com.oneops.proxy.security

Class JwtTokenService

java.lang.Object

com.oneops.proxy.security.JwtTokenService

@Service
public class JwtTokenService
extends Object

Token (JWT) generation and validation services.

Author:

Suresh

See Also:

Authentication schemes.

Constructor Summary

Constructors

Constructor and Description
JwtTokenService(OneOpsConfig config)

Method Summary

Modifier and Type	Method and Description
OneOpsUser	createUser(String token) Validates token and creates the user details object by extracting identity and authorization claims.
String	generateToken(OneOpsUser user) Generate a JWT token for the given user.
JwtAuthToken	getAccessToken(javax.servlet.http.HttpServletRequest req) Retrieves the JWT authentication token from http request.
io.jsonwebtoken.Claims	getClaims(String token) Validates and returns the claims of given JWS
int	getExpiresInSec()
String	getIssuer()
String	getTokenHeader()
String	getTokenType()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

JwtTokenService

public JwtTokenService(OneOpsConfig config)

Method Detail

generateToken

@Nonnull
public String generateToken(OneOpsUser user)

Generate a JWT token for the given user. The roles will be stored as a claim in JWT token as a comma separated string.

Parameters:

user - authenticated user details object.

Returns:

compact JWS (JSON Web Signature)

createUser

public OneOpsUser createUser(String token)

Validates token and creates the user details object by extracting identity and authorization claims. It throws a Runtime exception if the token is invalid or expired.

Parameters:

token - jwt token

Returns:

OneOpsUser

getClaims

@Nullable
public io.jsonwebtoken.Claims getClaims(@Nonnull
                                                  String token)

Validates and returns the claims of given JWS

Parameters:

token - compact JWS (JSON Web Signature)

Returns:

Claims . Returns null if it fails to verify/expires the JWT.

getAccessToken

@Nullable
public JwtAuthToken getAccessToken(@Nonnull
                                             javax.servlet.http.HttpServletRequest req)

Retrieves the JWT authentication token from http request.

Parameters:

req - http request.

Returns:

JwtAuthToken or null if the Bearer token is not present or empty.

getExpiresInSec

public int getExpiresInSec()

getIssuer

public String getIssuer()

getTokenHeader

public String getTokenHeader()

getTokenType

public String getTokenType()