Interface JsonWebToken

  • All Superinterfaces:
    Principal

    public interface JsonWebToken
    extends Principal
    A read-only interface for the the claims required by Eclipse MicroProfile conforming tokens. Additional information about the claims defined by OIDC and RFC7519 can be found at https://www.iana.org/assignments/jwt/jwt.xhtml. This is compatible with the pre-JSR 375 caller Principal api.
    • Method Summary

      All Methods Instance Methods Abstract Methods Default Methods 
      Modifier and Type Method Description
      default <T> Optional<T> claim​(String claimName)
      A utility method to access a claim value in an Optional wrapper
      default <T> Optional<T> claim​(Claims claim)
      A utility method to access a claim value in an Optional wrapper
      default boolean containsClaim​(String claimName)
      Verify is a given claim exists
      default Set<String> getAudience()
      The aud(Audience) claim identifies the recipients that the JWT is intended for.
      <T> T getClaim​(String claimName)
      Access the value of the indicated claim.
      default <T> T getClaim​(Claims claim)
      Access the value of the indicated claim.
      Set<String> getClaimNames()
      Access the names of all claims are associated with this token.
      default long getExpirationTime()
      The exp (Expiration time) claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing in seconds since 1970-01-01T00:00:00Z UTC
      default Set<String> getGroups()
      The groups claim provides the group names the JWT principal has been granted.
      default long getIssuedAtTime()
      The iat(Issued at time) claim identifies the time at which the JWT was issued in seconds since 1970-01-01T00:00:00Z UTC
      default String getIssuer()
      The iss(Issuer) claim identifies the principal that issued the JWT
      String getName()
      Returns the unique name of this principal.
      default String getRawToken()
      Get the raw bearer token string originally passed in the authentication header
      default String getSubject()
      The sub(Subject) claim uniquely identifies the principal that is the subject of the JWT.
      default String getTokenID()
      The jti(JWT ID) claim provides a unique identifier for the JWT.
    • Method Detail

      • getName

        String getName()
        Returns the unique name of this principal. The upn claim is checked first, the preferred_username claim is checked next, and finally, the sub claim is checked. Note that for guaranteed interoperability a upn claim should be used. However, the preferred_username claim is not guaranteed to be always unique. Therefore, if a truly unique principal identifier is required, prefer getting the sub claim directly by calling the getSubject() method.
        Specified by:
        getName in interface Principal
        Returns:
        the unique name of this principal.
      • getRawToken

        default String getRawToken()
        Get the raw bearer token string originally passed in the authentication header
        Returns:
        raw bear token string
      • getIssuer

        default String getIssuer()
        The iss(Issuer) claim identifies the principal that issued the JWT
        Returns:
        the iss claim.
      • getAudience

        default Set<String> getAudience()
        The aud(Audience) claim identifies the recipients that the JWT is intended for.
        Returns:
        the aud claim or null if the claim is not present
      • getSubject

        default String getSubject()
        The sub(Subject) claim uniquely identifies the principal that is the subject of the JWT. This is the token issuing IDP subject.
        Returns:
        the sub claim.
      • getTokenID

        default String getTokenID()
        The jti(JWT ID) claim provides a unique identifier for the JWT. The identifier value MUST be assigned in a manner that ensures that there is a negligible probability that the same value will be accidentally assigned to a different data object; if the application uses multiple issuers, collisions MUST be prevented among values produced by different issuers as well. The "jti" claim can be used to prevent the JWT from being replayed.
        Returns:
        the jti claim.
      • getExpirationTime

        default long getExpirationTime()
        The exp (Expiration time) claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing in seconds since 1970-01-01T00:00:00Z UTC
        Returns:
        the exp claim.
      • getIssuedAtTime

        default long getIssuedAtTime()
        The iat(Issued at time) claim identifies the time at which the JWT was issued in seconds since 1970-01-01T00:00:00Z UTC
        Returns:
        the iat claim
      • getGroups

        default Set<String> getGroups()
        The groups claim provides the group names the JWT principal has been granted. This is a MicroProfile specific claim.
        Returns:
        a possibly empty set of group names.
      • getClaimNames

        Set<String> getClaimNames()
        Access the names of all claims are associated with this token.
        Returns:
        non-standard claim names in the token
      • containsClaim

        default boolean containsClaim​(String claimName)
        Verify is a given claim exists
        Parameters:
        claimName - - the name of the claim
        Returns:
        true if the JsonWebToken contains the claim, false otherwise
      • getClaim

        <T> T getClaim​(String claimName)
        Access the value of the indicated claim.
        Type Parameters:
        T - The claim type
        Parameters:
        claimName - - the name of the claim
        Returns:
        the value of the indicated claim if it exists, null otherwise.
      • getClaim

        default <T> T getClaim​(Claims claim)
        Access the value of the indicated claim.
        Type Parameters:
        T - The claim type
        Parameters:
        claim - - the claim
        Returns:
        the value of the indicated claim if it exists, null otherwise.
      • claim

        default <T> Optional<T> claim​(String claimName)
        A utility method to access a claim value in an Optional wrapper
        Type Parameters:
        T - - the type of the claim value to return
        Parameters:
        claimName - - the name of the claim
        Returns:
        an Optional wrapper of the claim value
      • claim

        default <T> Optional<T> claim​(Claims claim)
        A utility method to access a claim value in an Optional wrapper
        Type Parameters:
        T - - the type of the claim value to return
        Parameters:
        claim - - the claim
        Returns:
        an Optional wrapper of the claim value