@API(status=INTERNAL)
public class JwtHelper
extends java.lang.Object
Modifier and Type | Field and Description |
---|---|
static java.lang.Long |
JWT_EXPIRATION_MILLIS |
Constructor and Description |
---|
JwtHelper() |
Modifier and Type | Method and Description |
---|---|
static java.lang.String |
createSignedJwt(java.lang.String user,
long expiration,
java.security.Key privateKey)
Creates a JWT with the provided user name and expiration date, signed with the provided private key.
|
static java.security.PrivateKey |
parseRsaPrivateKey(java.lang.String pemPrivateKey)
Creates a RSA Private Key from a PEM String.
|
protected static java.security.cert.Certificate |
parseX509Certificate(java.lang.String certificate) |
static UserClaim |
validateJwt(java.lang.String jwt,
java.lang.String certificate)
Validates a jwt against a certificate.
|
public static java.lang.String createSignedJwt(java.lang.String user, long expiration, java.security.Key privateKey)
user
- the username to authenticate; will be verified by the podexpiration
- of the authentication request in milliseconds; cannot be longer than the value defined on the
podprivateKey
- the private RSA key to be used to sign the authentication request; will be checked on the pod
against
the public key stored for the userpublic static java.security.PrivateKey parseRsaPrivateKey(java.lang.String pemPrivateKey) throws java.security.GeneralSecurityException
pemPrivateKey
- RSA Private Key contentPrivateKey
instancejava.security.GeneralSecurityException
- On invalid Private Keypublic static UserClaim validateJwt(java.lang.String jwt, java.lang.String certificate) throws AuthInitializationException
jwt
- certificate
- string of the X.509 certificate content in pem format.AuthInitializationException
- if certificate or jwt are invalid.protected static java.security.cert.Certificate parseX509Certificate(java.lang.String certificate) throws AuthInitializationException
AuthInitializationException