JwtClaimsValidator (ASAP - Common 2.0.0 API)

Skip navigation links

Prev Class
Next Class

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

java.lang.Object
- com.atlassian.asap.core.validator.JwtClaimsValidator

public class JwtClaimsValidator
extends Object

Validates the claims contained in a JWT.

Field Summary

Fields
Modifier and Type	Field and Description
`static Duration`	`MAX_LIFETIME` No matter what the claims say, the server should reject tokens that are too long-lived.
`static Duration`	`TIME_CLAIM_LEEWAY` The JWT spec says that implementers "MAY provide for some small leeway, usually no more than a few minutes, to account for clock skew".

Constructor Summary

Constructors
Constructor and Description

JwtClaimsValidator(Clock clock)

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`validate(Jwt jwt, String resourceServerAudience)` Checks the validity of the claims contained in a JWT in a given authentication context.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - TIME_CLAIM_LEEWAY
```
public static final Duration TIME_CLAIM_LEEWAY
```
    The JWT spec says that implementers "MAY provide for some small leeway, usually no more than a few minutes, to account for clock skew". Calculations of the current time for the purposes of accepting or rejecting time-based claims (e.g. "exp" and "nbf") will allow for the current time being plus or minus this leeway, resulting in some time-based claims that are marginally before or after the current time being accepted instead of rejected.
  - MAX_LIFETIME
```
public static final Duration MAX_LIFETIME
```
    No matter what the claims say, the server should reject tokens that are too long-lived.
- Constructor Detail
  - JwtClaimsValidator
```
public JwtClaimsValidator(Clock clock)
```
- Method Detail
  - validate
```
public void validate(Jwt jwt,
                     String resourceServerAudience)
              throws InvalidTokenException
```
    Checks the validity of the claims contained in a JWT in a given authentication context.
    
    Parameters:
    
    jwt - a JWT token
    
    resourceServerAudience - the JWT token must be addressed to this audience
    
    Throws:
    
    InvalidTokenException - if the claims are invalid or could not be verified

Skip navigation links

Prev Class
Next Class

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

Copyright © 2016 Atlassian. All rights reserved.