Class JWTTokenGenerator
- java.lang.Object
-
- org.wso2.carbon.identity.oauth2.authcontext.JWTTokenGenerator
-
- All Implemented Interfaces:
AuthorizationContextTokenGenerator
public class JWTTokenGenerator extends Object implements AuthorizationContextTokenGenerator
This class represents the JSON Web Token generator. By default the following properties are encoded to each authenticated API request: subscriber, applicationName, apiContext, version, tier, and endUserName Additional properties can be encoded by engaging the ClaimsRetrieverImplClass callback-handler. The JWT header and body are base64 encoded separately and concatenated with a dot. Finally the token is signed using SHA256 with RSA algorithm.
-
-
Constructor Summary
Constructors Constructor Description JWTTokenGenerator()
JWTTokenGenerator(boolean includeClaims, boolean enableSigning)
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description void
generateToken(OAuth2TokenValidationMessageContext messageContext)
Method that generates the JWT.void
init()
Reads the ClaimsRetrieverImplClass from identity.xml -> OAuth -> TokenGeneration -> ClaimsRetrieverImplClass.protected com.nimbusds.jose.JWSAlgorithm
mapSignatureAlgorithm(String signatureAlgorithm)
Deprecated.protected com.nimbusds.jwt.JWT
signJWT(com.nimbusds.jwt.SignedJWT signedJWT, String tenantDomain, int tenantId)
Deprecated.protected com.nimbusds.jwt.SignedJWT
signJWTWithRSA(com.nimbusds.jwt.SignedJWT signedJWT, com.nimbusds.jose.JWSAlgorithm jwsAlgorithm, String tenantDomain, int tenantId)
Deprecated.
-
-
-
Method Detail
-
init
public void init() throws IdentityOAuth2Exception
Reads the ClaimsRetrieverImplClass from identity.xml -> OAuth -> TokenGeneration -> ClaimsRetrieverImplClass.- Specified by:
init
in interfaceAuthorizationContextTokenGenerator
- Throws:
IdentityOAuth2Exception
-
generateToken
public void generateToken(OAuth2TokenValidationMessageContext messageContext) throws IdentityOAuth2Exception
Method that generates the JWT.- Specified by:
generateToken
in interfaceAuthorizationContextTokenGenerator
- Throws:
IdentityOAuth2Exception
-
signJWTWithRSA
@Deprecated protected com.nimbusds.jwt.SignedJWT signJWTWithRSA(com.nimbusds.jwt.SignedJWT signedJWT, com.nimbusds.jose.JWSAlgorithm jwsAlgorithm, String tenantDomain, int tenantId) throws IdentityOAuth2Exception
Deprecated.Sign with given RSA Algorithm- Parameters:
signedJWT
-jwsAlgorithm
-tenantDomain
-tenantId
-- Returns:
- Throws:
IdentityOAuth2Exception
-
signJWT
@Deprecated protected com.nimbusds.jwt.JWT signJWT(com.nimbusds.jwt.SignedJWT signedJWT, String tenantDomain, int tenantId) throws IdentityOAuth2Exception
Deprecated.Generic Signing function- Parameters:
signedJWT
-tenantDomain
-tenantId
-- Returns:
- Throws:
IdentityOAuth2Exception
-
mapSignatureAlgorithm
@Deprecated protected com.nimbusds.jose.JWSAlgorithm mapSignatureAlgorithm(String signatureAlgorithm) throws IdentityOAuth2Exception
Deprecated.This method map signature algorithm define in identity.xml to nimbus signature algorithm format, Strings are defined inline hence there are not being used any where- Parameters:
signatureAlgorithm
-- Returns:
- Throws:
IdentityOAuth2Exception
-
-