de.samply.auth.client.jwt

Class AbstractJWT

java.lang.Object

de.samply.auth.client.jwt.AbstractJWT

All Implemented Interfaces:

Serializable

Direct Known Subclasses:

JWTAccessToken, JWTAdfsAccessToken, JWTHokToken, JWTIDToken, JWTRefreshToken

public abstract class AbstractJWT
extends Object
implements Serializable

The abstract client-side JWT used to verify a serialized JWT using the providers public key.

See Also:

Serialized Form

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	AbstractJWT(de.samply.common.config.OAuth2Client config, String serialized) Initializes this JWT with an OAuth2Client configuration and the serialized string.
protected	AbstractJWT(PublicKey publicKey, String serialized) Initializes this JWT with a public key and the serialized string.

Method Summary

Methods

Modifier and Type	Method and Description
com.nimbusds.jwt.ReadOnlyJWTClaimsSet	getClaimsSet() Returns all claims
PublicKey	getPublicKey() Returns the public key that has been used to verify this JWT.
String	getSerialized() Returns the serialized string of this JWT
String	getSubject() Returns the subject.
protected abstract String	getTokenType() This method must return one of the currently defined token types:
boolean	isValid() Checks if this JWT is valid.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AbstractJWT

protected AbstractJWT(de.samply.common.config.OAuth2Client config,
           String serialized)
               throws JWTException

Initializes this JWT with an OAuth2Client configuration and the serialized string. The public key is loaded from the base64 format in the OAuth2Client configuration

Parameters:

config - the OAuth2 client side configuration. The public key is needed to check the signature.

serialized - the serialized JWT

Throws:

JWTException - if any error occurs during deserialization or signature verification

AbstractJWT

protected AbstractJWT(PublicKey publicKey,
           String serialized)
               throws JWTException

Initializes this JWT with a public key and the serialized string. The public key is used to check the signature

Parameters:

publicKey - The identity providers public key (needed to check the signature)

serialized - the serialized JWT

Throws:

JWTException - if any error occurs during deserialization or signature verification

Method Detail

isValid

public boolean isValid()

Checks if this JWT is valid. The signature is checked once, the expiration date is checked every time this method is called.

Returns:

a boolean.

getClaimsSet

public com.nimbusds.jwt.ReadOnlyJWTClaimsSet getClaimsSet()

Returns all claims

Returns:

a ReadOnlyJWTClaimsSet object.

getSerialized

public String getSerialized()

Returns the serialized string of this JWT

Returns:

a String object.

getSubject

public String getSubject()

Returns the subject. This should be used as an user ID.

Returns:

a String object.

getPublicKey

public PublicKey getPublicKey()

Returns the public key that has been used to verify this JWT.

Returns:

getTokenType

protected abstract String getTokenType()

This method must return one of the currently defined token types:

 ACCESS_TOKEN
 ID_TOKEN
 REFRESH_TOKEN
 

Returns: