Package alpine.server.auth

Class JsonWebToken

java.lang.Object
alpine.server.auth.JsonWebToken
public class JsonWebToken extends Object
Decouples the general usage of JSON Web Tokens with the actual implementation of a JWT library All JWT usages should only go through this class and hide the actual implementation details and to avoid improper or insecure use of JWTs.
Since:
1.0.0
Author:
Steve Springett

  • Constructor Details

    • JsonWebToken

      public JsonWebToken(SecretKey key)
      Constructs a new JsonWekToken object using the specified SecretKey which can be retrieved from KeyManager.getSecretKey() to use the Alpine-generated secret key. Usage of other SecretKeys is allowed but management of those keys is up to the implementor.
      Parameters:
      key - the SecretKey to use in generating or validating the token
      Since:
      1.0.0

    • JsonWebToken

      public JsonWebToken()
      Constructs a new JsonWebToken object using the default Alpine-generated secret key.
      Since:
      1.0.0
      See Also:

  • Method Details

    • createToken

      public String createToken(Principal principal)
      Creates a new JWT for the specified principal. Token is signed using the SecretKey with an HMAC 256 algorithm.
      Parameters:
      principal - the Principal to create the token for
      Returns:
      a String representation of the generated token
      Since:
      1.0.0

    • createToken

      public String createToken(Principal principal, List<Permission> permissions)
      Creates a new JWT for the specified principal. Token is signed using the SecretKey with an HMAC 256 algorithm.
      Parameters:
      principal - the Principal to create the token for
      permissions - the effective list of permissions for the principal
      Returns:
      a String representation of the generated token
      Since:
      1.1.0

    • createToken

      public String createToken(Principal principal, List<Permission> permissions, IdentityProvider identityProvider)
      Creates a new JWT for the specified principal. Token is signed using the SecretKey with an HMAC 256 algorithm.
      Parameters:
      principal - the Principal to create the token for
      permissions - the effective list of permissions for the principal
      identityProvider - the identity provider the principal was authenticated with. If null, it will be derived from principal
      Returns:
      a String representation of the generated token
      Since:
      1.8.0

    • createToken

      public String createToken(Map<String,Object> claims)
      Creates a new JWT for the specified principal. Token is signed using the SecretKey with an HMAC 256 algorithm.
      Parameters:
      claims - a Map of all claims
      Returns:
      a String representation of the generated token
      Since:
      1.0.0

    • validateToken

      public boolean validateToken(String token)
      Validates a JWT by ensuring the signature matches and validates against the SecretKey and checks the expiration date.
      Parameters:
      token - the token to validate
      Returns:
      true if validation successful, false if not
      Since:
      1.0.0

    • getSubject

      public String getSubject()
      Returns the subject of the token.
      Returns:
      a String

    • getExpiration

      public Date getExpiration()
      Returns the expiration of the token.
      Returns:
      a Date

    • getIdentityProvider

      public IdentityProvider getIdentityProvider()
      Returns the identity provider of the token.
      Returns:
      an IdentityProvider