Package org.eclipse.microprofile.jwt

Interface JsonWebToken

All Superinterfaces:

Principal

public interface JsonWebToken
extends Principal

A read-only interface for the the claims required by Eclipse MicroProfile conforming tokens. Additional information about the claims defined by OIDC and RFC7519 can be found at https://www.iana.org/assignments/jwt/jwt.xhtml. This is compatible with the pre-JSR 375 caller Principal api.

Method Summary

Modifier and Type	Method	Description
default <T> Optional<T>	claim(String claimName)	A utility method to access a claim value in an Optional wrapper
default <T> Optional<T>	claim(Claims claim)	A utility method to access a claim value in an Optional wrapper
default boolean	containsClaim(String claimName)	Verify is a given claim exists
default Set<String>	getAudience()	The aud(Audience) claim identifies the recipients that the JWT is intended for.
<T> T	getClaim(String claimName)	Access the value of the indicated claim.
default <T> T	getClaim(Claims claim)	Access the value of the indicated claim.
Set<String>	getClaimNames()	Access the names of all claims are associated with this token.
default long	getExpirationTime()	The exp (Expiration time) claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing in seconds since 1970-01-01T00:00:00Z UTC
default Set<String>	getGroups()	The groups claim provides the group names the JWT principal has been granted.
default long	getIssuedAtTime()	The iat(Issued at time) claim identifies the time at which the JWT was issued in seconds since 1970-01-01T00:00:00Z UTC
default String	getIssuer()	The iss(Issuer) claim identifies the principal that issued the JWT
String	getName()	Returns the unique name of this principal.
default String	getRawToken()	Get the raw bearer token string originally passed in the authentication header
default String	getSubject()	The sub(Subject) claim identifies the principal that is the subject of the JWT.
default String	getTokenID()	The jti(JWT ID) claim provides a unique identifier for the JWT.

Methods inherited from interface java.security.Principal

equals, hashCode, implies, toString

Method Details

getName

String getName()

Returns the unique name of this principal. This either comes from the upn claim, or if that is missing, the preferred_username claim. Note that for guaranteed interoperability a upn claim should be used.

Specified by:

getName in interface Principal

Returns:

the unique name of this principal.

getRawToken

default String getRawToken()

Get the raw bearer token string originally passed in the authentication header

Returns:

raw bear token string

getIssuer

default String getIssuer()

The iss(Issuer) claim identifies the principal that issued the JWT

Returns:

the iss claim.

getAudience

default Set<String> getAudience()

The aud(Audience) claim identifies the recipients that the JWT is intended for.

Returns:

the aud claim or null if the claim is not present

getSubject

default String getSubject()

The sub(Subject) claim identifies the principal that is the subject of the JWT. This is the token issuing IDP subject, not the

Returns:

the sub claim.

getTokenID

default String getTokenID()

The jti(JWT ID) claim provides a unique identifier for the JWT. The identifier value MUST be assigned in a manner that ensures that there is a negligible probability that the same value will be accidentally assigned to a different data object; if the application uses multiple issuers, collisions MUST be prevented among values produced by different issuers as well. The "jti" claim can be used to prevent the JWT from being replayed.

Returns:

the jti claim.

getExpirationTime

default long getExpirationTime()

The exp (Expiration time) claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing in seconds since 1970-01-01T00:00:00Z UTC

Returns:

the exp claim.

getIssuedAtTime

default long getIssuedAtTime()

The iat(Issued at time) claim identifies the time at which the JWT was issued in seconds since 1970-01-01T00:00:00Z UTC

Returns:

the iat claim

getGroups

default Set<String> getGroups()

The groups claim provides the group names the JWT principal has been granted. This is a MicroProfile specific claim.

Returns:

a possibly empty set of group names.

getClaimNames

Set<String> getClaimNames()

Access the names of all claims are associated with this token.

Returns:

non-standard claim names in the token

containsClaim

default boolean containsClaim(String claimName)

Verify is a given claim exists

Parameters:

claimName - - the name of the claim

Returns:

true if the JsonWebToken contains the claim, false otherwise

getClaim

<T> T getClaim(String claimName)

Access the value of the indicated claim.

Type Parameters:

T - The claim type

Parameters:

claimName - - the name of the claim

Returns:

the value of the indicated claim if it exists, null otherwise.

getClaim

default <T> T getClaim(Claims claim)

Access the value of the indicated claim.

Type Parameters:

T - The claim type

Parameters:

claim - - the claim

Returns:

the value of the indicated claim if it exists, null otherwise.

claim

default <T> Optional<T> claim(String claimName)

A utility method to access a claim value in an Optional wrapper

Type Parameters:

T - - the type of the claim value to return

Parameters:

claimName - - the name of the claim

Returns:

an Optional wrapper of the claim value

claim

default <T> Optional<T> claim(Claims claim)

A utility method to access a claim value in an Optional wrapper

Type Parameters:

T - - the type of the claim value to return

Parameters:

claim - - the claim

Returns:

an Optional wrapper of the claim value