public class JwtBuilder
extends java.lang.Object
This API is used for the creation of JSON Web Token (JWT) security tokens conforming the JWT specification as defined in:
JSON Web Token (JWT). The JWT tokens are self-described and can be validated
locally by the resource server or the client.
The code snippet that is shown here demonstrate how to use this API to generate the token. In the sample code, it is assumed
that the configuration id specified in the API matches the jwtBuilder element ID in the server configuration or the default id
that is provided in the Liberty runtime.
// 1. Create a JWTBuilder Object. JwtBuilder jwtBuilder = JwtBuilder.create("samplebuilder"); // Overwrite issuer. This is optional and if issuer is not specified either in the server configuration or here, // then the Builder will construct a default issuer Url jwtBuilder = jwtBuilder.issuer("http://host:port/issuer url"); // Overwrite any of the following // audience, expiration time, not before, subject, signing key or algorithm, jti jwtBuilder = jwtBuilder.audience(Arrays.asList(new String[]{"one", "two", "three"}); jwtBuilder = jwtBuilder.signWith("HS256", "shared secret"); // Overwrite or set any additional claims jwtBuilder = jwtBuilder.claim("custom claim", "custom value"); // 2. Create a JWT token JwtToken jwt = jwtBuilder.buildJwt();
Constructor and Description |
---|
JwtBuilder() |
JwtBuilder(java.lang.String builderConfigId) |
Modifier and Type | Method and Description |
---|---|
JwtBuilder |
audience(java.util.List<java.lang.String> newaudiences)
Sets audience claim.
|
JwtToken |
buildJwt()
Creates a new
JwtToken object based on the information in this JwtBuilder object and based on
the configuration for the jwtBuilder element that is specified in the server configuration that matches the ID
used to instantiate this JwtBuilder object. |
JwtBuilder |
claim(java.util.Map<java.lang.String,java.lang.Object> map)
Sets the specified claims.
|
JwtBuilder |
claim(java.lang.String name,
java.lang.Object value)
Sets the specified claim.
|
JwtBuilder |
claimFrom(JwtToken jwt)
Retrieves all the claims from the given jwt.
|
JwtBuilder |
claimFrom(JwtToken jwt,
java.lang.String claimName)
Retrieves the specified claim from the given JwtToken.
|
JwtBuilder |
claimFrom(java.lang.String jsonOrJwt)
Retrieves all the claims from the given json or jwt string.
|
JwtBuilder |
claimFrom(java.lang.String jsonOrJwt,
java.lang.String claim)
Retrieves the specified claim from the given json or jwt string.
|
static JwtBuilder |
create()
Creates a new
JwtBuilder object using the default configuration ID . |
static JwtBuilder |
create(java.lang.String builderConfigId)
Creates a new
JwtBuilder object using the configuration ID provided. |
JwtBuilder |
expirationTime(long exp)
Sets expiration claim.
|
JwtBuilder |
fetch(java.lang.String name)
Retrieves the specified claim from the configured user registry.
|
JwtBuilder |
issuer(java.lang.String issuerUrl)
Sets issuer claim.
|
JwtBuilder |
jwtId(boolean create)
Sets JWT ID.
|
JwtBuilder |
notBefore(long time_from)
Sets "not before" claim.
|
JwtBuilder |
remove(java.lang.String name)
Removes the specified claim.
|
JwtBuilder |
signWith(java.lang.String algorithm,
java.security.Key key)
Signing key and algorithm information.
|
JwtBuilder |
signWith(java.lang.String algorithm,
java.lang.String key)
Signing key and algorithm information.
|
JwtBuilder |
subject(java.lang.String username)
Sets "subject" claim.
