Package org.eclipse.microprofile.jwt
Interface JsonWebToken
- All Superinterfaces:
Principal
A read-only interface for the the claims required by Eclipse MicroProfile conforming tokens. Additional information
about the claims defined by OIDC and RFC7519 can be found at https://www.iana.org/assignments/jwt/jwt.xhtml.
This is compatible with the pre-JSR 375 caller
Principal
api.-
Method Summary
Modifier and TypeMethodDescriptiondefault <T> Optional<T>
A utility method to access a claim value in an Optional wrapperdefault <T> Optional<T>
A utility method to access a claim value in an Optional wrapperdefault boolean
containsClaim
(String claimName) Verify is a given claim existsThe aud(Audience) claim identifies the recipients that the JWT is intended for.<T> T
Access the value of the indicated claim.default <T> T
Access the value of the indicated claim.Access the names of all claims are associated with this token.default long
The exp (Expiration time) claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing in seconds since 1970-01-01T00:00:00Z UTCThe groups claim provides the group names the JWT principal has been granted.default long
The iat(Issued at time) claim identifies the time at which the JWT was issued in seconds since 1970-01-01T00:00:00Z UTCdefault String
The iss(Issuer) claim identifies the principal that issued the JWTgetName()
Returns the unique name of this principal.default String
Get the raw bearer token string originally passed in the authentication headerdefault String
The sub(Subject) claim identifies the principal that is the subject of the JWT.default String
The jti(JWT ID) claim provides a unique identifier for the JWT.
-
Method Details
-
getName
String getName()Returns the unique name of this principal. This either comes from the upn claim, or if that is missing, the preferred_username claim. Note that for guaranteed interoperability a upn claim should be used. -
getRawToken
Get the raw bearer token string originally passed in the authentication header- Returns:
- raw bear token string
-
getIssuer
The iss(Issuer) claim identifies the principal that issued the JWT- Returns:
- the iss claim.
-
getAudience
The aud(Audience) claim identifies the recipients that the JWT is intended for.- Returns:
- the aud claim or null if the claim is not present
-
getSubject
The sub(Subject) claim identifies the principal that is the subject of the JWT. This is the token issuing IDP subject.- Returns:
- the sub claim.
-
getTokenID
The jti(JWT ID) claim provides a unique identifier for the JWT. The identifier value MUST be assigned in a manner that ensures that there is a negligible probability that the same value will be accidentally assigned to a different data object; if the application uses multiple issuers, collisions MUST be prevented among values produced by different issuers as well. The "jti" claim can be used to prevent the JWT from being replayed.- Returns:
- the jti claim.
-
getExpirationTime
default long getExpirationTime()The exp (Expiration time) claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing in seconds since 1970-01-01T00:00:00Z UTC- Returns:
- the exp claim.
-
getIssuedAtTime
default long getIssuedAtTime()The iat(Issued at time) claim identifies the time at which the JWT was issued in seconds since 1970-01-01T00:00:00Z UTC- Returns:
- the iat claim
-
getGroups
The groups claim provides the group names the JWT principal has been granted. This is a MicroProfile specific claim.- Returns:
- a possibly empty set of group names.
-
getClaimNames
Access the names of all claims are associated with this token.- Returns:
- non-standard claim names in the token
-
containsClaim
Verify is a given claim exists- Parameters:
claimName
- - the name of the claim- Returns:
- true if the JsonWebToken contains the claim, false otherwise
-
getClaim
Access the value of the indicated claim.- Type Parameters:
T
- The claim type- Parameters:
claimName
- - the name of the claim- Returns:
- the value of the indicated claim if it exists, null otherwise.
-
getClaim
Access the value of the indicated claim.- Type Parameters:
T
- The claim type- Parameters:
claim
- - the claim- Returns:
- the value of the indicated claim if it exists, null otherwise.
-
claim
A utility method to access a claim value in an Optional wrapper- Type Parameters:
T
- - the type of the claim value to return- Parameters:
claimName
- - the name of the claim- Returns:
- an Optional wrapper of the claim value
-
claim
A utility method to access a claim value in an Optional wrapper- Type Parameters:
T
- - the type of the claim value to return- Parameters:
claim
- - the claim- Returns:
- an Optional wrapper of the claim value
-