io.micronaut.security.token.jwt.validator

Class JwtTokenValidator

java.lang.Object

io.micronaut.security.token.jwt.validator.JwtTokenValidator

All Implemented Interfaces:

io.micronaut.core.order.Ordered, TokenValidator

@Singleton
public class JwtTokenValidator
extends java.lang.Object
implements TokenValidator

Since:

1.0

Author:

Sergio del Amo

See Also:

Validating JWT Access Tokens

Field Summary

Fields

Modifier and Type	Field and Description
protected java.util.List<EncryptionConfiguration>	encryptionConfigurations
protected java.util.List<GenericJwtClaimsValidator>	genericJwtClaimsValidators
protected JwtAuthenticationFactory	jwtAuthenticationFactory
protected java.util.List<SignatureConfiguration>	signatureConfigurations

Fields inherited from interface io.micronaut.core.order.Ordered

HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE

Constructor Summary

Constructors

Constructor and Description
JwtTokenValidator(java.util.Collection<SignatureConfiguration> signatureConfigurations, java.util.Collection<EncryptionConfiguration> encryptionConfigurations) Deprecated. Use JwtTokenValidator(Collection, Collection, Collection, JwtAuthenticationFactory) instead.
JwtTokenValidator(java.util.Collection<SignatureConfiguration> signatureConfigurations, java.util.Collection<EncryptionConfiguration> encryptionConfigurations, java.util.Collection<GenericJwtClaimsValidator> genericJwtClaimsValidators, JwtAuthenticationFactory jwtAuthenticationFactory) Constructor.

Method Summary

Modifier and Type	Method and Description
java.util.Optional<Authentication>	authenticationIfValidJwtSignatureAndClaims(java.lang.String token, java.util.Collection<? extends JwtClaimsValidator> claimsValidators) Deprecated. Use JwtValidator instead.
java.util.List<EncryptionConfiguration>	getEncryptionConfigurations() Deprecated. Will be removed in a future version
java.util.List<GenericJwtClaimsValidator>	getGenericJwtClaimsValidators() Deprecated. Will be removed in a future version
java.util.List<SignatureConfiguration>	getSignatureConfigurations() Deprecated. Will be removed in a future version
java.util.Optional<com.nimbusds.jwt.JWT>	parseJwtIfValidSignature(java.lang.String token) Deprecated. Use JwtValidator instead.
boolean	validate(java.lang.String token) Deprecated. Use JwtValidator instead.
boolean	validate(java.lang.String token, java.util.Collection<? extends JwtClaimsValidator> claimsValidators) Deprecated. Use JwtValidator instead.
java.util.Optional<com.nimbusds.jwt.JWT>	validateEncryptedJWTSignature(com.nimbusds.jwt.EncryptedJWT encryptedJWT, java.lang.String token) Deprecated. Use JwtValidator instead.
java.util.Optional<com.nimbusds.jwt.JWT>	validateJwtSignatureAndClaims(java.lang.String token) Deprecated. Use JwtValidator instead.
java.util.Optional<com.nimbusds.jwt.JWT>	validateJwtSignatureAndClaims(java.lang.String token, java.util.Collection<? extends JwtClaimsValidator> claimsValidators) Deprecated. Use JwtValidator instead.
java.util.Optional<com.nimbusds.jwt.JWT>	validatePlainJWTSignature(com.nimbusds.jwt.JWT jwt) Deprecated. Use JwtValidator instead.
java.util.Optional<com.nimbusds.jwt.JWT>	validateSignedJWTSignature(com.nimbusds.jwt.SignedJWT signedJWT) Deprecated. Use JwtValidator instead.
org.reactivestreams.Publisher<Authentication>	validateToken(java.lang.String token) Validates the provided token and returns the authentication state.
boolean	verifyClaims(com.nimbusds.jwt.JWTClaimsSet jwtClaimsSet, java.util.Collection<? extends JwtClaimsValidator> claimsValidators) Deprecated. No replacement. Implement the logic in your own codebase

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface io.micronaut.core.order.Ordered

getOrder

Field Detail

signatureConfigurations

protected final java.util.List<SignatureConfiguration> signatureConfigurations

encryptionConfigurations

protected final java.util.List<EncryptionConfiguration> encryptionConfigurations

genericJwtClaimsValidators

protected final java.util.List<GenericJwtClaimsValidator> genericJwtClaimsValidators

jwtAuthenticationFactory

protected final JwtAuthenticationFactory jwtAuthenticationFactory

Constructor Detail

JwtTokenValidator

@Inject
public JwtTokenValidator(java.util.Collection<SignatureConfiguration> signatureConfigurations,
                                 java.util.Collection<EncryptionConfiguration> encryptionConfigurations,
                                 java.util.Collection<GenericJwtClaimsValidator> genericJwtClaimsValidators,
                                 JwtAuthenticationFactory jwtAuthenticationFactory)

Constructor.

Parameters:

signatureConfigurations - List of Signature configurations which are used to attempt validation.

encryptionConfigurations - List of Encryption configurations which are used to attempt validation.

genericJwtClaimsValidators - Generic JWT Claims validators which should be used to validate any JWT.

jwtAuthenticationFactory - Utility to generate an Authentication given a JWT.

JwtTokenValidator

@Deprecated
public JwtTokenValidator(java.util.Collection<SignatureConfiguration> signatureConfigurations,
                                     java.util.Collection<EncryptionConfiguration> encryptionConfigurations)

Deprecated. Use JwtTokenValidator(Collection, Collection, Collection, JwtAuthenticationFactory) instead.

