Package org.eclipse.microprofile.jwt.config

Interface Names

public interface Names
Constants for the names of the MP-config properties that MP-JWT implementations must support externalization of to ensure portable setup of MP-JWT implementations.

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final String
    AUDIENCES
    The expected "aud" claim value(s), separated by commas.
    static final String
    CLOCK_SKEW
    The clock skew in seconds used during the token expiry and age verification.
    static final String
    DECRYPTOR_KEY_ALGORITHM
    Key Management Algorithm property which can be set to either 'RSA-OAEP' or 'RSA-OAEP-256'
    static final String
    DECRYPTOR_KEY_LOCATION
    The relative path or full URL of the decryption key.
    static final String
    ISSUER
    The expected iss claim value to validate against an MP-JWT.
    static final String
    TOKEN_AGE
    The number of seconds since 'iat' after which the token must be considered invalid.
    static final String
    TOKEN_COOKIE
    The Cookie name expected to containe the JWT token (default is Bearer).
    static final String
    TOKEN_HEADER
    The HTTP header name expected to contain the JWT token.
    static final String
    VERIFIER_PUBLIC_KEY
    The embedded key material of the verification public key for the MP-JWT signer in PKCS8 PEM or JWK(S) format.
    static final String
    VERIFIER_PUBLIC_KEY_ALGORITHM
    Public Key Signature Algorithm property which can be set to either 'RS256' or 'ES256'.
    static final String
    VERIFIER_PUBLIC_KEY_LOCATION
    The relative path or full URL of the verification public key.

  • Field Details

    • VERIFIER_PUBLIC_KEY

      static final String VERIFIER_PUBLIC_KEY
      The embedded key material of the verification public key for the MP-JWT signer in PKCS8 PEM or JWK(S) format. If not found the VERIFIER_PUBLIC_KEY_LOCATION needs to be checked.
      See Also:

    • VERIFIER_PUBLIC_KEY_LOCATION

      static final String VERIFIER_PUBLIC_KEY_LOCATION
      The relative path or full URL of the verification public key. All relative paths will be resolved within the archive using ClassLoader.getResource. If the value is a URL it will be resolved using `new URL(“”).openStream()`
      See Also:

    • VERIFIER_PUBLIC_KEY_ALGORITHM

      static final String VERIFIER_PUBLIC_KEY_ALGORITHM
      Public Key Signature Algorithm property which can be set to either 'RS256' or 'ES256'.
      See Also:

    • DECRYPTOR_KEY_LOCATION

      static final String DECRYPTOR_KEY_LOCATION
      The relative path or full URL of the decryption key. All relative paths will be resolved within the archive using ClassLoader.getResource. If the value is a URL it will be resolved using `new URL(“”).openStream()`
      See Also:

    • DECRYPTOR_KEY_ALGORITHM

      static final String DECRYPTOR_KEY_ALGORITHM
      Key Management Algorithm property which can be set to either 'RSA-OAEP' or 'RSA-OAEP-256'
      See Also:

    • ISSUER

      static final String ISSUER
      The expected iss claim value to validate against an MP-JWT.
      See Also:

    • TOKEN_HEADER

      static final String TOKEN_HEADER
      The HTTP header name expected to contain the JWT token.

      Supported values are Authorization (default) and Cookie.

      See Also:

    • TOKEN_AGE

      static final String TOKEN_AGE
      The number of seconds since 'iat' after which the token must be considered invalid.
      See Also:

    • AUDIENCES

      static final String AUDIENCES
      The expected "aud" claim value(s), separated by commas. If specified, MP-JWT claim must be present and match one of the values.
      See Also:

    • CLOCK_SKEW

      static final String CLOCK_SKEW
      The clock skew in seconds used during the token expiry and age verification.
      See Also: