All Downloads are FREE. Search and download functionalities are using the official Maven repository.
Please wait. This can take some minutes ...
Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $
You can buy this project and download/modify it how often you want.
io.smallrye.jwt.auth.principal.JWTAuthContextInfo Maven / Gradle / Ivy
/*
* Copyright 2019 Red Hat, Inc, and individual contributors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package io.smallrye.jwt.auth.principal;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.crypto.SecretKey;
import io.smallrye.jwt.KeyFormat;
import io.smallrye.jwt.KeyProvider;
import io.smallrye.jwt.algorithm.KeyEncryptionAlgorithm;
import io.smallrye.jwt.algorithm.SignatureAlgorithm;
/**
* The public key and expected issuer needed to validate a token.
*/
public class JWTAuthContextInfo {
private PublicKey publicVerificationKey;
private SecretKey secretVerificationKey;
private PrivateKey privateDecryptionKey;
private SecretKey secretDecryptionKey;
private String issuedBy;
private int expGracePeriodSecs = 0;
private Long maxTimeToLiveSecs;
private Long tokenAge;
private int clockSkew = 60;
private String publicKeyLocation;
private String publicKeyContent;
private String secretKeyContent;
private String decryptionKeyLocation;
private String decryptionKeyContent;
private Integer jwksRefreshInterval = 60;
private int forcedJwksRefreshInterval = 30;
private String tokenHeader = "Authorization";
private String tokenCookie;
private boolean alwaysCheckAuthorization;
private String tokenKeyId;
private String tokenDecryptionKeyId;
private List tokenSchemes = Collections.singletonList("Bearer");
private boolean requireNamedPrincipal = true;
private String defaultSubClaim;
private String subPath;
private String defaultGroupsClaim;
private String groupsPath;
private Set signatureAlgorithm = Set.of(SignatureAlgorithm.RS256);
private Set keyEncryptionAlgorithm = new HashSet<>(Arrays.asList(KeyEncryptionAlgorithm.RSA_OAEP,
KeyEncryptionAlgorithm.RSA_OAEP_256));
private KeyFormat keyFormat = KeyFormat.ANY;
private KeyProvider keyProvider = KeyProvider.DEFAULT;
private Set expectedAudience;
private String groupsSeparator = " ";
private Set requiredClaims;
private boolean relaxVerificationKeyValidation = true;
private boolean verifyCertificateThumbprint;
private String tlsCertificate;
private String tlsCertificatePath;
private Set tlsTrustedHosts;
private boolean tlsTrustAll;
private String httpProxyHost;
private int httpProxyPort;
private int keyCacheSize = 100;
private int keyCacheTimeToLive = 10;
public JWTAuthContextInfo() {
}
public JWTAuthContextInfo(PublicKey verificationKey, String issuedBy) {
this.publicVerificationKey = verificationKey;
this.issuedBy = issuedBy;
}
public JWTAuthContextInfo(SecretKey verificationKey, String issuedBy) {
this.secretVerificationKey = verificationKey;
this.issuedBy = issuedBy;
}
public JWTAuthContextInfo(String publicKeyLocation, String issuedBy) {
this.publicKeyLocation = publicKeyLocation;
this.issuedBy = issuedBy;
}
/**
* Create an auth context from an {@linkplain JWTAuthContextInfo} instance
*
* @param orig the original instance to copy
*/
public JWTAuthContextInfo(JWTAuthContextInfo orig) {
this.publicVerificationKey = orig.getPublicVerificationKey();
this.secretVerificationKey = orig.getSecretVerificationKey();
this.privateDecryptionKey = orig.getPrivateDecryptionKey();
this.secretDecryptionKey = orig.getSecretDecryptionKey();
this.issuedBy = orig.getIssuedBy();
this.expGracePeriodSecs = orig.getExpGracePeriodSecs();
this.maxTimeToLiveSecs = orig.getMaxTimeToLiveSecs();
this.tokenAge = orig.getTokenAge();
this.clockSkew = orig.getClockSkew();
this.publicKeyLocation = orig.getPublicKeyLocation();
