Interface Verification

  • All Known Implementing Classes:
    JWTVerifier.BaseVerification

    public interface Verification
    Constructs and holds the checks required for a JWT to be considered valid. Note that implementations are not thread-safe. Once built by calling build(), the resulting JWTVerifier is thread-safe.
    • Method Summary

      All Methods Instance Methods Abstract Methods Default Methods 
      Modifier and Type Method Description
      Verification acceptExpiresAt​(long leeway)
      Set a specific leeway window in seconds in which the Expires At ("exp") Claim will still be valid.
      Verification acceptIssuedAt​(long leeway)
      Set a specific leeway window in seconds in which the Issued At ("iat") Claim will still be valid.
      Verification acceptLeeway​(long leeway)
      Define the default window in seconds in which the Not Before, Issued At and Expires At Claims will still be valid.
      Verification acceptNotBefore​(long leeway)
      Set a specific leeway window in seconds in which the Not Before ("nbf") Claim will still be valid.
      JWTVerifier build()
      Creates a new and reusable instance of the JWTVerifier with the configuration already provided.
      Verification ignoreIssuedAt()
      Skip the Issued At ("iat") claim verification.
      Verification withAnyOfAudience​(java.lang.String... audience)
      Verifies whether the JWT contains an Audience ("aud") claim contain at least one of the specified audiences.
      Verification withArrayClaim​(java.lang.String name, java.lang.Integer... items)
      Verifies whether the claim contain at least the given Integer items.
      Verification withArrayClaim​(java.lang.String name, java.lang.Long... items)
      Verifies whether the claim contain at least the given Long items.
      Verification withArrayClaim​(java.lang.String name, java.lang.String... items)
      Verifies whether the claim contain at least the given String items.
      Verification withAudience​(java.lang.String... audience)
      Verifies whether the JWT contains an Audience ("aud") claim that contains all the values provided.
      Verification withClaim​(java.lang.String name, java.lang.Boolean value)
      Verifies whether the claim is equal to the given Boolean value.
      Verification withClaim​(java.lang.String name, java.lang.Double value)
      Verifies whether the claim is equal to the given Integer value.
      Verification withClaim​(java.lang.String name, java.lang.Integer value)
      Verifies whether the claim is equal to the given Integer value.
      Verification withClaim​(java.lang.String name, java.lang.Long value)
      Verifies whether the claim is equal to the given Long value.
      Verification withClaim​(java.lang.String name, java.lang.String value)
      Verifies whether the claim is equal to the given String value.
      default Verification withClaim​(java.lang.String name, java.time.Instant value)
      Verifies whether the claim is equal to the given Instant value.
      Verification withClaim​(java.lang.String name, java.util.Date value)
      Verifies whether the claim is equal to the given Date value.
      Verification withClaim​(java.lang.String name, java.util.function.BiPredicate<Claim,​DecodedJWT> predicate)
      Executes the predicate provided and the validates the JWT if the predicate returns true.
      Verification withClaimPresence​(java.lang.String name)
      Verifies whether the claim is present in the JWT, with any value including null.
      default Verification withIssuer​(java.lang.String issuer)
      Verifies whether the JWT contains an Issuer ("iss") claim that equals to the value provided.
      Verification withIssuer​(java.lang.String... issuer)
      Verifies whether the JWT contains an Issuer ("iss") claim that contains all the values provided.
      Verification withJWTId​(java.lang.String jwtId)
      Verifies whether the JWT contains a JWT ID ("jti") claim that equals to the value provided.
      Verification withNullClaim​(java.lang.String name)
      Verifies whether the claim is present with a null value.
      Verification withSubject​(java.lang.String subject)
      Verifies whether the JWT contains a Subject ("sub") claim that equals to the value provided.
    • Method Detail

      • withIssuer

        default Verification withIssuer​(java.lang.String issuer)
        Verifies whether the JWT contains an Issuer ("iss") claim that equals to the value provided. This check is case-sensitive.
        Parameters:
        issuer - the required Issuer value.
        Returns:
        this same Verification instance.
      • withIssuer

        Verification withIssuer​(java.lang.String... issuer)
        Verifies whether the JWT contains an Issuer ("iss") claim that contains all the values provided. This check is case-sensitive. An empty array is considered as a null.
        Parameters:
        issuer - the required Issuer value. If multiple values are given, the claim must at least match one of them
        Returns:
        this same Verification instance.
      • withSubject

