public final class NimbusReactiveJwtDecoder extends java.lang.Object implements ReactiveJwtDecoder
ReactiveJwtDecoder
that "decodes" a JSON Web
Token (JWT) and additionally verifies it's digital signature if the JWT is a JSON Web
Signature (JWS).
NOTE: This implementation uses the Nimbus JOSE + JWT SDK internally.
ReactiveJwtDecoder
,
JSON Web Token
(JWT),
JSON Web Signature
(JWS),
JSON Web Key
(JWK),
Nimbus
JOSE + JWT SDKModifier and Type | Class and Description |
---|---|
static class |
NimbusReactiveJwtDecoder.JwkSetUriReactiveJwtDecoderBuilder
A builder for creating
NimbusReactiveJwtDecoder instances based on a
JWK Set
uri. |
static class |
NimbusReactiveJwtDecoder.JwkSourceReactiveJwtDecoderBuilder
A builder for creating
NimbusReactiveJwtDecoder instances. |
static class |
NimbusReactiveJwtDecoder.PublicKeyReactiveJwtDecoderBuilder
A builder for creating
NimbusReactiveJwtDecoder instances based on a public
key. |
static class |
NimbusReactiveJwtDecoder.SecretKeyReactiveJwtDecoderBuilder
A builder for creating
NimbusReactiveJwtDecoder instances based on a
SecretKey . |
Constructor and Description |
---|
NimbusReactiveJwtDecoder(org.springframework.core.convert.converter.Converter<com.nimbusds.jwt.JWT,reactor.core.publisher.Mono<com.nimbusds.jwt.JWTClaimsSet>> jwtProcessor)
Constructs a
NimbusReactiveJwtDecoder using the provided parameters. |
NimbusReactiveJwtDecoder(java.security.interfaces.RSAPublicKey publicKey)
Constructs a
NimbusReactiveJwtDecoder using the provided parameters. |
NimbusReactiveJwtDecoder(java.lang.String jwkSetUrl)
Constructs a
NimbusReactiveJwtDecoder using the provided parameters. |
Modifier and Type | Method and Description |
---|---|
reactor.core.publisher.Mono<Jwt> |
decode(java.lang.String token)
Decodes the JWT from it's compact claims representation format and returns a
Jwt . |
void |
setClaimSetConverter(org.springframework.core.convert.converter.Converter<java.util.Map<java.lang.String,java.lang.Object>,java.util.Map<java.lang.String,java.lang.Object>> claimSetConverter)
Use the following
Converter for manipulating the JWT's claim set |
void |
setJwtValidator(OAuth2TokenValidator<Jwt> jwtValidator)
Use the provided
OAuth2TokenValidator to validate incoming Jwt s. |
static NimbusReactiveJwtDecoder.JwkSetUriReactiveJwtDecoderBuilder |
withJwkSetUri(java.lang.String jwkSetUri)
Use the given JWK Set
uri to validate JWTs.
|
static NimbusReactiveJwtDecoder.JwkSourceReactiveJwtDecoderBuilder |
withJwkSource(java.util.function.Function<com.nimbusds.jwt.SignedJWT,reactor.core.publisher.Flux<com.nimbusds.jose.jwk.JWK>> source)
Use the given
Function to validate JWTs |
static NimbusReactiveJwtDecoder.PublicKeyReactiveJwtDecoderBuilder |
withPublicKey(java.security.interfaces.RSAPublicKey key)
Use the given public key to validate JWTs
|
static NimbusReactiveJwtDecoder.SecretKeyReactiveJwtDecoderBuilder |
withSecretKey(javax.crypto.SecretKey secretKey)
Use the given
SecretKey to validate the MAC on a JSON Web Signature (JWS). |
public NimbusReactiveJwtDecoder(java.lang.String jwkSetUrl)
NimbusReactiveJwtDecoder
using the provided parameters.jwkSetUrl
- the JSON Web Key (JWK) Set URL
public NimbusReactiveJwtDecoder(java.security.interfaces.RSAPublicKey publicKey)
NimbusReactiveJwtDecoder
using the provided parameters.publicKey
- the RSAPublicKey
used to verify the signaturepublic NimbusReactiveJwtDecoder(org.springframework.core.convert.converter.Converter<com.nimbusds.jwt.JWT,reactor.core.publisher.Mono<com.nimbusds.jwt.JWTClaimsSet>> jwtProcessor)
NimbusReactiveJwtDecoder
using the provided parameters.jwtProcessor
- the Converter
used to process and verify the signed Jwt
and return the Jwt Claim Setpublic void setJwtValidator(OAuth2TokenValidator<Jwt> jwtValidator)
OAuth2TokenValidator
to validate incoming Jwt
s.jwtValidator
- the OAuth2TokenValidator
to usepublic void setClaimSetConverter(org.springframework.core.convert.converter.Converter<java.util.Map<java.lang.String,java.lang.Object>,java.util.Map<java.lang.String,java.lang.Object>> claimSetConverter)
Converter
for manipulating the JWT's claim setclaimSetConverter
- the Converter
to usepublic reactor.core.publisher.Mono<Jwt> decode(java.lang.String token) throws JwtException
ReactiveJwtDecoder
Jwt
.decode
in interface ReactiveJwtDecoder
token
- the JWT valueJwt
JwtException
- if an error occurs while attempting to decode the JWTpublic static NimbusReactiveJwtDecoder.JwkSetUriReactiveJwtDecoderBuilder withJwkSetUri(java.lang.String jwkSetUri)
jwkSetUri
- the JWK Set uri to useNimbusReactiveJwtDecoder.JwkSetUriReactiveJwtDecoderBuilder
for further configurationspublic static NimbusReactiveJwtDecoder.PublicKeyReactiveJwtDecoderBuilder withPublicKey(java.security.interfaces.RSAPublicKey key)
key
- the public key to useNimbusReactiveJwtDecoder.PublicKeyReactiveJwtDecoderBuilder
for further configurationspublic static NimbusReactiveJwtDecoder.SecretKeyReactiveJwtDecoderBuilder withSecretKey(javax.crypto.SecretKey secretKey)
SecretKey
to validate the MAC on a JSON Web Signature (JWS).secretKey
- the SecretKey
used to validate the MACNimbusReactiveJwtDecoder.SecretKeyReactiveJwtDecoderBuilder
for further configurationspublic static NimbusReactiveJwtDecoder.JwkSourceReactiveJwtDecoderBuilder withJwkSource(java.util.function.Function<com.nimbusds.jwt.SignedJWT,reactor.core.publisher.Flux<com.nimbusds.jose.jwk.JWK>> source)
Function
to validate JWTssource
- the Function
NimbusReactiveJwtDecoder.JwkSourceReactiveJwtDecoderBuilder
for further configurations