/** * Add check for verifying that token issuedFor (azp claim) is the expected value * * @param expectedIssuedFor issuedFor, which needs to be in the target token. Can't be null * @return This token verifier */ public TokenVerifier<T> issuedFor(String expectedIssuedFor) { return this.replaceCheck(IssuedForCheck.class, true, new IssuedForCheck(expectedIssuedFor)); }
/** * @deprecated This method is here only for backward compatibility with previous version of {@code TokenVerifier}. * @return This token verifier */ public TokenVerifier<T> checkTokenType(boolean checkTokenType) { this.checkTokenType = checkTokenType; return replaceCheck(TokenTypeCheck.class, this.checkTokenType, new TokenTypeCheck(expectedTokenType)); }
/** * Add check for verifying that token contains the expectedAudience * * @param expectedAudience Audience, which needs to be in the target token. Can't be null * @return This token verifier */ public TokenVerifier<T> audience(String expectedAudience) { return this.replaceCheck(AudienceCheck.class, true, new AudienceCheck(expectedAudience)); }
@Override public RefreshableKeycloakSecurityContext getKeycloakSecurityContext() { return principal.getKeycloakSecurityContext(); }
/** * @deprecated This method is here only for backward compatibility with previous version of {@code TokenVerifier}. * @return This token verifier */ public TokenVerifier<T> realmUrl(String realmUrl) { this.realmUrl = realmUrl; return replaceCheck(RealmUrlCheck.class, checkRealmUrl, new RealmUrlCheck(realmUrl)); }
public RSATokenVerifier publicKey(PublicKey publicKey) { tokenVerifier.publicKey(publicKey); return this; }
public RSATokenVerifier verify() throws VerificationException { tokenVerifier.verify(); return this; }
public AccessToken getToken() throws VerificationException { return tokenVerifier.getToken(); }
/** * Creates an instance of {@code TokenVerifier} for the given token. * The token verifier has no checks defined. Note that the checks are only tested when * {@link #verify()} method is invoked. * <p> * <b>NOTE:</b> The returned token verifier cannot verify token signature since * that is not part of the {@link JsonWebToken} object. * @return */ public static <T extends JsonWebToken> TokenVerifier<T> createWithoutSignature(T token) { return new TokenVerifier(token); }
/** * @deprecated This method is here only for backward compatibility with previous version of {@code TokenVerifier}. * @return This token verifier */ public TokenVerifier<T> checkActive(boolean checkActive) { return replaceCheck(IS_ACTIVE, checkActive, IS_ACTIVE); }
public T getToken() throws VerificationException { if (token == null) { parse(); } return token; }
@Override public Integer getInt(String key) { return getInt(key, null); }
public RSATokenVerifier checkTokenType(boolean checkTokenType) { tokenVerifier.checkTokenType(checkTokenType); return this; }
public boolean hasResourcePermission(String resourceName) { return hasPermission(resourceName, null); }
/** * @deprecated This method is here only for backward compatibility with previous version of {@code TokenVerifier}. * @return This token verifier */ public TokenVerifier<T> tokenType(String tokenType) { this.expectedTokenType = tokenType; return replaceCheck(TokenTypeCheck.class, this.checkTokenType, new TokenTypeCheck(expectedTokenType)); }
/** * @deprecated This method is here only for backward compatibility with previous version of {@code TokenVerifier}. * @return This token verifier */ public TokenVerifier<T> checkRealmUrl(boolean checkRealmUrl) { this.checkRealmUrl = checkRealmUrl; return replaceCheck(RealmUrlCheck.class, this.checkRealmUrl, new RealmUrlCheck(realmUrl)); }
/** * Creates an instance of {@code TokenVerifier} from the given string on a JWT of the given class. * The token verifier has no checks defined. Note that the checks are only tested when * {@link #verify()} method is invoked. * @param <T> Type of the token * @param tokenString String representation of JWT * @param clazz Class of the token * @return */ public static <T extends JsonWebToken> TokenVerifier<T> create(String tokenString, Class<T> clazz) { return new TokenVerifier(tokenString, clazz); }