this.publicKeyContent = orig.getPublicKeyContent();
this.secretKeyContent = orig.getSecretKeyContent();
this.decryptionKeyLocation = orig.getDecryptionKeyLocation();
this.decryptionKeyContent = orig.getDecryptionKeyContent();
this.jwksRefreshInterval = orig.getJwksRefreshInterval();
this.forcedJwksRefreshInterval = orig.getForcedJwksRefreshInterval();
this.tokenHeader = orig.getTokenHeader();
this.tokenCookie = orig.getTokenCookie();
this.alwaysCheckAuthorization = orig.isAlwaysCheckAuthorization();
this.tokenKeyId = orig.getTokenKeyId();
this.tokenDecryptionKeyId = orig.getTokenDecryptionKeyId();
this.tokenSchemes = orig.getTokenSchemes();
this.requireNamedPrincipal = orig.isRequireNamedPrincipal();
this.defaultSubClaim = orig.getDefaultSubjectClaim();
this.subPath = orig.getSubjectPath();
this.defaultGroupsClaim = orig.getDefaultGroupsClaim();
this.groupsPath = orig.getGroupsPath();
this.signatureAlgorithm = orig.getSignatureAlgorithm();
this.keyEncryptionAlgorithm = orig.getKeyEncryptionAlgorithm();
this.keyFormat = orig.getKeyFormat();
this.keyProvider = orig.getKeyProvider();
this.keyCacheSize = orig.getKeyCacheSize();
this.keyCacheTimeToLive = orig.getKeyCacheTimeToLive();
this.expectedAudience = orig.getExpectedAudience();
this.groupsSeparator = orig.getGroupsSeparator();
this.requiredClaims = orig.getRequiredClaims();
this.relaxVerificationKeyValidation = orig.isRelaxVerificationKeyValidation();
this.verifyCertificateThumbprint = orig.isVerifyCertificateThumbprint();
this.tlsCertificate = orig.getTlsCertificate();
this.tlsCertificatePath = orig.getTlsCertificatePath();
this.tlsTrustedHosts = orig.getTlsTrustedHosts();
this.tlsTrustAll = orig.isTlsTrustAll();
this.httpProxyHost = orig.getHttpProxyHost();
this.httpProxyPort = orig.getHttpProxyPort();
}
@Deprecated
public RSAPublicKey getSignerKey() {
return (RSAPublicKey) publicVerificationKey;
}
@Deprecated
public void setSignerKey(RSAPublicKey signerKey) {
this.publicVerificationKey = signerKey;
}
public PublicKey getPublicVerificationKey() {
return publicVerificationKey;
}
public void setPublicVerificationKey(PublicKey verificationKey) {
this.publicVerificationKey = verificationKey;
}
public SecretKey getSecretVerificationKey() {
return secretVerificationKey;
}
public void setSecretVerificationKey(SecretKey verificationKey) {
this.secretVerificationKey = verificationKey;
}
public PrivateKey getPrivateDecryptionKey() {
return privateDecryptionKey;
}
public void setPrivateDecryptionKey(PrivateKey decryptionKey) {
this.privateDecryptionKey = decryptionKey;
}
public SecretKey getSecretDecryptionKey() {
return secretDecryptionKey;
}
public void setSecretDecryptionKey(SecretKey decryptionKey) {
this.secretDecryptionKey = decryptionKey;
}
public String getIssuedBy() {
return issuedBy;
}
public void setIssuedBy(String issuedBy) {
this.issuedBy = issuedBy;
}
@Deprecated
public int getExpGracePeriodSecs() {
return expGracePeriodSecs;
}
@Deprecated
public void setExpGracePeriodSecs(int expGracePeriodSecs) {
this.expGracePeriodSecs = expGracePeriodSecs;
}
public Long getMaxTimeToLiveSecs() {
return maxTimeToLiveSecs;
}
public void setMaxTimeToLiveSecs(Long maxTimeToLiveSecs) {
this.maxTimeToLiveSecs = maxTimeToLiveSecs;
}
public String getPublicKeyLocation() {
return this.publicKeyLocation;
}
public void setPublicKeyLocation(String publicKeyLocation) {
this.publicKeyLocation = publicKeyLocation;
}
public String getDecryptionKeyLocation() {
return this.decryptionKeyLocation;
}
public void setDecryptionKeyLocation(String keyLocation) {
this.decryptionKeyLocation = keyLocation;
}
public Set getKeyEncryptionAlgorithm() {
return this.keyEncryptionAlgorithm;
}
public void setKeyEncryptionAlgorithm(Set algorithm) {
this.keyEncryptionAlgorithm = algorithm;
}