Deprecated Constructor.

Parameters:

signatureConfigurations - List of Signature configurations which are used to attempt validation.

encryptionConfigurations - List of Encryption configurations which are used to attempt validation.

Method Detail

validatePlainJWTSignature

@Deprecated
public java.util.Optional<com.nimbusds.jwt.JWT> validatePlainJWTSignature(com.nimbusds.jwt.JWT jwt)

Deprecated. Use JwtValidator instead.

Validates the Signature of a plain JWT.

Parameters:

jwt - a JWT Token

Returns:

empty if signature configurations exists, Optional.of(jwt) if no signature configuration is available.

validateSignedJWTSignature

@Deprecated
public java.util.Optional<com.nimbusds.jwt.JWT> validateSignedJWTSignature(com.nimbusds.jwt.SignedJWT signedJWT)

Deprecated. Use JwtValidator instead.

Validates a Signed JWT signature.

Parameters:

signedJWT - a Signed JWT Token

Returns:

empty if signature validation fails

verifyClaims

@Deprecated
public boolean verifyClaims(com.nimbusds.jwt.JWTClaimsSet jwtClaimsSet,
                                        java.util.Collection<? extends JwtClaimsValidator> claimsValidators)

Deprecated. No replacement. Implement the logic in your own codebase

Verifies the provided claims with the provided validators.

Parameters:

jwtClaimsSet - JWT Claims

claimsValidators - The claims validators

Returns:

Whether the JWT claims pass every validation.

validateEncryptedJWTSignature

@Deprecated
public java.util.Optional<com.nimbusds.jwt.JWT> validateEncryptedJWTSignature(com.nimbusds.jwt.EncryptedJWT encryptedJWT,
                                                                                          java.lang.String token)

Deprecated. Use JwtValidator instead.

Validates a encrypted JWT Signature.

Parameters:

encryptedJWT - a encrytped JWT Token

token - the JWT token as String

Returns:

empty if signature validation fails

validateToken

public org.reactivestreams.Publisher<Authentication> validateToken(java.lang.String token)

Description copied from interface: TokenValidator

Validates the provided token and returns the authentication state.

Specified by:

validateToken in interface TokenValidator

Parameters:

token - The token string.

Returns:

Publishes Authentication based on the JWT or empty if the validation fails.

authenticationIfValidJwtSignatureAndClaims

@Deprecated
public java.util.Optional<Authentication> authenticationIfValidJwtSignatureAndClaims(java.lang.String token,
                                                                                                 java.util.Collection<? extends JwtClaimsValidator> claimsValidators)

Deprecated. Use JwtValidator instead.

Authentication if JWT has valid signature and claims are verified.

Parameters:

token - A JWT token

claimsValidators - a Collection of claims Validators.

Returns:

empty if signature or claims verification failed, An Authentication otherwise.

validateJwtSignatureAndClaims

@Deprecated
public java.util.Optional<com.nimbusds.jwt.JWT> validateJwtSignatureAndClaims(java.lang.String token)

Deprecated. Use JwtValidator instead.

Validates JWT signature and Claims.

Parameters:

token - A JWT token

Returns:

empty if signature or claims verification failed, JWT otherwise.

validate

@Deprecated
public boolean validate(java.lang.String token)

Deprecated. Use JwtValidator instead.

Parameters:

token - A JWT token

Returns:

true if signature or claims verification passed

validate

@Deprecated
public boolean validate(java.lang.String token,
                                    java.util.Collection<? extends JwtClaimsValidator> claimsValidators)

Deprecated. Use JwtValidator instead.

Parameters:

token - A JWT token

claimsValidators - a Collection of claims Validators.

Returns:

true if signature or claims verification passed

validateJwtSignatureAndClaims

@Deprecated
public java.util.Optional<com.nimbusds.jwt.JWT> validateJwtSignatureAndClaims(java.lang.String token,
                                                                                          java.util.Collection<? extends JwtClaimsValidator> claimsValidators)

Deprecated. Use JwtValidator instead.

Validates JWT signature and Claims.

Parameters:

token - A JWT token

claimsValidators - a Collection of claims Validators.

Returns:

empty if signature or claims verification failed, JWT otherwise.

parseJwtIfValidSignature

@Deprecated
public java.util.Optional<com.nimbusds.jwt.JWT> parseJwtIfValidSignature(java.lang.String token)

Deprecated. Use JwtValidator instead.

Returns a JWT if the signature could be verified.

Parameters:

token - a JWT token

Returns:

Empty if JWT signature verification failed or JWT if valid signature.

getSignatureConfigurations

@Deprecated
public java.util.List<SignatureConfiguration> getSignatureConfigurations()

Deprecated. Will be removed in a future version

Returns:

List of Signature configurations which are used to attempt validation.

getEncryptionConfigurations

@Deprecated
public java.util.List<EncryptionConfiguration> getEncryptionConfigurations()

Deprecated. Will be removed in a future version

Returns:

List of Encryption configurations which are used to attempt validation.

getGenericJwtClaimsValidators

@Deprecated
public java.util.List<GenericJwtClaimsValidator> getGenericJwtClaimsValidators()

Deprecated. Will be removed in a future version

Returns:

Generic JWT Claims validators which should be used to validate any JWT.