|
public JwtBuilder()
public JwtBuilder(java.lang.String builderConfigId) throws InvalidBuilderException
InvalidBuilderException
public static JwtBuilder create() throws InvalidBuilderException
JwtBuilder
object using the default configuration ID .JwtBuilder
object tied to the jwtBuilder
server configuration element with the default ID
.InvalidBuilderException
- Thrown if the JWT builder service is not available.public static JwtBuilder create(java.lang.String builderConfigId) throws InvalidBuilderException
JwtBuilder
object using the configuration ID provided.builderConfigId
- ID of a corresponding jwtBuilder
element in the server configuration.JwtBuilder
object tied to the jwtBuilder
server configuration element whose id
attribute matches the ID provided.InvalidConsumerException
- Thrown if the builderConfigId is null
, or if there is no matching configuration ID in the
server configuration.InvalidBuilderException
public JwtBuilder issuer(java.lang.String issuerUrl) throws InvalidClaimException
issuerUrl
- This will be used to set the "iss" claim in the JwtToken
JwtBuilder
objectInvalidClaimException
- Thrown if the issuerUrl is null
, or emptypublic JwtBuilder audience(java.util.List<java.lang.String> newaudiences) throws InvalidClaimException
newaudiences
- This is a list of Strings and will be used to set the "aud" claim in the JwtToken
JwtBuilder
objectInvalidClaimException
- Thrown if the newaudiences is null
, or emptypublic JwtBuilder expirationTime(long exp) throws InvalidClaimException
exp
- This is a "long" value representing the time in milliseconds since January 1, 1970, 00:00:00 GMT. This will be
used to set the "exp" claim in the JwtToken
JwtBuilder
objectInvalidClaimException
- Thrown if the exp is before the current timepublic JwtBuilder jwtId(boolean create)
create
- This is a boolean value that represents whether to generate a unique identifier. If the unique identifier is
generated, then the "jti" claim is set in the JwtToken
JwtBuilder
objectpublic JwtBuilder notBefore(long time_from) throws InvalidClaimException
time_from
- This is a "long" value representing the time in milliseconds since January 1, 1970, 00:00:00 GMT. This will be
used to set the "nbf" claim in the JwtToken
JwtBuilder
objectInvalidClaimException
- Thrown if the time_from is not a positive numberpublic JwtBuilder subject(java.lang.String username) throws InvalidClaimException
username
- This String value represents the principal name. This will be used
to set the "sub" claim in the JwtToken
JwtBuilder
objectInvalidClaimException
- Thrown if the username is null
, or emptypublic JwtBuilder signWith(java.lang.String algorithm, java.security.Key key) throws KeyException
algorithm
- This String value represents the signing algorithm. This information will be used
to sign the JwtToken
key
- The private key Key
to use for signing JWTs.JwtBuilder
objectKeyException
- Thrown if the key is null
or if algorithm is null
or emptypublic JwtBuilder signWith(java.lang.String algorithm, java.lang.String key) throws KeyException
algorithm
- This String value represents the signing algorithm. This information will be used
to sign the JwtToken
key
- This represents shared secret that can be used to create the shared keyJwtBuilder
objectKeyException
- Thrown if the key or algorithm is null
or emptypublic JwtBuilder claim(java.lang.String name, java.lang.Object value) throws InvalidClaimException
name
- This is a String and represents the name of the claimvalue
- This is an Object and represents the value of the claimJwtBuilder
objectInvalidClaimException
- Thrown if the claim is null
, or the value is null
or the value is not the correct type for the
claimpublic JwtBuilder claim(java.util.Map<java.lang.String,java.lang.Object> map) throws InvalidClaimException
map
- This is a Map and represents the collection of claim name and claim value pairs to be set in the JWT.JwtBuilder
objectInvalidClaimException
- Thrown if the claim is null
, or the value is null
or the value is not the correct type for the
claimpublic JwtBuilder fetch(java.lang.String name) throws InvalidClaimException
name
- This is a String and represents the name of the claimJwtBuilder
objectInvalidClaimException
- Thrown if the claim is null
or emptypublic JwtBuilder remove(java.lang.String name) throws InvalidClaimException
name
- This is a String and represents the name of the claim to removeJwtBuilder
objectInvalidClaimException
- Thrown if the claim is null
or emptypublic JwtBuilder claimFrom(java.lang.String jsonOrJwt, java.lang.String claim) throws InvalidClaimException, InvalidTokenException
jsonOrJwt
- This is a String and represents either base 64 encoded or decoded JWT payload in the json format or base 64
encoded JWTJwtBuilder
objectInvalidClaimException
- Thrown if the claim is null
or emptyInvalidTokenException
- Thrown if the jsonOrJwt is null
or if the api fails to process the stringpublic JwtBuilder claimFrom(java.lang.String jsonOrJwt) throws InvalidClaimException, InvalidTokenException
jsonOrJwt
- This is a String and represents either base 64 encoded or decoded JWT payload in the json format or base 64
encoded JWTJwtBuilder
objectInvalidTokenException
- Thrown if the jsonOrJwt is null
or if the api fails to process the jsonOrJwt stringInvalidClaimException
public JwtBuilder claimFrom(JwtToken jwt, java.lang.String claimName) throws InvalidClaimException, InvalidTokenException
jwt
- This is a JwtToken
objectclaimName
- This is a String and represents the name of the claimJwtBuilder
objectInvalidClaimException
- Thrown if the claim is null
or emptyInvalidTokenException
- Thrown if the jwt is null
or if the api fails to process the jwtpublic JwtBuilder claimFrom(JwtToken jwt) throws InvalidTokenException
jwt
- This is a JwtToken
object and represents base 64 encoded JWTJwtBuilder
objectInvalidTokenException
- Thrown if the jwt is null
or if the api fails to process the jwtpublic JwtToken buildJwt() throws JwtException, InvalidBuilderException
JwtToken
object based on the information in this JwtBuilder
object and based on
the configuration for the jwtBuilder
element that is specified in the server configuration that matches the ID
used to instantiate this JwtBuilder
object.JwtToken
object.InvalidBuilderException
- Thrown if a jwtBuilder
element with the ID used to instantiate this JwtBuilder
object cannot
be found in the server configuration.JwtException
- Thrown if there is an error while creating the JWT, which includes creating the token payload, header,
or signature.