Class NimbusReactiveJwtDecoder
- java.lang.Object
-
- org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder
-
- All Implemented Interfaces:
ReactiveJwtDecoder
public final class NimbusReactiveJwtDecoder extends java.lang.Object implements ReactiveJwtDecoder
An implementation of aReactiveJwtDecoder
that "decodes" a JSON Web Token (JWT) and additionally verifies it's digital signature if the JWT is a JSON Web Signature (JWS).NOTE: This implementation uses the Nimbus JOSE + JWT SDK internally.
- Since:
- 5.1
- See Also:
ReactiveJwtDecoder
, JSON Web Token (JWT), JSON Web Signature (JWS), JSON Web Key (JWK), Nimbus JOSE + JWT SDK
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
NimbusReactiveJwtDecoder.JwkSetUriReactiveJwtDecoderBuilder
A builder for creatingNimbusReactiveJwtDecoder
instances based on a JWK Set uri.static class
NimbusReactiveJwtDecoder.JwkSourceReactiveJwtDecoderBuilder
A builder for creatingNimbusReactiveJwtDecoder
instances.static class
NimbusReactiveJwtDecoder.PublicKeyReactiveJwtDecoderBuilder
A builder for creatingNimbusReactiveJwtDecoder
instances based on a public key.static class
NimbusReactiveJwtDecoder.SecretKeyReactiveJwtDecoderBuilder
A builder for creatingNimbusReactiveJwtDecoder
instances based on aSecretKey
.
-
Constructor Summary
Constructors Constructor Description NimbusReactiveJwtDecoder(java.lang.String jwkSetUrl)
Constructs aNimbusReactiveJwtDecoder
using the provided parameters.NimbusReactiveJwtDecoder(java.security.interfaces.RSAPublicKey publicKey)
Constructs aNimbusReactiveJwtDecoder
using the provided parameters.NimbusReactiveJwtDecoder(org.springframework.core.convert.converter.Converter<com.nimbusds.jwt.JWT,reactor.core.publisher.Mono<com.nimbusds.jwt.JWTClaimsSet>> jwtProcessor)
Constructs aNimbusReactiveJwtDecoder
using the provided parameters.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description reactor.core.publisher.Mono<Jwt>
decode(java.lang.String token)
Decodes the JWT from it's compact claims representation format and returns aJwt
.void
setClaimSetConverter(org.springframework.core.convert.converter.Converter<java.util.Map<java.lang.String,java.lang.Object>,java.util.Map<java.lang.String,java.lang.Object>> claimSetConverter)
Use the followingConverter
for manipulating the JWT's claim setvoid
setJwtValidator(OAuth2TokenValidator<Jwt> jwtValidator)
Use the providedOAuth2TokenValidator
to validate incomingJwt
s.static NimbusReactiveJwtDecoder.JwkSetUriReactiveJwtDecoderBuilder
withJwkSetUri(java.lang.String jwkSetUri)
Use the given JWK Set uri to validate JWTs.static NimbusReactiveJwtDecoder.JwkSourceReactiveJwtDecoderBuilder
withJwkSource(java.util.function.Function<com.nimbusds.jwt.SignedJWT,reactor.core.publisher.Flux<com.nimbusds.jose.jwk.JWK>> source)
Use the givenFunction
to validate JWTsstatic NimbusReactiveJwtDecoder.PublicKeyReactiveJwtDecoderBuilder
withPublicKey(java.security.interfaces.RSAPublicKey key)
Use the given public key to validate JWTsstatic NimbusReactiveJwtDecoder.SecretKeyReactiveJwtDecoderBuilder
withSecretKey(javax.crypto.SecretKey secretKey)
Use the givenSecretKey
to validate the MAC on a JSON Web Signature (JWS).
