io.smallrye.jwt.build

Class Jwt

java.lang.Object

io.smallrye.jwt.build.Jwt

public final class Jwt
extends Object

Factory class for creating JwtClaimsBuilder which produces signed, encrypted or signed first and then encrypted JWT tokens.

The following example shows how to initialize a JwtClaimsBuilder from an existing resource containing the claims in a JSON format and produce a signed JWT token with a configured signing key:

 
 String = Jwt.claims("/tokenClaims.json").sign();
 
 

The next example shows how to use JwtClaimsBuilder to add the claims and encrypt a JSON representation of these claims with a configured encrypting key:

 
 String = Jwt.claims().issuer("https://issuer.org").claim("custom-claim", "custom-value").encrypt();
 
 

The final example shows how to initialize a JwtClaimsBuilder from an existing resource containing the claims in a JSON format, produce an inner signed JWT token with a configured signing key and encrypt it with a configured encrypting key.

 
 String = Jwt.claims("/tokenClaims.json").innerSign().encrypt();
 
 

Constructor Summary

Constructors

Constructor and Description
Jwt()

Method Summary

Modifier and Type	Method and Description
static JwtClaimsBuilder	audience(Set<String> audiences) Creates a new instance of JwtClaimsBuilder with a specified 'audience' claim.
static JwtClaimsBuilder	audience(String audience) Creates a new instance of JwtClaimsBuilder with a specified 'audience' claim.
static JwtClaimsBuilder	claim(org.eclipse.microprofile.jwt.Claims name, Object value) Creates a new instance of JwtClaimsBuilder with a specified claim.
static JwtClaimsBuilder	claim(String name, Object value) Creates a new instance of JwtClaimsBuilder with a specified claim.
static JwtClaimsBuilder	claims() Creates a new instance of JwtClaimsBuilder
static JwtClaimsBuilder	claims(javax.json.JsonObject jsonObject) Creates a new instance of JwtClaimsBuilder from JsonObject
static JwtClaimsBuilder	claims(org.eclipse.microprofile.jwt.JsonWebToken jwt) Creates a new instance of JwtClaimsBuilder from JsonWebToken.
static JwtClaimsBuilder	claims(Map<String,Object> claims) Creates a new instance of JwtClaimsBuilder from a map of claims.
static JwtClaimsBuilder	claims(String jsonLocation) Creates a new instance of JwtClaimsBuilder from a JSON resource.
static String	encrypt(javax.json.JsonObject jsonObject) Encrypt the claims loaded from JsonObject using 'RSA-OAEP-256' algorithm with a public RSA key loaded from the location set with the "smallrye.jwt.encrypt.key-location".
static String	encrypt(Map<String,Object> claims) Encrypt the claims using 'RSA-OAEP-256' algorithm with a public RSA key loaded from the location set with the "smallrye.jwt.encrypt.key-location".
static String	encrypt(String jsonLocation) Encrypt the claims loaded from a JSON resource using 'RSA-OAEP-256' algorithm with a public RSA key loaded from the location set with the "smallrye.jwt.encrypt.key-location".
static JwtClaimsBuilder	groups(Set<String> groups) Creates a new instance of JwtClaimsBuilder with a specified 'groups' claim.
static JwtClaimsBuilder	groups(String groups) Creates a new instance of JwtClaimsBuilder with a specified 'groups' claim.
static String	innerSignAndEncrypt(javax.json.JsonObject jsonObject) Sign the claims loaded from JsonObject using 'RS256' algorithm with a private RSA key loaded from the location set with the "smallrye.jwt.sign.key-location" and encrypt the inner JWT using 'RSA-OAEP-256' algorithm with a public RSA key loaded from the location set with the "smallrye.jwt.encrypt.key-location".
static String	innerSignAndEncrypt(Map<String,Object> claims) Sign the claims using 'RS256' algorithm with a private RSA key loaded from the location set with the "smallrye.jwt.sign.key-location" and encrypt the inner JWT using 'RSA-OAEP-256' algorithm with a public RSA key loaded from the location set with the "smallrye.jwt.encrypt.key-location".
static String	innerSignAndEncrypt(String jsonLocation) Sign the claims loaded from a JSON resource using 'RS256' algorithm with a private RSA key loaded from the location set with the "smallrye.jwt.sign.key-location" and encrypt the inner JWT using 'RSA-OAEP-256' algorithm with a public RSA key loaded from the location set with the "smallrye.jwt.encrypt.key-location".
static JwtClaimsBuilder	issuer(String issuer) Creates a new instance of JwtClaimsBuilder with a specified issuer.
static JwtClaimsBuilder	preferredUserName(String preferredUserName) Creates a new instance of JwtClaimsBuilder with a specified 'preferred_username' claim.
static String	sign(javax.json.JsonObject jsonObject) Sign the claims loaded from JsonObject using 'RS256' algorithm with a private RSA key loaded from the location set with the "smallrye.jwt.sign.key-location".
static String	sign(Map<String,Object> claims) Sign the claims using 'RS256' algorithm with a private RSA key loaded from the location set with the "smallrye.jwt.sign.key-location".
static String	sign(String jsonLocation) Sign the claims loaded from a JSON resource using 'RS256' algorithm with a private RSA key loaded from the location set with the "smallrye.jwt.sign.key-location".
static JwtClaimsBuilder	subject(String subject) Creates a new instance of JwtClaimsBuilder with a specified subject.
static JwtClaimsBuilder	upn(String upn) Creates a new instance of JwtClaimsBuilder with a specified 'upn' claim.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Jwt

