com.atlassian.jwt.reader

Interface JwtReaderFactory

public interface JwtReaderFactory

Factory for JwtReader.

Since:

1.0

Method Summary

Modifier and Type	Method and Description
JwtReader	getReader(String jwt) Returns a jwt reader to be used for verifying tokens signed using a symmetric algorithm.
JwtReader	getReader(String jwt, Date date) This method is similar to getReader(String) but allows to specify the Date to be used when operating with the time-based claims of the JWT message.
JwtReader	getReader(String jwt, RSAPublicKey publicKey) Returns a jwt reader that should be used for verifying tokens signed using an asymmetric algorithm.
JwtReader	getReader(String jwt, RSAPublicKey publicKey, Date date) This method is similar to getReader(String, RSAPublicKey) but allows to specify the Date to be used when operating with the time-based claims of the JWT message.

Method Detail

getReader

@Nonnull
JwtReader getReader(@Nonnull
                             String jwt)
                      throws JwsUnsupportedAlgorithmException,
                             JwtUnknownIssuerException,
                             JwtParseException,
                             JwtIssuerLacksSharedSecretException

Returns a jwt reader to be used for verifying tokens signed using a symmetric algorithm.

Parameters:

jwt - encoded JWT message

Returns:

an appropriate JwtReader for reading this JWT message

Throws:

JwsUnsupportedAlgorithmException - if the JWT message's stated algorithm is not implemented

JwtParseException - if the JWT message appears to be mangled

JwtUnknownIssuerException - if the JWT message's "iss" claim value is not recognized

JwtIssuerLacksSharedSecretException - if the JWT message's algorithm requires a shared secret but the claimed issuer does not have one associated

getReader

@Nonnull
JwtReader getReader(@Nonnull
                             String jwt,
                             @Nonnull
                             Date date)
                      throws JwsUnsupportedAlgorithmException,
                             JwtUnknownIssuerException,
                             JwtParseException,
                             JwtIssuerLacksSharedSecretException

This method is similar to getReader(String) but allows to specify the Date to be used when operating with the time-based claims of the JWT message. This is useful when the JWT verification may happen with a significant delay after the message containing that JWT has been consumed by a service e.g. due to queueing.

Parameters:

jwt - encoded JWT message

date - date to use when operating with time-based claims of the JWT message, useful for delayed JWT message verification

Returns:

an appropriate JwtReader for reading this JWT message

Throws:

JwsUnsupportedAlgorithmException - if the JWT message's stated algorithm is not implemented

JwtParseException - if the JWT message appears to be mangled

JwtUnknownIssuerException - if the JWT message's "iss" claim value is not recognized

JwtIssuerLacksSharedSecretException - if the JWT message's algorithm requires a shared secret but the claimed issuer does not have one associated

getReader

@Nonnull
JwtReader getReader(@Nonnull
                             String jwt,
                             RSAPublicKey publicKey)
                      throws JwsUnsupportedAlgorithmException,
                             JwtUnknownIssuerException,
                             JwtParseException

Returns a jwt reader that should be used for verifying tokens signed using an asymmetric algorithm. In this case, a public key needs to be provided as an argument because we don't want this library to constrain or specify where the public keys will be stored and how they will be retrieved. It will be the client's responsibility to retrieve the appropriate public key and pass it into this factory method. Sample usage may look be as follows:

 
 JwtParser jwtParser = new SimpleJwtParser(); // in practice, you may inject this rather than instantiating it like this
 String issuer = jwtParser.parse(jwt).getIssuer();
 RSAPublicKey publicKey = <retrieve public key for this issuer>
 JwtReader jwtReader = jwtReaderFactory.getReader(jwt, publicKey);
 return jwtReader.readAndVerify(jwt, Collections.<String, JwtClaimVerifier>emptyMap());
 
 

Parameters:

jwt - encoded JWT message

publicKey - public key to use to verify jwt's signature

Returns:

an appropriate JwtReader for reading this JWT message

Throws:

JwsUnsupportedAlgorithmException - if the JWT message's stated algorithm is not implemented

JwtUnknownIssuerException - if the JWT message's "iss" claim value is not recognized

JwtParseException - if the JWT message appears to be mangled

getReader

@Nonnull
JwtReader getReader(@Nonnull
                             String jwt,
                             RSAPublicKey publicKey,
                             @Nonnull
                             Date date)
                      throws JwsUnsupportedAlgorithmException,
                             JwtUnknownIssuerException,
                             JwtParseException

This method is similar to getReader(String, RSAPublicKey) but allows to specify the Date to be used when operating with the time-based claims of the JWT message. This is useful when the JWT verification may happen with a significant delay after the message containing that JWT has been consumed by a service e.g. due to queueing.

Parameters:

jwt - encoded JWT message

publicKey - public key to use to verify jwt's signature

date - date to use when operating with time-based claims of the JWT message, useful for delayed JWT message verification

Returns:

an appropriate JwtReader for reading this JWT message

Throws:

JwsUnsupportedAlgorithmException - if the JWT message's stated algorithm is not implemented

JwtUnknownIssuerException - if the JWT message's "iss" claim value is not recognized

JwtParseException - if the JWT message appears to be mangled