        Verification withSubject​(java.lang.String subject)
        Verifies whether the JWT contains a Subject ("sub") claim that equals to the value provided. This check is case-sensitive.
        Parameters:
        subject - the required Subject value
        Returns:
        this same Verification instance.
      • withAudience

        Verification withAudience​(java.lang.String... audience)
        Verifies whether the JWT contains an Audience ("aud") claim that contains all the values provided. This check is case-sensitive. An empty array is considered as a null.
        Parameters:
        audience - the required Audience value
        Returns:
        this same Verification instance.
      • withAnyOfAudience

        Verification withAnyOfAudience​(java.lang.String... audience)
        Verifies whether the JWT contains an Audience ("aud") claim contain at least one of the specified audiences. This check is case-sensitive. An empty array is considered as a null.
        Parameters:
        audience - the required Audience value for which the "aud" claim must contain at least one value.
        Returns:
        this same Verification instance.
      • acceptLeeway

        Verification acceptLeeway​(long leeway)
                           throws java.lang.IllegalArgumentException
        Define the default window in seconds in which the Not Before, Issued At and Expires At Claims will still be valid. Setting a specific leeway value on a given Claim will override this value for that Claim.
        Parameters:
        leeway - the window in seconds in which the Not Before, Issued At and Expires At Claims will still be valid.
        Returns:
        this same Verification instance.
        Throws:
        java.lang.IllegalArgumentException - if leeway is negative.
      • acceptExpiresAt

        Verification acceptExpiresAt​(long leeway)
                              throws java.lang.IllegalArgumentException
        Set a specific leeway window in seconds in which the Expires At ("exp") Claim will still be valid. Expiration Date is always verified when the value is present. This method overrides the value set with acceptLeeway
        Parameters:
        leeway - the window in seconds in which the Expires At Claim will still be valid.
        Returns:
        this same Verification instance.
        Throws:
        java.lang.IllegalArgumentException - if leeway is negative.
      • acceptNotBefore

        Verification acceptNotBefore​(long leeway)
                              throws java.lang.IllegalArgumentException
        Set a specific leeway window in seconds in which the Not Before ("nbf") Claim will still be valid. Not Before Date is always verified when the value is present. This method overrides the value set with acceptLeeway
        Parameters:
        leeway - the window in seconds in which the Not Before Claim will still be valid.
        Returns:
        this same Verification instance.
        Throws:
        java.lang.IllegalArgumentException - if leeway is negative.
      • acceptIssuedAt

        Verification acceptIssuedAt​(long leeway)
                             throws java.lang.IllegalArgumentException
        Set a specific leeway window in seconds in which the Issued At ("iat") Claim will still be valid. This method overrides the value set with acceptLeeway(long). By default, the Issued At claim is always verified when the value is present, unless disabled with ignoreIssuedAt(). If Issued At verification has been disabled, no verification of the Issued At claim will be performed, and this method has no effect.
        Parameters:
        leeway - the window in seconds in which the Issued At Claim will still be valid.
        Returns:
        this same Verification instance.
        Throws:
        java.lang.IllegalArgumentException - if leeway is negative.
      • withJWTId

        Verification withJWTId​(java.lang.String jwtId)
        Verifies whether the JWT contains a JWT ID ("jti") claim that equals to the value provided. This check is case-sensitive.
        Parameters:
        jwtId - the required ID value
        Returns:
        this same Verification instance.
      • withClaimPresence

        Verification withClaimPresence​(java.lang.String name)
                                throws java.lang.IllegalArgumentException
        Verifies whether the claim is present in the JWT, with any value including null.
        Parameters:
        name - the Claim's name.
        Returns:
        this same Verification instance
        Throws:
        java.lang.IllegalArgumentException - if the name is null.
      • withNullClaim

        Verification withNullClaim​(java.lang.String name)
                            throws java.lang.IllegalArgumentException
        Verifies whether the claim is present with a null value.
        Parameters:
        name - the Claim's name.
        Returns:
        this same Verification instance.
        Throws:
        java.lang.IllegalArgumentException - if the name is null.
      • withClaim

        Verification withClaim​(java.lang.String name,
                               java.lang.Boolean value)
                        throws java.lang.IllegalArgumentException
        Verifies whether the claim is equal to the given Boolean value.
        Parameters:
        name - the Claim's name.
        value - the Claim's value.
        Returns:
        this same Verification instance.
        Throws:
        java.lang.IllegalArgumentException - if the name is null.
      • withClaim