public String getPublicKeyContent() {
return this.publicKeyContent;
}
public void setPublicKeyContent(String publicKeyContent) {
this.publicKeyContent = publicKeyContent;
}
public String getSecretKeyContent() {
return this.secretKeyContent;
}
public void setSecretKeyContent(String secretKeyContent) {
this.secretKeyContent = secretKeyContent;
}
public String getDecryptionKeyContent() {
return this.decryptionKeyContent;
}
public void setDecryptionKeyContent(String keyContent) {
this.decryptionKeyContent = keyContent;
}
public Integer getJwksRefreshInterval() {
return jwksRefreshInterval;
}
public void setJwksRefreshInterval(Integer jwksRefreshInterval) {
this.jwksRefreshInterval = jwksRefreshInterval;
}
public int getForcedJwksRefreshInterval() {
return forcedJwksRefreshInterval;
}
public void setForcedJwksRefreshInterval(int forcedJwksRefreshInterval) {
this.forcedJwksRefreshInterval = forcedJwksRefreshInterval;
}
public String getTokenHeader() {
return tokenHeader;
}
public void setTokenHeader(String tokenHeader) {
this.tokenHeader = tokenHeader;
}
public String getTokenCookie() {
return tokenCookie;
}
public void setTokenCookie(String tokenCookie) {
this.tokenCookie = tokenCookie;
}
public boolean isRequireNamedPrincipal() {
return requireNamedPrincipal;
}
public void setRequireNamedPrincipal(final boolean requireNamedPrincipal) {
this.requireNamedPrincipal = requireNamedPrincipal;
}
public String getDefaultSubjectClaim() {
return defaultSubClaim;
}
public void setDefaultSubjectClaim(final String defaultSubClaim) {
this.defaultSubClaim = defaultSubClaim;
}
public String getSubjectPath() {
return subPath;
}
public void setSubjectPath(final String subPath) {
this.subPath = subPath;
}
public String getDefaultGroupsClaim() {
return defaultGroupsClaim;
}
public void setDefaultGroupsClaim(String defaultGroupsClaim) {
this.defaultGroupsClaim = defaultGroupsClaim;
}
public String getGroupsPath() {
return groupsPath;
}
public void setGroupsPath(String groupsPath) {
this.groupsPath = groupsPath;
}
public String getTokenKeyId() {
return tokenKeyId;
}
public void setTokenKeyId(String tokenKeyId) {
this.tokenKeyId = tokenKeyId;
}
public String getTokenDecryptionKeyId() {
return tokenDecryptionKeyId;
}
public void setTokenDecryptionKeyId(String tokenKeyId) {
this.tokenDecryptionKeyId = tokenKeyId;
}
public List getTokenSchemes() {
return tokenSchemes;
}
public void setTokenSchemes(final List tokenSchemes) {
this.tokenSchemes = tokenSchemes;
}
public Set getExpectedAudience() {
return expectedAudience;
}
public void setExpectedAudience(Set expectedAudience) {
this.expectedAudience = expectedAudience;
}
public String getGroupsSeparator() {
return groupsSeparator;
}
public void setGroupsSeparator(String groupsSeparator) {
this.groupsSeparator = groupsSeparator;
}
public Set getSignatureAlgorithm() {
return signatureAlgorithm;
}
public void setSignatureAlgorithm(Set signatureAlgorithm) {
this.signatureAlgorithm = signatureAlgorithm;
}
public KeyFormat getKeyFormat() {
return keyFormat;
}
public void setKeyFormat(KeyFormat keyFormat) {
this.keyFormat = keyFormat;
}
public KeyProvider getKeyProvider() {
return keyProvider;
}
public void setKeyProvider(KeyProvider keyProvider) {
this.keyProvider = keyProvider;
}
public boolean isAlwaysCheckAuthorization() {
return alwaysCheckAuthorization;
}
public void setAlwaysCheckAuthorization(boolean alwaysCheckAuthorization) {
this.alwaysCheckAuthorization = alwaysCheckAuthorization;
}
public Set getRequiredClaims() {
return requiredClaims;
}
public void setRequiredClaims(final Set requiredClaims) {
this.requiredClaims = requiredClaims;
}
@Override
public String toString() {
return "JWTAuthContextInfo{" +
"publicVerificationKey=" + publicVerificationKey +