public Jwt()

Method Detail

claims

public static JwtClaimsBuilder claims()

Creates a new instance of JwtClaimsBuilder

Returns:

JwtClaimsBuilder

claims

public static JwtClaimsBuilder claims(Map<String,Object> claims)

Creates a new instance of JwtClaimsBuilder from a map of claims.

Parameters:

claims - the map with the claim name and value pairs. Claim value is converted to String unless it is an instance of Boolean, Number, Collection, Map, JsonObject or JsonArray.

Returns:

JwtClaimsBuilder

claims

public static JwtClaimsBuilder claims(javax.json.JsonObject jsonObject)

Creates a new instance of JwtClaimsBuilder from JsonObject

Parameters:

jsonObject - JsonObject containing the claims.

Returns:

JwtClaimsBuilder

claims

public static JwtClaimsBuilder claims(String jsonLocation)

Creates a new instance of JwtClaimsBuilder from a JSON resource.

Parameters:

jsonLocation - JSON resource location

Returns:

JwtClaimsBuilder

claims

public static JwtClaimsBuilder claims(org.eclipse.microprofile.jwt.JsonWebToken jwt)

Creates a new instance of JwtClaimsBuilder from JsonWebToken.

Parameters:

jwt - JsonWebToken token.

Returns:

JwtClaimsBuilder

claim

public static JwtClaimsBuilder claim(org.eclipse.microprofile.jwt.Claims name,
                                     Object value)

Creates a new instance of JwtClaimsBuilder with a specified claim. Simple claim value are converted to String unless it is an instance of Boolean, Number or Instant. Instant values have their number of seconds from the epoch converted to long. Array claims can be set as Collection or JsonArray, complex claims can be set as Map or JsonObject. The members of the array claims can be complex claims. Types of the claims directly supported by this builder are enforced. The 'iss' (issuer), 'sub' (subject), 'upn', 'preferred_username' and 'jti' (token identifier) claims must be of String type. The 'aud' (audience) and 'groups' claims must be either of String or Collection of String type. The 'iat' (issued at) and 'exp' (expires at) claims must be either of long or Instant type.

Parameters:

name - the claim name

value - the claim value

Returns:

JwtClaimsBuilder

Throws:

IllegalArgumentException - - if the type of the claim directly supported by JwtClaimsBuilder is wrong

claim

public static JwtClaimsBuilder claim(String name,
                                     Object value)

Creates a new instance of JwtClaimsBuilder with a specified claim. Simple claim value are converted to String unless it is an instance of Boolean, Number or Instant. Instant values have their number of seconds from the epoch converted to long. Array claims can be set as Collection or JsonArray, complex claims can be set as Map or JsonObject. The members of the array claims can be complex claims. Types of the claims directly supported by this builder are enforced. The 'iss' (issuer), 'sub' (subject), 'upn', 'preferred_username' and 'jti' (token identifier) claims must be of String type. The 'aud' (audience) and 'groups' claims must be either of String or Collection of String type. The 'iat' (issued at) and 'exp' (expires at) claims must be either of long or Instant type.

