is the core component of spring security JWT extension. It is responsible for validate
tokens and handle authentication requests.| Modifier and Type | Method and Description |
|---|---|
JWTContext |
authenticateJWTRequest(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Authenticate HTTP request if the request contains JWT and related tokens are valid.
The created JWTAuthentication object (which is also the part of JWTContext) is implicitly
attached into SecurityContextHolder to inform spring security about the authenticated user. |
JWTContext |
validate(TokenContainer tokenContainer,
Parameters parameters)
Validate tokens given in a
TokenContainer instance. |
JWTContext authenticateJWTRequest(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
JWTAuthentication object (which is also the part of JWTContext) is implicitly
attached into SecurityContextHolder to inform spring security about the authenticated user.request - HTTP requestresponse - HTTP responseJWTContext object.JWTContext validate(TokenContainer tokenContainer, Parameters parameters) throws InvalidTokenException, ExpiredTokenException
TokenContainer instance. Validation procedure checks both JWT integrity and
also XSRF (a.k.a CSRF) token validity.tokenContainer - TokenContainer instance which contains JWT and XSRF tokens.parameters - Additional parameters to customize processing of the request. Possible parameters and their effects
may differ depending on specific implementation. The parameters may be empty or null.JWTContext object.InvalidTokenException - if the token is not valid or its integrity is not ensured.ExpiredTokenException - if the token is expired.Copyright © 2017 S&C Software. All rights reserved.