Interface Names


  • public interface Names
    Constants for the names of the MP-config properties that MP-JWT implementations must support externalization of to ensure portable setup of MP-JWT implementations.
    • Field Detail

      • VERIFIER_PUBLIC_KEY_LOCATION

        static final String VERIFIER_PUBLIC_KEY_LOCATION
        The relative path or full URL of the verification public key. All relative paths will be resolved within the archive using ClassLoader.getResource. If the value is a URL it will be resolved using `new URL(“”).openStream()`
        See Also:
        Constant Field Values
      • VERIFIER_PUBLIC_KEY_ALGORITHM

        static final String VERIFIER_PUBLIC_KEY_ALGORITHM
        Public Key Signature Algorithm property which can be set to either 'RS256' or 'ES256'.
        See Also:
        Constant Field Values
      • DECRYPTOR_KEY_LOCATION

        static final String DECRYPTOR_KEY_LOCATION
        The relative path or full URL of the decryption key. All relative paths will be resolved within the archive using ClassLoader.getResource. If the value is a URL it will be resolved using `new URL(“”).openStream()`
        See Also:
        Constant Field Values
      • DECRYPTOR_KEY_ALGORITHM

        static final String DECRYPTOR_KEY_ALGORITHM
        Key Management Algorithm property which can be set to either 'RSA-OAEP' or 'RSA-OAEP-256'
        See Also:
        Constant Field Values
      • TOKEN_HEADER

        static final String TOKEN_HEADER
        The HTTP header name expected to contain the JWT token.

        Supported values are Authorization (default) and Cookie.

        See Also:
        Constant Field Values
      • TOKEN_COOKIE

        static final String TOKEN_COOKIE
        The Cookie name expected to containe the JWT token (default is Bearer).

        This configuration will be ignored unless `mp.jwt.token.header` is set to `Cookie`.

        See Also:
        Constant Field Values
      • TOKEN_AGE

        static final String TOKEN_AGE
        The number of seconds since 'iat' after which the token must be considered invalid.
        See Also:
        Constant Field Values
      • AUDIENCES

        static final String AUDIENCES
        The expected "aud" claim value(s), separated by commas. If specified, MP-JWT claim must be present and match one of the values.
        See Also:
        Constant Field Values
      • CLOCK_SKEW

        static final String CLOCK_SKEW
        The clock skew in seconds used during the token expiry and age verification.
        See Also:
        Constant Field Values