Copyright© 2008-2022 Sitevision AB, all rights reserved.
O
- script object@Requireable(value="JwtUtil") public interface JwtUtil<O>
Technical information about JWT:
Modifier and Type | Method and Description |
---|---|
String |
createRSAToken(O aClaims,
String aAlgorithm,
Node aPrivateKey,
String aPassword)
Create a JWT token signed with a RSA keypair.
|
String |
createSHAToken(O aClaims,
String aAlgorithm,
String aPreSharedKey)
Create a JWT token with SHA hashing.
|
O |
decodeRSA(String aToken,
Node aPublicKey)
Validate a JWT token created using a RSA keypair.
|
O |
decodeSHA(String aToken,
String aPreSharedKey)
Validate a JWT token created with SHA and a pre-shared key.
|
String createSHAToken(O aClaims, String aAlgorithm, String aPreSharedKey) throws JwtException, IllegalArgumentException
When creating a JWT token, Sitevision always adds an IAT (issued at) claim. The IAT date is set to the time of creation. Custom claims can be of the following types.
JWT tokens signed using a pre-shared key can use an algorithm of the following types:
aClaims
- The claims to send as payload.
Claim values can be of types String, Boolean, Integer, Long and also arrays of Strings or LongsaAlgorithm
- Hashing algorithm used, viable values are HS256, HS384 and HS512aPreSharedKey
- Pre-shared key used for hashing.JwtException
- If an error occurs when creating the JWT tokenIllegalArgumentException
- If aPreSharedKey or aAlgorithm is blank.String createRSAToken(O aClaims, String aAlgorithm, Node aPrivateKey, String aPassword) throws ConstraintViolationException, JwtException, IllegalArgumentException
When creating a JWT token, Sitevision always adds an IAT (issued at) claim. The IAT date is set to the time of creation. Custom claims can be of the following types.
JWT tokens signed using a pre-shared key can use an algorithm of the following types:
When signing or decoding JWT using RSA keypair, Sitevision only support keys coded in standard PEM text format. Private keys can use password, but if a key without password is used, an empty string as password must be supplied.
aClaims
- The claims to send as payload.
Claim values can be of types String, Boolean, Integer, Long and also arrays of Strings or LongsaAlgorithm
- Signing algorithm used, viable values are RS256, RS384 and RS512aPrivateKey
- A sv:file or sv:temporaryFile with the PEM formatted RSA private key.aPassword
- Password for the private key, use an empty string if the key is not password protected.ConstraintViolationException
- If the private key cannot be found or accessedJwtException
- If an error occurs when creating the JWT tokenIllegalArgumentException
- If aPassword is null, aAlgorithm is blank, aPrivateKey is null or if aPrivateKey is not a RSA private key.O decodeSHA(String aToken, String aPreSharedKey) throws JwtException, IllegalArgumentException
The algorithm to decode is automatically detected by Sitevision from the token but it must be one of the following types:
aToken
- Token to validateaPreSharedKey
- Pre-shared key that the hash was created withJwtException
- If an error occurs the decoding the JWT tokenIllegalArgumentException
- If aToken or aPreSharedKey are blank.O decodeRSA(String aToken, Node aPublicKey) throws ConstraintViolationException, JwtException, IllegalArgumentException
The algorithm to decode is automatically detected by Sitevision from the token but it must be one of the following types:
When signing or decoding JWT using RSA keypair, Sitevision only support keys coded in standard PEM text format.
aToken
- Token to validate.aPublicKey
- A sv:file or sv:temporaryFile containing the PEM formatted RSA public key for decrypting the JWT token.ConstraintViolationException
- If the public key cannot be found or accessedJwtException
- If an error occurs the decoding the JWT tokenIllegalArgumentException
- If aToken is blank, aPublicKey is null or aPublicKey is not a RSA public keySitevision - Portal and Content Management Made Easy
Sitevision is an advanced Java enterprise portal product and a portlet container (JSR 286) that implements Java Content Repository (JSR 283).
Copyright© 2008-2022 Sitevision AB, all rights reserved.