Interface JWTManager


public interface JWTManager
  • Method Summary

    Modifier and Type Method Description
    JWTBuilder getJwtBuilder()
    Returns a JWT builder to build a JWT (JSON Web Token)
    JWE parseJWE​(java.lang.String jwtToken, javax.crypto.SecretKey secretKey)
    Read JWE strings, decrypt JWE using a supplied SecretKey.
    JWT parseJWEtoJWT​(java.lang.String jwtToken, javax.crypto.SecretKey secretKey)
    Read JWT strings, decrypt JWE using a supplied SecretKey.
    JWS parseJWS​(java.lang.String jwtToken)
    Read JWT strings, used to convert them into a JWT object representing the expanded JWT.
    JWT parseJWT​(java.lang.String jwtToken)
    Parse JWT strings, used to convert them into a JWT object representing the expanded JWT.
  • Method Details

    • parseJWT

      JWT parseJWT​(java.lang.String jwtToken) throws com.ebasetech.ufs.runtime.security.jwt.InvalidJWTokenException
      Parse JWT strings, used to convert them into a JWT object representing the expanded JWT.

      Javascript example:

       try {
         //add secret key here
         var jwt = 'eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJzdWJqZWN0IiwiaXNzIjoiaXNzdWVyIiwiaWF0IjoxNTc0NzY0NTc2LCJqdGkiOiJteUlEIn0.D4MG4GhAop3BZVxWkyFchYcH_cy1aSiucMzkyCRStp0'; 
         var SECRET_KEY = "This is my very secret key that is at least 32 bytes long!!";
         var key = system.securityManager.getKeyManager().generateHMACSecretKey(KeyManager.SIGNATURE_HS256, SECRET_KEY);
         var parsedJWT = system.securityManager.jwtManager.parseJWT(jwt);
        
         if(parsedJWT.verifyHMAC(key))
         {
              var subject = parsedJWT.getSubject();
              var iss = parsedJWT.getIssuer();
              var id = parsedJWT.getJWTId();
              log("JWTID: " + id); //Outputs JWTID: myId
         }
         else
         {
            throw 'JWT Signature is not verified!';
         }
         
         
       }
       catch (e) {
         event.getOwner().addErrorMessage("Error parsing JWT: " + e);
       }
       
      Throws:
      com.ebasetech.ufs.runtime.security.jwt.InvalidJWTokenException - if there is an error parsing the token
      Since:
      V5.7
    • parseJWS

      JWS parseJWS​(java.lang.String jwtToken) throws com.ebasetech.ufs.runtime.security.jwt.InvalidJWTokenException
      Read JWT strings, used to convert them into a JWT object representing the expanded JWT.

      Javascript example:

       try {
      
        var jws = 'eyJhbGciOiJIUzI1NiJ9.SGVsbG8gV29ybGQhIQ.0AuRfme3iRhk-sAjSQpdKUG81STuSB0xJFd3xZA2E0I'; 
        var SECRET_KEY = "This is my very secret key that is at least 32 bytes long!!";
        var key = system.securityManager.getKeyManager().generateHMACSecretKey(KeyManager.SIGNATURE_HS256, SECRET_KEY);
        var parsedJWS = system.securityManager.jwtManager.parseJWS(jws);
      
        if(parsedJWS.verifyHMAC(key))
        {
            var payload = parsedJWS.getPayload();
            log("Payload: " + payload); //Outputs Hello World!!
        }
      
        else
        {
            throw 'JWS Signature is not verified!';
        }
      
      
        }
       catch (e) {
         event.getOwner().addErrorMessage("Error parsing JWS: " + e);
        }
       
      Throws:
      com.ebasetech.ufs.runtime.security.jwt.InvalidJWTokenException - if there is an error parsing the token
      Since:
      V5.7
    • parseJWE

      JWE parseJWE​(java.lang.String jwtToken, javax.crypto.SecretKey secretKey) throws com.ebasetech.ufs.runtime.security.jwt.InvalidJWTokenException
      Read JWE strings, decrypt JWE using a supplied SecretKey.

      Javascript example:

       try {
         
            var SECRET_KEY = "ytZj2pZxdp26CF4t@sekPr#C?!VJpD!!";
            var key = system.securityManager.getKeyManager().generateAESSecretKey(SECRET_KEY);
         
            var jwe = "eyJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiZGlyIn0..1EEVZOi0b5d4FGSs.Qzzk5Dm-KpE7wdSryN8sDcjbMcncP-pPdjZufjogzqHnqZVLsrscnI2GATOGF5hmn2qnI2giqcAOzpIWa20.MyGg1j6LjdPlaFJ-hKZS4w"
      
            var parsedJWE = system.securityManager.jwtManager.parseJWE(jwe, key);
            var jsonJWT = JSON.parse(parsedJWE.getPayload());
            log("JWTID: " + jsonJWT.jti); //Outputs JWTID: myId
         
       }
       catch (e) {
            event.owner.addErrorMessage(e.javaException.message);
       }
       
      Throws:
      com.ebasetech.ufs.runtime.security.jwt.InvalidJWTokenException - if there is an error parsing the token
      Since:
      V5.7
    • parseJWEtoJWT

      JWT parseJWEtoJWT​(java.lang.String jwtToken, javax.crypto.SecretKey secretKey) throws com.ebasetech.ufs.runtime.security.jwt.InvalidJWTokenException
      Read JWT strings, decrypt JWE using a supplied SecretKey.

      Javascript example:

       try {
         
            var SECRET_KEY = "ytZj2pZxdp26CF4t@sekPr#C?!VJpD!!";
            var key = system.securityManager.getKeyManager().generateAESSecretKey(SECRET_KEY);
         
            var jwe = "eyJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiZGlyIn0..1EEVZOi0b5d4FGSs.Qzzk5Dm-KpE7wdSryN8sDcjbMcncP-pPdjZufjogzqHnqZVLsrscnI2GATOGF5hmn2qnI2giqcAOzpIWa20.MyGg1j6LjdPlaFJ-hKZS4w"
      
            var parsedJWE = system.securityManager.jwtManager.parseJWE(jwe, key);
            var jsonJWT = JSON.parse(parsedJWE.getPayload());
            log("JWTID: " + jsonJWT.jti); //Outputs JWTID: myId
         
       }
       catch (e) {
            event.owner.addErrorMessage(e.javaException.message);
       }
       
      Throws:
      com.ebasetech.ufs.runtime.security.jwt.InvalidJWTokenException - if there is an error parsing the token
      Since:
      V5.7
    • getJwtBuilder

      JWTBuilder getJwtBuilder()
      Returns a JWT builder to build a JWT (JSON Web Token)

      Javascript example:

       
       var SECRET_KEY = "ytZj2pZxdp26CF4t@sekPr#C?!VJpD!!";
       var key = system.securityManager.getKeyManager().generateAESSecretKey(SECRET_KEY);
      
      
       var jwt = system.securityManager.jwtManager.jwtBuilder
                 .setId("myID")
                 .setIssuedAt(new Date())
                 .setSubject("subject")
                 .setIssuer("issuer")
                 .signWithHMAC(KeyManager.SIGNATURE_HS256, key)
                 .generateJWTToken();
       
      Returns:
      JWTBuilder for building a JWT token.
      Since:
      V5.7
      See Also:
      JWTBuilder