Package alpine.auth

Class JsonWebToken

  • public class JsonWebToken
extends Object
    Decouples the general usage of JSON Web Tokens with the actual implementation of a JWT library All JWT usages should only go through this class and hide the actual implementation details and to avoid improper or insecure use of JWTs.
    Since:
    1.0.0
    Author:
    Steve Springett

    • Constructor Detail

      • JsonWebToken

        public JsonWebToken​(SecretKey key)
        Constructs a new JsonWekToken object using the specified SecretKey which can be retrieved from KeyManager.getSecretKey() to use the Alpine-generated secret key. Usage of other SecretKeys is allowed but management of those keys is up to the implementor.
        Parameters:
        key - the SecretKey to use in generating or validating the token
        Since:
        1.0.0

      • JsonWebToken

        public JsonWebToken()
        Constructs a new JsonWebToken object using the default Alpine-generated secret key.
        Since:
        1.0.0
        See Also:
        KeyManager.getSecretKey()

    • Method Detail

      • createToken

        public String createToken​(Principal principal)
        Creates a new JWT for the specified principal. Token is signed using the SecretKey with an HMAC 256 algorithm.
        Parameters:
        principal - the Principal to create the token for
        Returns:
        a String representation of the generated token
        Since:
        1.0.0

      • createToken

        public String createToken​(Principal principal,
                          List<Permission> permissions)
        Creates a new JWT for the specified principal. Token is signed using the SecretKey with an HMAC 256 algorithm.
        Parameters:
        principal - the Principal to create the token for
        permissions - the effective list of permissions for the principal
        Returns:
        a String representation of the generated token
        Since:
        1.1.0

      • createToken

        public String createToken​(Principal principal,
                          List<Permission> permissions,
                          IdentityProvider identityProvider)
        Creates a new JWT for the specified principal. Token is signed using the SecretKey with an HMAC 256 algorithm.
        Parameters:
        principal - the Principal to create the token for
        permissions - the effective list of permissions for the principal
        identityProvider - the identity provider the principal was authenticated with. If null, it will be derived from principal
        Returns:
        a String representation of the generated token
        Since:
        1.8.0

      • createToken

        public String createToken​(Map<String,​Object> claims)
        Creates a new JWT for the specified principal. Token is signed using the SecretKey with an HMAC 256 algorithm.
        Parameters:
        claims - a Map of all claims
        Returns:
        a String representation of the generated token
        Since:
        1.0.0

      • validateToken

        public boolean validateToken​(String token)
        Validates a JWT by ensuring the signature matches and validates against the SecretKey and checks the expiration date.
        Parameters:
        token - the token to validate
        Returns:
        true if validation successful, false if not
        Since:
        1.0.0

      • getSubject

        public String getSubject()
        Returns the subject of the token.
        Returns:
        a String

      • getExpiration

        public Date getExpiration()
        Returns the expiration of the token.
        Returns:
        a Date

      • getIdentityProvider

        public IdentityProvider getIdentityProvider()
        Returns the identity provider of the token.
        Returns:
        an IdentityProvider