Package org.eclipse.hono.util
Class JwtHelper
- java.lang.Object
-
- org.eclipse.hono.util.JwtHelper
-
public abstract class JwtHelper extends Object
A utility class for generating JWT tokens asserting the registration status of devices.
-
-
Field Summary
Fields Modifier and Type Field Description protected io.jsonwebtoken.SignatureAlgorithm
algorithm
The signature algorithm used for signing.protected Key
key
The secret key used for signing.protected Duration
tokenLifetime
The lifetime of created tokens.
-
Constructor Summary
Constructors Modifier Constructor Description protected
JwtHelper(io.vertx.core.Vertx vertx)
Creates a new helper for a vertx instance.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description protected static <T extends JwtHelper>
TforSharedSecret(String sharedSecret, long tokenExpiration, Supplier<T> instanceSupplier)
Creates a helper that can be used for creating and verifying signatures of JWTs.protected static <T extends JwtHelper>
TforSigning(SignatureSupportingConfigProperties config, Supplier<T> instanceSupplier)
Creates a helper that can be used for creating signed JWTs.protected static <T extends JwtHelper>
TforValidating(SignatureSupportingConfigProperties config, Supplier<T> instanceSupplier)
Creates a helper that can be used for verifying signatures of JWTs.protected static byte[]
getBytes(String secret)
Gets the bytes representing the UTF8 encoding of a secret.Duration
getTokenLifetime()
Gets the duration being used for calculating the exp claim of tokens created by this class.protected void
setPrivateKey(String keyPath)
Sets the path to a PKCS8 PEM file containing the RSA private key to use for signing tokens asserting the registration status of devices.protected void
setPublicKey(String keyPath)
Sets the path to a PEM file containing a certificate holding a public key to use for validating the signature of tokens asserting the registration status of devices.protected void
setSharedSecret(byte[] secret)
Sets the secret to use for signing tokens asserting the registration status of devices.
-
-
-
Method Detail
-
getBytes
protected static final byte[] getBytes(String secret)
Gets the bytes representing the UTF8 encoding of a secret.- Parameters:
secret
- The string to get the bytes for.- Returns:
- The bytes.
-
setSharedSecret
protected final void setSharedSecret(byte[] secret)
Sets the secret to use for signing tokens asserting the registration status of devices.- Parameters:
secret
- The secret to use.- Throws:
NullPointerException
- if secret isnull
.IllegalArgumentException
- if the secret is < 32 bytes.
-
setPrivateKey
protected final void setPrivateKey(String keyPath)
Sets the path to a PKCS8 PEM file containing the RSA private key to use for signing tokens asserting the registration status of devices.- Parameters:
keyPath
- The absolute path to the file.- Throws:
NullPointerException
- if the path isnull
.IllegalArgumentException
- if the key cannot be read from the file.
-
setPublicKey
protected final void setPublicKey(String keyPath)
Sets the path to a PEM file containing a certificate holding a public key to use for validating the signature of tokens asserting the registration status of devices.- Parameters:
keyPath
- The absolute path to the file.- Throws:
NullPointerException
- if the path isnull
.IllegalArgumentException
- if the key cannot be read from the file.
-
getTokenLifetime
public final Duration getTokenLifetime()
Gets the duration being used for calculating the exp claim of tokens created by this class.Clients should always check if a token is expired before using any information contained in the token.
- Returns:
- The duration.
-
forSharedSecret
protected static <T extends JwtHelper> T forSharedSecret(String sharedSecret, long tokenExpiration, Supplier<T> instanceSupplier)
Creates a helper that can be used for creating and verifying signatures of JWTs.- Type Parameters:
T
- The type of helper to create.- Parameters:
sharedSecret
- The shared secret to use for signatures.tokenExpiration
- The number of seconds after which the tokens created by this helper should be considered expired.instanceSupplier
- The supplier to invoke for creating the new helper instance.- Returns:
- The newly created helper.
-
forSigning
protected static <T extends JwtHelper> T forSigning(SignatureSupportingConfigProperties config, Supplier<T> instanceSupplier)
Creates a helper that can be used for creating signed JWTs.- Type Parameters:
T
- The type of helper to create.- Parameters:
config
- The key material to use for signing.instanceSupplier
- The supplier to invoke for creating the new helper instance.- Returns:
- The newly created helper.
-
forValidating
protected static <T extends JwtHelper> T forValidating(SignatureSupportingConfigProperties config, Supplier<T> instanceSupplier)
Creates a helper that can be used for verifying signatures of JWTs.- Type Parameters:
T
- The type of helper to create.- Parameters:
config
- The key material to use for verifying signatures.instanceSupplier
- The supplier to invoke for creating the new helper instance.- Returns:
- The newly created helper.
-
-