public interface JWTValidator
A validator encapsulates all of the most common assertion tests to perform on an input JWT.
Modifier and Type | Interface and Description |
---|---|
static interface |
JWTValidator.Builder
A builder that produces validator instances.
|
Modifier and Type | Method and Description |
---|---|
Claims |
validate(String encoded)
Validates a JWT.
|
Claims validate(String encoded) throws JWTParseException, JWTEncryptionException, JWTSignatureException, JWTValidationException, JWTConfigurationException
If the validator is configured with a JWE
operator for decryption,
a valid input must be JWE in Compact Serialization encoding that satisfies
all of the basic JWE header, key management, and encapsulated content
constraints. Assuming the input JWE is valid, the encapsulated payload is
then validated as JWS as described below. If the validator is not
configured with a JWE
operator for decryption, a valid input must
be a JWS as described below.
A valid JWS input must use the Compact Serialization encoding, and must satisfy all of the header and signature validation constraints. Assuming the JWS is valid, the encapsulated payload is then validated as a set of JWT claims.
JWT claims contained in the nested payload (JWS in JWE) or payload (JWE) must be a valid JSON object and must satisfy the claim assertions specified for the validator.
encoded
- JWE or JWS in the Compact Serialization encodingJWTParseException
- if the JWT cannot be successfully parsedJWTEncryptionException
- if decryption if an input JWE cannot be
decrypted due a problem other than local configurationJWTSignatureException
- if an input JWE+JWS or JWE fails signature
validation due to a problem other than local configurationJWTValidationException
- if the input fails any other aspect of
validation (e.g. a claims assertion failed)JWTConfigurationException
- if the validation request fails due to
a local configuration problem; e.g. JCA NoSuchAlgorithmExceptionCopyright © 2019. All rights reserved.