-
-
-
Constructor Detail
-
NimbusReactiveJwtDecoder
public NimbusReactiveJwtDecoder(java.lang.String jwkSetUrl)
Constructs aNimbusReactiveJwtDecoder
using the provided parameters.- Parameters:
jwkSetUrl
- the JSON Web Key (JWK) SetURL
-
NimbusReactiveJwtDecoder
public NimbusReactiveJwtDecoder(java.security.interfaces.RSAPublicKey publicKey)
Constructs aNimbusReactiveJwtDecoder
using the provided parameters.- Parameters:
publicKey
- theRSAPublicKey
used to verify the signature- Since:
- 5.2
-
NimbusReactiveJwtDecoder
public NimbusReactiveJwtDecoder(org.springframework.core.convert.converter.Converter<com.nimbusds.jwt.JWT,reactor.core.publisher.Mono<com.nimbusds.jwt.JWTClaimsSet>> jwtProcessor)
Constructs aNimbusReactiveJwtDecoder
using the provided parameters.- Parameters:
jwtProcessor
- theConverter
used to process and verify the signed Jwt and return the Jwt Claim Set- Since:
- 5.2
-
-
Method Detail
-
setJwtValidator
public void setJwtValidator(OAuth2TokenValidator<Jwt> jwtValidator)
Use the providedOAuth2TokenValidator
to validate incomingJwt
s.- Parameters:
jwtValidator
- theOAuth2TokenValidator
to use
-
setClaimSetConverter
public void setClaimSetConverter(org.springframework.core.convert.converter.Converter<java.util.Map<java.lang.String,java.lang.Object>,java.util.Map<java.lang.String,java.lang.Object>> claimSetConverter)
Use the followingConverter
for manipulating the JWT's claim set- Parameters:
claimSetConverter
- theConverter
to use
-
decode
public reactor.core.publisher.Mono<Jwt> decode(java.lang.String token) throws JwtException
Description copied from interface:ReactiveJwtDecoder
Decodes the JWT from it's compact claims representation format and returns aJwt
.- Specified by:
decode
in interfaceReactiveJwtDecoder
- Parameters:
token
- the JWT value- Returns:
- a
Jwt
- Throws:
JwtException
- if an error occurs while attempting to decode the JWT
-
withJwkSetUri
public static NimbusReactiveJwtDecoder.JwkSetUriReactiveJwtDecoderBuilder withJwkSetUri(java.lang.String jwkSetUri)
Use the given JWK Set uri to validate JWTs.- Parameters:
jwkSetUri
- the JWK Set uri to use- Returns:
- a
NimbusReactiveJwtDecoder.JwkSetUriReactiveJwtDecoderBuilder
for further configurations - Since:
- 5.2
-
withPublicKey
public static NimbusReactiveJwtDecoder.PublicKeyReactiveJwtDecoderBuilder withPublicKey(java.security.interfaces.RSAPublicKey key)
Use the given public key to validate JWTs- Parameters:
key
- the public key to use- Returns:
- a
NimbusReactiveJwtDecoder.PublicKeyReactiveJwtDecoderBuilder
for further configurations - Since:
- 5.2
-
withSecretKey
public static NimbusReactiveJwtDecoder.SecretKeyReactiveJwtDecoderBuilder withSecretKey(javax.crypto.SecretKey secretKey)
Use the givenSecretKey
to validate the MAC on a JSON Web Signature (JWS).- Parameters:
secretKey
- theSecretKey
used to validate the MAC- Returns:
- a
NimbusReactiveJwtDecoder.SecretKeyReactiveJwtDecoderBuilder
for further configurations - Since:
- 5.2
-
withJwkSource
public static NimbusReactiveJwtDecoder.JwkSourceReactiveJwtDecoderBuilder withJwkSource(java.util.function.Function<com.nimbusds.jwt.SignedJWT,reactor.core.publisher.Flux<com.nimbusds.jose.jwk.JWK>> source)
Use the givenFunction
to validate JWTs- Parameters:
source
- theFunction
- Returns:
- a
NimbusReactiveJwtDecoder.JwkSourceReactiveJwtDecoderBuilder
for further configurations - Since:
- 5.2
-
-