Module io.inverno.mod.security.jose
Package io.inverno.mod.security.jose.jwt

Class JWTEAuthenticator<A extends JWTClaimsSet>

java.lang.Object
io.inverno.mod.security.jose.jwt.JWTEAuthenticator<A>
Type Parameters:
A - the JWT claims set type
All Implemented Interfaces:
Authenticator<TokenCredentials,JWTEAuthentication<A>>
public class JWTEAuthenticator<A extends JWTClaimsSet> extends Object implements Authenticator<TokenCredentials,JWTEAuthentication<A>>

An authenticator implementation that authenticates JWTE token credentials.

The expected token must be a valid JWTE compact string.

Since:
1.5
Author:
Jeremy Kuhn

  • Constructor Details

    • JWTEAuthenticator

      public JWTEAuthenticator(JWTService jwtService)

      Creates a JWTE authenticator with the specified JWT service.

      Parameters:
      jwtService - the JWT service

    • JWTEAuthenticator

      public JWTEAuthenticator(JWTService jwtService, Publisher<? extends JWK> keys)

      Creates a JWTE authenticator with the specified JWT service and keys.

      Parameters:
      jwtService - the JWT service
      keys - the keys to consider to verify the JWTS

    • JWTEAuthenticator

      public JWTEAuthenticator(JWTService jwtService, String... processedParameters)

      Creates a JWTE authenticator with the specified JWT service and processed parameters.

      Parameters:
      jwtService - the JWT service
      processedParameters - the parameters processed by the application

    • JWTEAuthenticator

      public JWTEAuthenticator(JWTService jwtService, Publisher<? extends JWK> keys, String... processedParameters)

      Creates a JWTE authenticator with the specified JWT service, keys and processed parameters.

      Parameters:
      jwtService - the JWT service
      keys - the keys to consider to verify the JWTS
      processedParameters - the parameters processed by the application

    • JWTEAuthenticator

      public JWTEAuthenticator(JWTService jwtService, Class<A> type)

      Creates a JWTE authenticator with the specified JWT service and JWT claims set type.

      Parameters:
      jwtService - the JWT service
      type - the JWT claims set type

    • JWTEAuthenticator

      public JWTEAuthenticator(JWTService jwtService, Type type)

      Creates a JWTE authenticator with the specified JWT service and JWT claims set type.

      Parameters:
      jwtService - the JWT service
      type - the JWT claims set type

    • JWTEAuthenticator

      public JWTEAuthenticator(JWTService jwtService, Class<A> type, Publisher<? extends JWK> keys)

      Creates a JWTE authenticator with the specified JWT service, JWT claims set type and keys.

      Parameters:
      jwtService - the JWT service
      type - the JWT claims set type
      keys - the keys to consider to decode the JWTE

    • JWTEAuthenticator

      public JWTEAuthenticator(JWTService jwtService, Type type, Publisher<? extends JWK> keys)

      Creates a JWTE authenticator with the specified JWT service, JWT claims set type and keys.

      Parameters:
      jwtService - the JWT service
      type - the JWT claims set type
      keys - the keys to consider to decode the JWTE

    • JWTEAuthenticator

      public JWTEAuthenticator(JWTService jwtService, Class<A> type, String... processedParameters)

      Creates a JWTE authenticator with the specified JWT service, JWT claims set type and processed parameters.

      Parameters:
      jwtService - the JWT service
      type - the JWT claims set type
      processedParameters - the parameters processed by the application

    • JWTEAuthenticator

      public JWTEAuthenticator(JWTService jwtService, Type type, String... processedParameters)

      Creates a JWTE authenticator with the specified JWT service, JWT claims set type and processed parameters.

      Parameters:
      jwtService - the JWT service
      type - the JWT claims set type
      processedParameters - the parameters processed by the application

    • JWTEAuthenticator

      public JWTEAuthenticator(JWTService jwtService, Class<A> type, Publisher<? extends JWK> keys, String... processedParameters)

      Creates a JWTE authenticator with the specified JWT service, JWT claims set type, keys and processed parameters.

      Parameters:
      jwtService - the JWT service
      type - the JWT claims set type
      keys - the keys to consider to decode the JWTE
      processedParameters - the parameters processed by the application

    • JWTEAuthenticator

      public JWTEAuthenticator(JWTService jwtService, Type type, Publisher<? extends JWK> keys, String... processedParameters)

      Creates a JWTE authenticator with the specified JWT service, JWT claims set type, keys and processed parameters.

      Parameters:
      jwtService - the JWT service
      type - the JWT claims set type
      keys - the keys to consider to decode the JWTE
      processedParameters - the parameters processed by the application

  • Method Details

    • validate

      public JWTEAuthenticator validate(JWTClaimsSetValidator validator)

      Adds the specified validator to the JWT claims set.

      Parameters:
      validator - the validator to add
      Returns:
      the JWTE authenticator

    • setValidators

      public void setValidators(List<JWTClaimsSetValidator> validators)

      Sets the JWT claims set validators.

      Parameters:
      validators - a list of validators or null to clear the validators

    • getValidators

      public final List<JWTClaimsSetValidator> getValidators()

      Returns the list of JWT claims set validators.

      Returns:
      the JWT claims set validators

    • authenticate

      public Mono<JWTEAuthentication<A>> authenticate(TokenCredentials credentials)
      Description copied from interface: Authenticator

      Authenticates the specified credentials and returns an authentication.

      Implementations can return an empty mono to indicate that they were unable to authenticate the credentials. This does not mean credentials are invalid, this simply mean that a particular authenticator does not manage them and therefore can's possibly determine whether they are valid. For example, when considering login credentials composed of a user and a password, an authenticator which does not manage that particular user can return an empty mono.

      Implementations must return denied authentications with AuthenticationException when they were able to authenticate credentials which turned out to be invalid. For example, a login credentials authenticator must return a denied authentication exception when it does manage a particular username but the provided password was invalid.

      A denied authentication can also bre reported by throwing an AuthenticationException when returning an actual authentication instance is not practical.

      Specified by:
      authenticate in interface Authenticator<TokenCredentials,JWTEAuthentication<A extends JWTClaimsSet>>
      Parameters:
      credentials - the credentials to authenticate
      Returns:
      a mono emitting an authentication, an error mono or an empty mono if the authenticator could not authenticate the credentials