        Verification withClaim​(java.lang.String name,
                               java.lang.Integer value)
                        throws java.lang.IllegalArgumentException
        Verifies whether the claim is equal to the given Integer value.
        Parameters:
        name - the Claim's name.
        value - the Claim's value.
        Returns:
        this same Verification instance.
        Throws:
        java.lang.IllegalArgumentException - if the name is null.
      • withClaim

        Verification withClaim​(java.lang.String name,
                               java.lang.Long value)
                        throws java.lang.IllegalArgumentException
        Verifies whether the claim is equal to the given Long value.
        Parameters:
        name - the Claim's name.
        value - the Claim's value.
        Returns:
        this same Verification instance.
        Throws:
        java.lang.IllegalArgumentException - if the name is null.
      • withClaim

        Verification withClaim​(java.lang.String name,
                               java.lang.Double value)
                        throws java.lang.IllegalArgumentException
        Verifies whether the claim is equal to the given Integer value.
        Parameters:
        name - the Claim's name.
        value - the Claim's value.
        Returns:
        this same Verification instance.
        Throws:
        java.lang.IllegalArgumentException - if the name is null.
      • withClaim

        Verification withClaim​(java.lang.String name,
                               java.lang.String value)
                        throws java.lang.IllegalArgumentException
        Verifies whether the claim is equal to the given String value. This check is case-sensitive.
        Parameters:
        name - the Claim's name.
        value - the Claim's value.
        Returns:
        this same Verification instance.
        Throws:
        java.lang.IllegalArgumentException - if the name is null.
      • withClaim

        Verification withClaim​(java.lang.String name,
                               java.util.Date value)
                        throws java.lang.IllegalArgumentException
        Verifies whether the claim is equal to the given Date value. Note that date-time claims are serialized as seconds since the epoch; when verifying date-time claim value, any time units more granular than seconds will not be considered.
        Parameters:
        name - the Claim's name.
        value - the Claim's value.
        Returns:
        this same Verification instance.
        Throws:
        java.lang.IllegalArgumentException - if the name is null.
      • withClaim

        default Verification withClaim​(java.lang.String name,
                                       java.time.Instant value)
                                throws java.lang.IllegalArgumentException
        Verifies whether the claim is equal to the given Instant value. Note that date-time claims are serialized as seconds since the epoch; when verifying a date-time claim value, any time units more granular than seconds will not be considered.
        Parameters:
        name - the Claim's name.
        value - the Claim's value.
        Returns:
        this same Verification instance.
        Throws:
        java.lang.IllegalArgumentException - if the name is null.
      • withClaim

        Verification withClaim​(java.lang.String name,
                               java.util.function.BiPredicate<Claim,​DecodedJWT> predicate)
                        throws java.lang.IllegalArgumentException
        Executes the predicate provided and the validates the JWT if the predicate returns true.
        Parameters:
        name - the Claim's name
        predicate - the predicate check to be done.
        Returns:
        this same Verification instance.
        Throws:
        java.lang.IllegalArgumentException - if the name is null.
      • withArrayClaim

        Verification withArrayClaim​(java.lang.String name,
                                    java.lang.String... items)
                             throws java.lang.IllegalArgumentException
        Verifies whether the claim contain at least the given String items.
        Parameters:
        name - the Claim's name.
        items - the items the Claim must contain.
        Returns:
        this same Verification instance.
        Throws:
        java.lang.IllegalArgumentException - if the name is null.
      • withArrayClaim

        Verification withArrayClaim​(java.lang.String name,
                                    java.lang.Integer... items)
                             throws java.lang.IllegalArgumentException
        Verifies whether the claim contain at least the given Integer items.
        Parameters:
        name - the Claim's name.
        items - the items the Claim must contain.
        Returns:
        this same Verification instance.
        Throws:
        java.lang.IllegalArgumentException - if the name is null.
      • withArrayClaim

        Verification withArrayClaim​(java.lang.String name,
                                    java.lang.Long... items)
                             throws java.lang.IllegalArgumentException
        Verifies whether the claim contain at least the given Long items.
        Parameters:
        name - the Claim's name.
        items - the items the Claim must contain.
        Returns:
        this same Verification instance.
        Throws:
        java.lang.IllegalArgumentException - if the name is null.
      • ignoreIssuedAt

        Verification ignoreIssuedAt()
        Skip the Issued At ("iat") claim verification. By default, the verification is performed.
        Returns:
        this same Verification instance.
      • build

        JWTVerifier build()
        Creates a new and reusable instance of the JWTVerifier with the configuration already provided.
        Returns:
        a new JWTVerifier instance.