Interface JWT

All Superinterfaces:
JWS

public interface JWT
extends JWS
JWT represents a parsed JWT (JSON Web Token) Object.

A JWT consists of three sections:

Header

The header consist of two parts:

  • declaring the type, which is JWT
  • the hashing algorithm used, e.g HMAC SHA256
An example header:
 {
  "type": "JWT",
  "alg": "HS256"
 }
 

Payload

The payload contains the data for the JWT. These are known as JWT Claims. The claims contain all the information regarding the JWT. Typically the JWT payload is in JSON format

Registered Claims

Registered claims are not mandatory but they are reserved names outline in RFC 7519, These include:

  • iss: The issuer of the token.
  • sub: The subject of the token.
  • aud: The audience of the token.
  • exp: This will define the expiration in NumericDate value. The expiration MUST be after the current date/time.
  • nbf: Defines the time before which the JWT MUST NOT be accepted for processing.
  • iat: The time the JWT was issued. Can be used to determine the age of the JWT
  • jti: Unique identifier for the JWT. Can be used to prevent the JWT from being replayed. This is helpful for a one time use token.

Public Claims

These are claims that are created, for example name, email etc..
An example payload:

 {
  "iss": "ebasetech.com",
  "exp": 1300819380,
  "name": "John Doe",
  "admin": true
 }
 

Signature The third and final part of our JSON Web Token is going to be the signature. The signature is omitted if the algorithm in the header is set to none. The signature is created by signing the concatenated base64Encoded header and payload:

Example of a HS256 signature:

 
 var encodedString = base64UrlEncode(header) + "." + base64UrlEncode(payload);
 
 HMACSHA256(encodedString, 'secret');
 
Since:
V5.7
  • Method Details

    • getClaim

      java.lang.Object getClaim​(java.lang.String claimName)
      Returns a claim value for a given name
      Parameters:
      claimName - of the claim value
      Returns:
      value of the given claim name or null
      Since:
      V5.7
    • getClaimArray

      java.lang.Object[] getClaimArray​(java.lang.String claimName)
      Returns a claim array value for a given name
      Parameters:
      claimName - of the claim value
      Returns:
      value of the given claim name or null
      Since:
      V5.7
    • getExpiration

      java.util.Date getExpiration()
      Returns:
      the JWT expiration (exp) timestamp or null if not present.
      Since:
      V5.7
    • isExpired

      boolean isExpired()
      Returns:
      true if the JWT date has expired (date is after now), false otherwise. If the (exp) claim is not set, false is returned.
      Since:
      V5.7
    • getIssuedAt

      java.util.Date getIssuedAt()
      Returns:
      the JWT issued at timestamp (iat) or (null) if not present. If present, this value is the timestamp when the JWT was created.
      Since:
      V5.7
    • getNotBefore

      java.util.Date getNotBefore()
      Returns:
      Returns the JWT not before timestamp (nbf) or (null) if not present.
      Since:
      V5.7
    • getAudience

      java.lang.String[] getAudience()
      Returns:
      the JWT audience (aud) value or (null) if not present.
      Since:
      V5.7
    • getJWTId

      java.lang.String getJWTId()
      Returns:
      the JWTs JWT ID (jti) value or (null) if not present. This value is a unique identifier for the JWT. If available, this value is expected to be assigned in a manner that ensures that there is a negligible probability that the same value will be accidentally assigned to a different data object. The ID can be used to prevent the JWT from being replayed.
      Since:
      V5.7
    • getIssuer

      java.lang.String getIssuer()
      Returns:
      the JWT issuer (iss) value or (null) if not present.
      Since:
      V5.7
    • getSubject

      java.lang.String getSubject()
      Returns:
      the JWT subject (sub) value or (null) if not present.
      Since:
      V5.7
    • getClaimNames

      java.lang.String[] getClaimNames()
      Returns:
      all the claims names contained within the JWT. This should be used in conjunction with getClaim() to extract the value
      Since:
      V5.7
      See Also:
      getClaim(String)