Module io.inverno.mod.security.jose
Package io.inverno.mod.security.jose.jwt

Class JWTClaimsSet

java.lang.Object
io.inverno.mod.security.jose.jwt.JWTClaimsSet
public class JWTClaimsSet extends Object

A JWT Claims set contains the claims conveyed by a JSON Web Token as specified by RFC7519 Section 4.

A JWT Claims set can be validated in various ways using methods: isValid(), ifValid(java.lang.Runnable)... JWT claims validation is performed by a list of JWTClaimsSetValidator which can be set using validate(io.inverno.mod.security.jose.jwt.JWTClaimsSetValidator) or setValidators(java.util.List) methods. By default, expiration time and not before time are validated.

Since:
1.5
Author:
Jeremy Kuhn

  • Constructor Details

    • JWTClaimsSet

      public JWTClaimsSet(String iss, String sub, String aud, Long exp, Long nbf, Long iat, String jti) throws JWTBuildException

      Creates a JWT Claims set.

      Parameters:
      iss - the issuer claim
      sub - the subject claim
      aud - the audience claim
      exp - the expiration time claim
      nbf - the not before claim
      iat - the issue at claim
      jti - the JWT id claim
      Throws:
      JWTBuildException - if there was an error building the JWT claims set

    • JWTClaimsSet

      public JWTClaimsSet(String iss, String sub, String aud, Long exp, Long nbf, Long iat, String jti, Map<String,Object> customClaims) throws JWTBuildException

      Creates a JWT Claims set.

      Parameters:
      iss - the issuer claim
      sub - the subject claim
      aud - the audience claim
      exp - the expiration time claim
      nbf - the not before claim
      iat - the issue at claim
      jti - the JWT id claim
      customClaims - custom claims map
      Throws:
      JWTBuildException - if there was an error building the JWT claims set

    • JWTClaimsSet

      protected JWTClaimsSet(String iss, URI iss_uri, String sub, URI sub_uri, String aud, ZonedDateTime exp, ZonedDateTime nbf, ZonedDateTime iat, String jti, Map<String,Object> customClaims) throws JWTBuildException

      Creates a JWT Claims set.

      Parameters:
      iss - the issuer claim as string
      iss_uri - the issuer claim as URI
      sub - the subject claim as string
      sub_uri - the issuer claim as URI
      aud - the audience claim
      exp - the expiration time claim
      nbf - the not before claim
      iat - the issue at claim
      jti - the JWT id claim
      customClaims - custom claims map
      Throws:
      JWTBuildException - if there was an error building the JWT claims set

  • Method Details

    • getIssuer

      public String getIssuer()

      Returns the issuer claim as String.

      Returns:
      the issuer claim as String

    • getIssuerAsURI

      public URI getIssuerAsURI()

      Returns the issuer claim as URI.

      Returns:
      the issuer claim as URI

    • getSubject

      public String getSubject()

      Returns the subject claim as String.

      Returns:
      the subject claim as String

    • getSubjectAsURI

      public URI getSubjectAsURI()

      Returns the subject claim as URI.

      Returns:
      the subject claim as URI

    • getAudience

      public String getAudience()

      Returns the audience claim.

      Returns:
      the audience claim

    • getExpirationTime

      public Long getExpirationTime()

      Returns the expiration time claim as seconds since epoch.

      Returns:
      the expiration time claim as seconds since epoch

    • getExpirationTimeAsDateTime

      public ZonedDateTime getExpirationTimeAsDateTime()

      Returns the expiration time claim as zoned date time.

      Returns:
      the expiration time claim as zoned date time

    • getNotBefore

      public Long getNotBefore()

      Returns the not before claim as seconds since epoch.

      Returns:
      the not before claim as seconds since epoch

    • getNotBeforeAsDateTime

      public ZonedDateTime getNotBeforeAsDateTime()

      Returns the not before claim as zoned date time.