Parameters:

name - the claim name

value - the claim value

Returns:

JwtClaimsBuilder

Throws:

IllegalArgumentException - - if the type of the claim directly supported by JwtClaimsBuilder is wrong

issuer

public static JwtClaimsBuilder issuer(String issuer)

Creates a new instance of JwtClaimsBuilder with a specified issuer.

Parameters:

issuer - the issuer

Returns:

JwtClaimsBuilder

subject

public static JwtClaimsBuilder subject(String subject)

Creates a new instance of JwtClaimsBuilder with a specified subject.

Parameters:

subject - the subject

Returns:

JwtClaimsBuilder

groups

public static JwtClaimsBuilder groups(String groups)

Creates a new instance of JwtClaimsBuilder with a specified 'groups' claim.

Parameters:

groups - the groups

Returns:

JwtClaimsBuilder

groups

public static JwtClaimsBuilder groups(Set<String> groups)

Creates a new instance of JwtClaimsBuilder with a specified 'groups' claim.

Parameters:

groups - the groups

Returns:

JwtClaimsBuilder

audience

public static JwtClaimsBuilder audience(String audience)

Creates a new instance of JwtClaimsBuilder with a specified 'audience' claim.

Parameters:

audience - the audience

Returns:

JwtClaimsBuilder

audience

public static JwtClaimsBuilder audience(Set<String> audiences)

Creates a new instance of JwtClaimsBuilder with a specified 'audience' claim.

Parameters:

audiences - the audience

Returns:

JwtClaimsBuilder

upn

public static JwtClaimsBuilder upn(String upn)

Creates a new instance of JwtClaimsBuilder with a specified 'upn' claim.

Parameters:

upn - the upn

Returns:

JwtClaimsBuilder

preferredUserName

public static JwtClaimsBuilder preferredUserName(String preferredUserName)

Creates a new instance of JwtClaimsBuilder with a specified 'preferred_username' claim.

Parameters:

preferredUserName - the preferred user name

Returns:

JwtClaimsBuilder

sign

public static String sign(String jsonLocation)

Sign the claims loaded from a JSON resource using 'RS256' algorithm with a private RSA key loaded from the location set with the "smallrye.jwt.sign.key-location". Private RSA key of size 2048 bits or larger MUST be used. The 'iat' (issued at time), 'exp' (expiration time) and 'jit' (unique token identifier) claims will be and the `iss` issuer claim may be set by the implementation unless they have already been set. See JwtClaimsBuilder description for more information.

Parameters:

jsonLocation - JSON resource location

Returns:

signed JWT token

Throws:

JwtSignatureException - the exception if the signing operation has failed

sign

public static String sign(Map<String,Object> claims)

Sign the claims using 'RS256' algorithm with a private RSA key loaded from the location set with the "smallrye.jwt.sign.key-location". Private RSA key of size 2048 bits or larger MUST be used. The 'iat' (issued at time), 'exp' (expiration time) and 'jit' (unique token identifier) claims will be and the `iss` issuer claim may be set by the implementation unless they have already been set. See JwtClaimsBuilder description for more information.

Parameters:

claims - the map with the claim name and value pairs. Claim value is converted to String unless it is an instance of Boolean, Number, Collection, Map, JsonObject or JsonArray

Returns:

signed JWT token

Throws:

JwtSignatureException - the exception if the signing operation has failed

sign

public static String sign(javax.json.JsonObject jsonObject)

Sign the claims loaded from JsonObject using 'RS256' algorithm with a private RSA key loaded from the location set with the "smallrye.jwt.sign.key-location". Private RSA key of size 2048 bits or larger MUST be used. The 'iat' (issued at time), 'exp' (expiration time) and 'jit' (unique token identifier) claims will be and the `iss` issuer claim may be set by the implementation unless they have already been set. See JwtClaimsBuilder description for more information.

Parameters:

jsonObject - JsonObject containing the claims.

Returns:

signed JWT token

Throws:

JwtSignatureException - the exception if the signing operation has failed

encrypt

public static String encrypt(String jsonLocation)

Encrypt the claims loaded from a JSON resource using 'RSA-OAEP-256' algorithm with a public RSA key loaded from the location set with the "smallrye.jwt.encrypt.key-location". Public RSA key of size 2048 bits or larger MUST be used. The 'iat' (issued at time), 'exp' (expiration time) and 'jit' (unique token identifier) claims will be and the `iss` issuer claim may be set by the implementation unless they have already been set. See JwtClaimsBuilder description for more information.

