Module io.inverno.mod.session

Package io.inverno.mod.session.jwt

Interface JWTSessionIdGenerator<A,B>

Type Parameters:

A - the session data type

B - the stateless session data type

All Superinterfaces:

SessionIdGenerator<A,JWTSession<A,B>>

All Known Implementing Classes:

JWTESessionIdGenerator, JWTSSessionIdGenerator

public interface JWTSessionIdGenerator<A,B>
extends SessionIdGenerator<A,JWTSession<A,B>>

A session id generator that generates JWT identifier containing session expiration settings and stateless session data.

It is also used by JWT session stores to validate and decrypt JWT when resolving session.

JWT expiration time and issued at claims must be expressed in seconds since epoch, as a result session creation time and session expiration time must be rounded to the lowest integer when generating the JWT session id.

Since:

1.13

Author:

Jeremy Kuhn

Field Summary

Fields

Modifier and Type	Field	Description
static final String	CLAIM_MAX_INACTIVE_INTERVAL	The maximum inactive interval claim name.
static final String	CLAIM_SESSION_DATA	The session data claim name.

Method Summary

Modifier and Type	Method	Description
default Mono<String>	generate(JWTSession<A,B> session)	Generates a new identifier for the specified session.
Mono<? extends JOSEObject<JWTClaimsSet,?>>	generateJWT(JWTSession<A,B> session)	Generates a JWT session identifier for the specified JWT session.
static <A, B> JWTSessionIdGenerator<A,B>	jwe(JWTService jwtService, Consumer<JWEHeaderConfigurator<?>> headerConfigurer)	Returns a new JWT session id generator that generates JWT as JWE guarantees both integrity and confidentiality of the data within the session id.
static <A, B> JWTSessionIdGenerator<A,B>	jwe(JWTService jwtService, Consumer<JWEHeaderConfigurator<?>> headerConfigurer, String issuer)	Returns a new JWT session id generator that generates JWT as JWS with the specified issuer and which guarantees both integrity and confidentiality of the data within the session id.
static <A, B> JWTSessionIdGenerator<A,B>	jws(JWTService jwtService, Consumer<JWSHeaderConfigurator<?>> headerConfigurer)	Returns a new JWT session id generator that generates JWT as JWS which guarantees the integrity of the data within the session id.
static <A, B> JWTSessionIdGenerator<A,B>	jws(JWTService jwtService, Consumer<JWSHeaderConfigurator<?>> headerConfigurer, String issuer)	Returns a new JWT session id generator that generates JWT as JWS with the specified issuer and which guarantees the integrity of the data within the session id.
Mono<? extends JOSEObject<JWTClaimsSet,?>>	readJWT(String sessionId)	Validates and decrypts the specified JWT session identifier.

Field Details

CLAIM_MAX_INACTIVE_INTERVAL

static final String CLAIM_MAX_INACTIVE_INTERVAL

The maximum inactive interval claim name.

See Also:

• Constant Field Values

CLAIM_SESSION_DATA

static final String CLAIM_SESSION_DATA

The session data claim name.

See Also:

• Constant Field Values

Method Details

generate

default Mono<String> generate(JWTSession<A,B> session)

Description copied from interface: SessionIdGenerator

Generates a new identifier for the specified session.

Specified by:

generate in interface SessionIdGenerator<A,B>

Parameters:

session - a session

Returns:

a mono generating a session id

generateJWT

Mono<? extends JOSEObject<JWTClaimsSet,?>> generateJWT(JWTSession<A,B> session)

Generates a JWT session identifier for the specified JWT session.

Implementors should ensure that JWT are generated with unique JWT token identifiers (i.e. JTI) to prevent against replay attack.

Parameters:

session - a JWT session

Returns:

a mono generating a JWT

readJWT

Mono<? extends JOSEObject<JWTClaimsSet,?>> readJWT(String sessionId)

Validates and decrypts the specified JWT session identifier.

Parameters:

sessionId - a JWT session identifier

Returns:

a mono reading a JWT session identifier

jws

static <A,
B> JWTSessionIdGenerator<A,B> jws(JWTService jwtService,
 Consumer<JWSHeaderConfigurator<?>> headerConfigurer)

Returns a new JWT session id generator that generates JWT as JWS which guarantees the integrity of the data within the session id.

Type Parameters:

A - the session data type

B - the stateless session data type

Parameters:

jwtService - the JWT service

headerConfigurer - the JWT header configurer

Returns:

a new JWT JWS session id generator

jws

static <A,
B> JWTSessionIdGenerator<A,B> jws(JWTService jwtService,
 Consumer<JWSHeaderConfigurator<?>> headerConfigurer,
 String issuer)

Returns a new JWT session id generator that generates JWT as JWS with the specified issuer and which guarantees the integrity of the data within the session id.

The issuer is validated when reading JWT session identifier.

Type Parameters:

A - the session data type

B - the stateless session data type

Parameters:

jwtService - the JWT service

headerConfigurer - the JWT header configurer

issuer - the issuer

Returns:

a new JWT JWS session id generator

jwe

static <A,
B> JWTSessionIdGenerator<A,B> jwe(JWTService jwtService,
 Consumer<JWEHeaderConfigurator<?>> headerConfigurer)

Returns a new JWT session id generator that generates JWT as JWE guarantees both integrity and confidentiality of the data within the session id.

Type Parameters:

A - the session data type

B - the stateless session data type

Parameters:

jwtService - the JWT service

headerConfigurer - the JWT header configurer

Returns:

a new JWT JWS session id generator

jwe

static <A,
B> JWTSessionIdGenerator<A,B> jwe(JWTService jwtService,
 Consumer<JWEHeaderConfigurator<?>> headerConfigurer,
 String issuer)

Returns a new JWT session id generator that generates JWT as JWS with the specified issuer and which guarantees both integrity and confidentiality of the data within the session id.

The issuer is validated when reading JWT session identifier.

Type Parameters:

A - the session data type

B - the stateless session data type

Parameters:

jwtService - the JWT service

headerConfigurer - the JWT header configurer

issuer - the issuer

Returns:

a new JWT JWE session id generator