Package io.micronaut.security.token.jwt.validator

Class JwtTokenValidator

    • Constructor Detail

      • JwtTokenValidator

        @Inject
public JwtTokenValidator​(java.util.Collection<SignatureConfiguration> signatureConfigurations,
                         java.util.Collection<EncryptionConfiguration> encryptionConfigurations,
                         java.util.Collection<GenericJwtClaimsValidator> genericJwtClaimsValidators,
                         JwtAuthenticationFactory jwtAuthenticationFactory)
        Constructor.
        Parameters:
        signatureConfigurations - List of Signature configurations which are used to attempt validation.
        encryptionConfigurations - List of Encryption configurations which are used to attempt validation.
        genericJwtClaimsValidators - Generic JWT Claims validators which should be used to validate any JWT.
        jwtAuthenticationFactory - Utility to generate an Authentication given a JWT.

    • Method Detail

      • validatePlainJWTSignature

        public java.util.Optional<com.nimbusds.jwt.JWT> validatePlainJWTSignature​(com.nimbusds.jwt.JWT jwt)
        Validates the Signature of a plain JWT.
        Parameters:
        jwt - a JWT Token
        Returns:
        empty if signature configurations exists, Optional.of(jwt) if no signature configuration is available.

      • validateSignedJWTSignature

        public java.util.Optional<com.nimbusds.jwt.JWT> validateSignedJWTSignature​(com.nimbusds.jwt.SignedJWT signedJWT)
        Validates a Signed JWT signature.
        Parameters:
        signedJWT - a Signed JWT Token
        Returns:
        empty if signature validation fails

      • verifyClaims

        public boolean verifyClaims​(com.nimbusds.jwt.JWTClaimsSet jwtClaimsSet,
                            java.util.Collection<? extends JwtClaimsValidator> claimsValidators)
        Verifies the provided claims with the provided validators.
        Parameters:
        jwtClaimsSet - JWT Claims
        claimsValidators - The claims validators
        Returns:
        Whether the JWT claims pass every validation.

      • validateEncryptedJWTSignature

        public java.util.Optional<com.nimbusds.jwt.JWT> validateEncryptedJWTSignature​(com.nimbusds.jwt.EncryptedJWT encryptedJWT,
                                                                              java.lang.String token)
        Validates a encrypted JWT Signature.
        Parameters:
        encryptedJWT - a encrytped JWT Token
        token - the JWT token as String
        Returns:
        empty if signature validation fails

      • validateToken

        public org.reactivestreams.Publisher<Authentication> validateToken​(java.lang.String token)
        Description copied from interface: TokenValidator
        Validates the provided token and returns the authentication state.
        Specified by:
        validateToken in interface TokenValidator
        Parameters:
        token - The token string.
        Returns:
        Publishes Authentication based on the JWT or empty if the validation fails.

      • authenticationIfValidJwtSignatureAndClaims

        public java.util.Optional<Authentication> authenticationIfValidJwtSignatureAndClaims​(java.lang.String token,
                                                                                     java.util.Collection<? extends JwtClaimsValidator> claimsValidators)
        Authentication if JWT has valid signature and claims are verified.
        Parameters:
        token - A JWT token
        claimsValidators - a Collection of claims Validators.
        Returns:
        empty if signature or claims verification failed, An Authentication otherwise.

      • validateJwtSignatureAndClaims

        public java.util.Optional<com.nimbusds.jwt.JWT> validateJwtSignatureAndClaims​(java.lang.String token)
        Validates JWT signature and Claims.
        Parameters:
        token - A JWT token
        Returns:
        empty if signature or claims verification failed, JWT otherwise.

      • validate

        public boolean validate​(java.lang.String token)
        Parameters:
        token - A JWT token
        Returns:
        true if signature or claims verification passed

      • validate

        public boolean validate​(java.lang.String token,
                        java.util.Collection<? extends JwtClaimsValidator> claimsValidators)
        Parameters:
        token - A JWT token
        claimsValidators - a Collection of claims Validators.
        Returns:
        true if signature or claims verification passed

      • validateJwtSignatureAndClaims

        public java.util.Optional<com.nimbusds.jwt.JWT> validateJwtSignatureAndClaims​(java.lang.String token,
                                                                              java.util.Collection<? extends JwtClaimsValidator> claimsValidators)
        Validates JWT signature and Claims.
        Parameters:
        token - A JWT token
        claimsValidators - a Collection of claims Validators.
        Returns:
        empty if signature or claims verification failed, JWT otherwise.

      • parseJwtIfValidSignature

        public java.util.Optional<com.nimbusds.jwt.JWT> parseJwtIfValidSignature​(java.lang.String token)
        Retuns a JWT if the signature could be verified.
        Parameters:
        token - a JWT token
        Returns:
        Empty if JWT signature verification failed or JWT if valid signature.

      • getSignatureConfigurations

        public java.util.List<SignatureConfiguration> getSignatureConfigurations()
        Returns:
        List of Signature configurations which are used to attempt validation.

      • getEncryptionConfigurations

        public java.util.List<EncryptionConfiguration> getEncryptionConfigurations()
        Returns:
        List of Encryption configurations which are used to attempt validation.

      • getGenericJwtClaimsValidators

        public java.util.List<GenericJwtClaimsValidator> getGenericJwtClaimsValidators()
        Returns:
        Generic JWT Claims validators which should be used to validate any JWT.