", secretVerificationKey=" + secretVerificationKey +
", privateDecryptionKey=" + privateDecryptionKey +
", secretDecryptionKey=" + secretDecryptionKey +
", issuedBy='" + issuedBy + '\'' +
", expGracePeriodSecs=" + expGracePeriodSecs +
", maxTimeToLiveSecs=" + maxTimeToLiveSecs +
", tokenAge=" + tokenAge +
", publicKeyLocation='" + publicKeyLocation + '\'' +
", publicKeyContent='" + publicKeyContent + '\'' +
", secretKeyContent='" + secretKeyContent + '\'' +
", decryptionKeyLocation='" + decryptionKeyLocation + '\'' +
", decryptionKeyContent='" + decryptionKeyContent + '\'' +
", jwksRefreshInterval=" + jwksRefreshInterval +
", tokenHeader='" + tokenHeader + '\'' +
", tokenCookie='" + tokenCookie + '\'' +
", alwaysCheckAuthorization=" + alwaysCheckAuthorization +
", tokenKeyId='" + tokenKeyId + '\'' +
", tokenDecryptionKeyId='" + tokenDecryptionKeyId + '\'' +
", tokenSchemes=" + tokenSchemes +
", requireNamedPrincipal=" + requireNamedPrincipal +
", defaultSubClaim='" + defaultSubClaim + '\'' +
", subPath='" + subPath + '\'' +
", defaultGroupsClaim='" + defaultGroupsClaim + '\'' +
", groupsPath='" + groupsPath + '\'' +
", signatureAlgorithm=" + signatureAlgorithm +
", keyEncryptionAlgorithm=" + keyEncryptionAlgorithm +
", keyFormat=" + keyFormat +
", keyProvider=" + keyProvider +
", keyCacheSize=" + keyCacheSize +
", keyCacheTimeToLive=" + keyCacheTimeToLive +
", expectedAudience=" + expectedAudience +
", groupsSeparator='" + groupsSeparator + '\'' +
", relaxVerificationKeyValidation=" + relaxVerificationKeyValidation +
", verifyCertificateThumbprint=" + verifyCertificateThumbprint +
", tlsCertificatePath=" + tlsCertificatePath +
", tlsTrustAll=" + tlsTrustAll +
", tlsTrustedHosts=" + tlsTrustedHosts +
", httpProxyHost=" + httpProxyHost +
", httpProxyPort=" + httpProxyPort +
'}';
}
public boolean isRelaxVerificationKeyValidation() {
return relaxVerificationKeyValidation;
}
public void setRelaxVerificationKeyValidation(boolean relaxVerificationKeyValidation) {
this.relaxVerificationKeyValidation = relaxVerificationKeyValidation;
}
public boolean isVerifyCertificateThumbprint() {
return verifyCertificateThumbprint;
}
public void setVerifyCertificateThumbprint(boolean verifyCertificateThumbprint) {
this.verifyCertificateThumbprint = verifyCertificateThumbprint;
}
public String getTlsCertificate() {
return tlsCertificate;
}
public void setTlsCertificate(String tlsCertificate) {
this.tlsCertificate = tlsCertificate;
}
public String getTlsCertificatePath() {
return tlsCertificatePath;
}
public void setTlsCertificatePath(String tlsCertificatePath) {
this.tlsCertificatePath = tlsCertificatePath;
}
public Set getTlsTrustedHosts() {
return tlsTrustedHosts;
}
public void setTlsTrustedHosts(Set tlsTrustedHosts) {
this.tlsTrustedHosts = tlsTrustedHosts;
}
public void setTlsTrustAll(boolean tlsTrustAll) {
this.tlsTrustAll = tlsTrustAll;
}
public boolean isTlsTrustAll() {
return this.tlsTrustAll;
}
public String getHttpProxyHost() {
return httpProxyHost;
}
public void setHttpProxyHost(String httpProxyHost) {
this.httpProxyHost = httpProxyHost;
}
public int getHttpProxyPort() {
return httpProxyPort;
}
public void setHttpProxyPort(int httpProxyPort) {
this.httpProxyPort = httpProxyPort;
}
public Long getTokenAge() {
return tokenAge;
}
public void setTokenAge(Long tokenAge) {
this.tokenAge = tokenAge;
}
public int getClockSkew() {
return clockSkew;
}
public void setClockSkew(int clockSkew) {
this.clockSkew = clockSkew;
}
public int getKeyCacheTimeToLive() {
return keyCacheTimeToLive;
}
public void setKeyCacheTimeToLive(int keyCacheTimeToLive) {
this.keyCacheTimeToLive = keyCacheTimeToLive;
}
public int getKeyCacheSize() {
return keyCacheSize;
}
public void setKeyCacheSize(int keyCacheSize) {
this.keyCacheSize = keyCacheSize;
}
}