public class JwtBuilderFilter extends Object implements Filter
{
"type": "JwtBuilderFilter",
"config": {
"template" : map/expression [REQUIRED]
"signature" : { object [OPTIONAL but if set, inner attributes MAY BE
REQUIRED]
"keystore" : KeyStore [REQUIRED]
"alias" : expression [REQUIRED]
"password" : expression [REQUIRED]
"algorithm" : expression [OPTIONAL - default to RS256*.]
}
}
}
Example of use:
{
"type": "JwtBuilderFilter",
"config": {
"template": {
"mail": "${contexts.userProfile.rawInfo.mail[0]}",
"employeeNumber": "${contexts.userProfile.rawInfo.employeeNumber[0]}"
}
}
}
Example for signing a JWT:
{
"type": "JwtBuilderFilter",
"config": {
"template": {
"mail": "${contexts.userProfile.rawInfo.mail[0]}",
"employeeNumber": "${contexts.userProfile.rawInfo.employeeNumber[0]}"
}
"signature" {
"keystore": "myKeyStore",
"alias": "myAlias",
"password": "myPassword",
"algorithm": "HS384"
}
}
}
Modifier and Type | Class and Description |
---|---|
static class |
JwtBuilderFilter.Heaplet
Creates and initializes an JwtBuilderFilter in a heap environment.
|
Constructor and Description |
---|
JwtBuilderFilter(Map<String,Object> template)
Creates a new
JwtBuilderFilter which will create a
non-signed JWT based on the given JSON template and will place the JWT
into the context JwtBuilderContext. |
JwtBuilderFilter(Map<String,Object> template,
JwsAlgorithm signAlgorithm,
Key signKey)
Creates a new
JwtBuilderFilter which will create a JWT based on the given JSON template
and place it into the context JwtBuilderContext. |
Modifier and Type | Method and Description |
---|---|
Promise<Response,NeverThrowsException> |
filter(Context context,
Request request,
Handler next)
Filters the request and/or response of an exchange.
|
public JwtBuilderFilter(Map<String,Object> template)
JwtBuilderFilter
which will create a
non-signed JWT based on the given JSON template and will place the JWT
into the context JwtBuilderContext.template
- The template representing the name-value pairs.public JwtBuilderFilter(Map<String,Object> template, JwsAlgorithm signAlgorithm, Key signKey)
JwtBuilderFilter
which will create a JWT based on the given JSON template
and place it into the context JwtBuilderContext.template
- The template representing the name-value pairs, not null
.signAlgorithm
- The algorithm used to perform cryptographic signing on the JWT.
Not null
, for unsecured JWT use JwsAlgorithm.NONE
.signKey
- The key to sign the JWT, can be null
if the JWT is not signed.public Promise<Response,NeverThrowsException> filter(Context context, Request request, Handler next)
Filter
next.handle(context, request)
.
This method may elect not to pass the request to the next filter or
handler, and instead handle the request itself. It can achieve this by
merely avoiding a call to next.handle(context, request)
and creating its own response object. The filter is also at liberty to
replace a response with another of its own by intercepting the response
returned by the next handler.
Copyright 2011-2017 ForgeRock AS.