MCPcopy Index your code
hub / github.com/auth0/java-jwt / JWTVerifier

Class JWTVerifier

lib/src/main/java/com/auth0/jwt/JWTVerifier.java:26–500  ·  view source on GitHub ↗

The JWTVerifier class holds the verify method to assert that a given Token has not only a proper JWT format, but also its signature matches. This class is thread-safe. @see com.auth0.jwt.interfaces.JWTVerifier

Source from the content-addressed store, hash-verified

24 * @see com.auth0.jwt.interfaces.JWTVerifier
25 */
26public final class JWTVerifier implements com.auth0.jwt.interfaces.JWTVerifier {
27 private final Algorithm algorithm;
28 final List<ExpectedCheckHolder> expectedChecks;
29 private final JWTParser parser;
30
31 JWTVerifier(Algorithm algorithm, List<ExpectedCheckHolder> expectedChecks) {
32 this.algorithm = algorithm;
33 this.expectedChecks = Collections.unmodifiableList(expectedChecks);
34 this.parser = new JWTParser();
35 }
36
37 /**
38 * Initialize a {@link Verification} instance using the given Algorithm.
39 *
40 * @param algorithm the Algorithm to use on the JWT verification.
41 * @return a {@link Verification} instance to configure.
42 * @throws IllegalArgumentException if the provided algorithm is null.
43 */
44 static Verification init(Algorithm algorithm) throws IllegalArgumentException {
45 return new BaseVerification(algorithm);
46 }
47
48 /**
49 * {@link Verification} implementation that accepts all the expected Claim values for verification, and
50 * builds a {@link com.auth0.jwt.interfaces.JWTVerifier} used to verify a JWT's signature and expected claims.
51 *
52 * Note that this class is <strong>not</strong> thread-safe. Calling {@link #build()} returns an instance of
53 * {@link com.auth0.jwt.interfaces.JWTVerifier} which can be reused.
54 */
55 public static class BaseVerification implements Verification {
56 private final Algorithm algorithm;
57 private final List<ExpectedCheckHolder> expectedChecks;
58 private long defaultLeeway;
59 private final Map<String, Long> customLeeways;
60 private boolean ignoreIssuedAt;
61 private Clock clock;
62
63 BaseVerification(Algorithm algorithm) throws IllegalArgumentException {
64 if (algorithm == null) {
65 throw new IllegalArgumentException("The Algorithm cannot be null.");
66 }
67
68 this.algorithm = algorithm;
69 this.expectedChecks = new ArrayList<>();
70 this.customLeeways = new HashMap<>();
71 this.defaultLeeway = 0;
72 }
73
74 @Override
75 public Verification withIssuer(String... issuer) {
76 List<String> value = isNullOrEmpty(issuer) ? null : Arrays.asList(issuer);
77 addCheck(RegisteredClaims.ISSUER, ((claim, decodedJWT) -> {
78 if (verifyNull(claim, value)) {
79 return true;
80 }
81 if (value == null || !value.contains(claim.asString())) {
82 throw new IncorrectClaimException(
83 "The Claim 'iss' value doesn't match the required issuer.", RegisteredClaims.ISSUER, claim);

Callers

nothing calls this directly

Calls

no outgoing calls

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…