Class JWTTokenGenerator
- java.lang.Object
-
- org.wso2.carbon.identity.oauth2.authcontext.JWTTokenGenerator
-
- All Implemented Interfaces:
AuthorizationContextTokenGenerator
public class JWTTokenGenerator extends Object implements AuthorizationContextTokenGenerator
This class represents the JSON Web Token generator. By default the following properties are encoded to each authenticated API request: subscriber, applicationName, apiContext, version, tier, and endUserName Additional properties can be encoded by engaging the ClaimsRetrieverImplClass callback-handler. The JWT header and body are base64 encoded separately and concatenated with a dot. Finally the token is signed using SHA256 with RSA algorithm.
-
-
Constructor Summary
Constructors Constructor Description JWTTokenGenerator()JWTTokenGenerator(boolean includeClaims, boolean enableSigning)
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description voidgenerateToken(OAuth2TokenValidationMessageContext messageContext)Method that generates the JWT.voidinit()Reads the ClaimsRetrieverImplClass from identity.xml -> OAuth -> TokenGeneration -> ClaimsRetrieverImplClass.protected com.nimbusds.jose.JWSAlgorithmmapSignatureAlgorithm(String signatureAlgorithm)Deprecated.protected com.nimbusds.jwt.JWTsignJWT(com.nimbusds.jwt.SignedJWT signedJWT, String tenantDomain, int tenantId)Deprecated.protected com.nimbusds.jwt.SignedJWTsignJWTWithRSA(com.nimbusds.jwt.SignedJWT signedJWT, com.nimbusds.jose.JWSAlgorithm jwsAlgorithm, String tenantDomain, int tenantId)Deprecated.
-
-
-
Method Detail
-
init
public void init() throws IdentityOAuth2ExceptionReads the ClaimsRetrieverImplClass from identity.xml -> OAuth -> TokenGeneration -> ClaimsRetrieverImplClass.- Specified by:
initin interfaceAuthorizationContextTokenGenerator- Throws:
IdentityOAuth2Exception
-
generateToken
public void generateToken(OAuth2TokenValidationMessageContext messageContext) throws IdentityOAuth2Exception
Method that generates the JWT.- Specified by:
generateTokenin interfaceAuthorizationContextTokenGenerator- Throws:
IdentityOAuth2Exception
-
signJWTWithRSA
@Deprecated protected com.nimbusds.jwt.SignedJWT signJWTWithRSA(com.nimbusds.jwt.SignedJWT signedJWT, com.nimbusds.jose.JWSAlgorithm jwsAlgorithm, String tenantDomain, int tenantId) throws IdentityOAuth2Exception
Deprecated.Sign with given RSA Algorithm- Parameters:
signedJWT-jwsAlgorithm-tenantDomain-tenantId-- Returns:
- Throws:
IdentityOAuth2Exception
-
signJWT
@Deprecated protected com.nimbusds.jwt.JWT signJWT(com.nimbusds.jwt.SignedJWT signedJWT, String tenantDomain, int tenantId) throws IdentityOAuth2Exception
Deprecated.Generic Signing function- Parameters:
signedJWT-tenantDomain-tenantId-- Returns:
- Throws:
IdentityOAuth2Exception
-
mapSignatureAlgorithm
@Deprecated protected com.nimbusds.jose.JWSAlgorithm mapSignatureAlgorithm(String signatureAlgorithm) throws IdentityOAuth2Exception
Deprecated.This method map signature algorithm define in identity.xml to nimbus signature algorithm format, Strings are defined inline hence there are not being used any where- Parameters:
signatureAlgorithm-- Returns:
- Throws:
IdentityOAuth2Exception
-
-