Parameters:

jsonLocation - JSON resource location

Returns:

encrypted JWT token

Throws:

JwtEncryptionException - the exception if the encryption operation has failed

encrypt

public static String encrypt(Map<String,Object> claims)

Encrypt the claims using 'RSA-OAEP-256' algorithm with a public RSA key loaded from the location set with the "smallrye.jwt.encrypt.key-location". Public RSA key of size 2048 bits or larger MUST be used. The 'iat' (issued at time), 'exp' (expiration time) and 'jit' (unique token identifier) claims will be and the `iss` issuer claim may be set by the implementation unless they have already been set. See JwtClaimsBuilder description for more information.

Parameters:

claims - the map with the claim name and value pairs. Claim value is converted to String unless it is an instance of Boolean, Number, Collection, Map, JsonObject or JsonArray

Returns:

encrypted JWT token

Throws:

JwtEncryptionException - the exception if the encryption operation has failed

encrypt

public static String encrypt(javax.json.JsonObject jsonObject)

Encrypt the claims loaded from JsonObject using 'RSA-OAEP-256' algorithm with a public RSA key loaded from the location set with the "smallrye.jwt.encrypt.key-location". Public RSA key of size 2048 bits or larger MUST be used. The 'iat' (issued at time), 'exp' (expiration time) and 'jit' (unique token identifier) claims will be and the `iss` issuer claim may be set by the implementation unless they have already been set. See JwtClaimsBuilder description for more information.

Parameters:

jsonObject - JsonObject containing the claims.

Returns:

encrypted JWT token

Throws:

JwtEncryptionException - the exception if the encryption operation has failed

innerSignAndEncrypt

public static String innerSignAndEncrypt(String jsonLocation)

Sign the claims loaded from a JSON resource using 'RS256' algorithm with a private RSA key loaded from the location set with the "smallrye.jwt.sign.key-location" and encrypt the inner JWT using 'RSA-OAEP-256' algorithm with a public RSA key loaded from the location set with the "smallrye.jwt.encrypt.key-location". Public RSA key of size 2048 bits or larger MUST be used. The 'iat' (issued at time), 'exp' (expiration time) and 'jit' (unique token identifier) claims will be and the `iss` issuer claim may be set by the implementation unless they have already been set. See JwtClaimsBuilder description for more information.

Parameters:

jsonLocation - JSON resource location

Returns:

encrypted JWT token

Throws:

JwtEncryptionException - the exception if the encryption operation has failed

innerSignAndEncrypt

public static String innerSignAndEncrypt(Map<String,Object> claims)

Sign the claims using 'RS256' algorithm with a private RSA key loaded from the location set with the "smallrye.jwt.sign.key-location" and encrypt the inner JWT using 'RSA-OAEP-256' algorithm with a public RSA key loaded from the location set with the "smallrye.jwt.encrypt.key-location". Public RSA key of size 2048 bits or larger MUST be used. The 'iat' (issued at time), 'exp' (expiration time) and 'jit' (unique token identifier) claims will be and the `iss` issuer claim may be set by the implementation unless they have already been set. See JwtClaimsBuilder description for more information.

Parameters:

claims - the map with the claim name and value pairs. Claim value is converted to String unless it is an instance of Boolean, Number, Collection, Map, JsonObject or JsonArray

Returns:

encrypted JWT token

Throws:

JwtEncryptionException - the exception if the encryption operation has failed

innerSignAndEncrypt

public static String innerSignAndEncrypt(javax.json.JsonObject jsonObject)

Sign the claims loaded from JsonObject using 'RS256' algorithm with a private RSA key loaded from the location set with the "smallrye.jwt.sign.key-location" and encrypt the inner JWT using 'RSA-OAEP-256' algorithm with a public RSA key loaded from the location set with the "smallrye.jwt.encrypt.key-location". Public RSA key of size 2048 bits or larger MUST be used. The 'iat' (issued at time), 'exp' (expiration time) and 'jit' (unique token identifier) claims will be and the `iss` issuer claim may be set by the implementation unless they have already been set. See JwtClaimsBuilder description for more information.

Parameters:

jsonObject - JsonObject containing the claims.

Returns:

encrypted JWT token

Throws:

JwtEncryptionException - the exception if the encryption operation has failed