      Returns:
      the not before claim as zoned date time

    • getIssuedAt

      public Long getIssuedAt()

      Returns the issued at claim as seconds since epoch.

      Returns:
      the issued at claim as seconds since epoch

    • getIssuedAtAsDateTime

      public ZonedDateTime getIssuedAtAsDateTime()

      Returns the issued at claim as zoned date time.

      Returns:
      the issued at claim as zoned date time

    • getJWTId

      public String getJWTId()

      Returns the JWT id claim.

      Returns:
      the JWT id claim

    • getCustomClaims

      public final Map<String,Object> getCustomClaims()

      Returns the map of custom claims.

      Returns:
      a map of custom claims

    • getCustomClaim

      public final Optional<JWTClaimsSet.Claim> getCustomClaim(String name)

      Returns the custom claim with the specified name.

      The returned JWTClaimsSet.Claim object allows to convert the claim into various types.

      Parameters:
      name - a custom claim name
      Returns:
      an optional containing the custom claim or an empty optional if the JWT claims set does not contain that claim

    • validate

      public final JWTClaimsSet validate(JWTClaimsSetValidator validator)

      Adds the specified validator to the JWT claims set.

      Parameters:
      validator - the validator to add
      Returns:
      the JWT claims set

    • setValidators

      public final void setValidators(List<JWTClaimsSetValidator> validators)

      Sets the JWT claims set validators.

      Parameters:
      validators - a list of validators or null to clear the validators

    • getValidators

      public final List<JWTClaimsSetValidator> getValidators()

      Returns the list of JWT claims set validators.

      Returns:
      the JWT claims set validators

    • validate

      protected void validate() throws InvalidJWTException

      Validates the JWT claims set and throws an exception if it is invalid.

      This method basically invoke the list of validators that have been set using validate(io.inverno.mod.security.jose.jwt.JWTClaimsSetValidator).

      Throws:
      InvalidJWTException - if the JWT claims set is invalid

    • isValid

      public final boolean isValid()

      Determines whether the JWT Claims set is valid.

      Returns:
      true if the JWT Claims set is valid, false otherwise

    • ifValid

      public final void ifValid(Runnable action)

      Executes the specified action if the JWT Claims set is valid.

      Parameters:
      action - the action to run if the JWT Claims set is valid

    • ifValidOrElse

      public final void ifValidOrElse(Runnable action, Runnable invalidAction)

      Executes the specified action if the JWT Claims set is valid or the specified invalid action if it is invalid.

      Parameters:
      action - the action to run if the JWT Claims set is valid
      invalidAction - the action to run if the JWT Claims set is invalid

    • ifInvalidThrow

      public final JWTClaimsSet ifInvalidThrow() throws InvalidJWTException

      Returns the JWT Claims set or throws an exception if it is invalid.

      Returns:
      the JWT Claims set
      Throws:
      InvalidJWTException - if the JWT Claims set is invalid

    • ifInvalidThrow

      public <T extends Throwable> JWTClaimsSet ifInvalidThrow(Supplier<? extends T> exceptionSupplier) throws T

      Returns the JWT Claims set or throws a custom exception if it is invalid.

      Type Parameters:
      T - the custom exception type
      Parameters:
      exceptionSupplier - the exception supplier
      Returns:
      the JWT Claims set
      Throws:
      T - if the JWT Claims set is invalid

    • of

      public static JWTClaimsSet.Builder<JWTClaimsSet,?> of()

      Creates a new empty JWT Claims set builder.

      Returns:
      a new empty JWT Claims set builder

    • of

      public static JWTClaimsSet.Builder<JWTClaimsSet,?> of(String iss, long exp)

      Creates a new JWT Claims set builder with the specified issuer and expiration time claims.

      Parameters:
      iss - the issuer
      exp - the expiration time in seconds since epoch
      Returns:
      a new JWT Claims set builder with the specified issuer and expiration time claims.

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object

    • equals

      public boolean equals(Object obj)
      Overrides:
      equals in class Object