pdk.util.JWT
functions to operate with JSON web tokens
Functions
generateToken
Actually builds the JWT and serializes it to a compact, URL-safe string according to the JWT Compact Serialization rules. HS512 is using to sign.
Arguments:
user :: pdk.jwt.JwtUser
term :: pdk.core.Integer - used to calculate expiration date. Value in seconds.
secret :: pdk.core.String - constant used to sign the token
Result:
output :: pdk.core.String - serialized JWT.
Possible exceptions
NullPointerException - throws if the user, term or secret argument is
NULL
generateUserTokenWithAlgo
Actually builds the JWT and serializes it to a compact, URL-safe string according to the JWT Compact Serialization rules.
Supported signature algorithms:
| Value | Digital Signature or MAC Algorithm |
|---|---|
HS256 | HMAC using SHA-256 |
HS384 | HMAC using SHA-384 |
HS512 | HMAC using SHA-512 |
RS256 | RSASSA-PKCS-v1_5 using SHA-256 |
RS384 | RSASSA-PKCS-v1_5 using SHA-384 |
RS512 | RSASSA-PKCS-v1_5 using SHA-512 |
ES256 | ECDSA using P-256 and SHA-256 |
ES384 | ECDSA using P-384 and SHA-384 |
ES512 | ECDSA using P-521 and SHA-512 |
PS256 | RSASSA-PSS using SHA-256 and MGF1 with SHA-256 |
PS384 | RSASSA-PSS using SHA-384 and MGF1 with SHA-384 |
PS512 | RSASSA-PSS using SHA-512 and MGF1 with SHA-512 |
none | No digital signature or MAC performed |
Arguments:
user :: pdk.jwt.JwtUser
term :: pdk.core.Integer - used to calculate expiration date. Value in seconds.
secret :: pdk.core.String - constant used to sign the token
signatureAlgorithm :: pdk.core.String - cryptographic algorithms for digital sign
Result:
output :: pdk.core.String - serialized JWT.
Possible exceptions
NullPointerException - throws if the user, term, secret or signatureAlgorithm argument is
NULLSignatureException - throws if the unsupported signature algorithm was defined
validateToken
Verify the token belongs to the input JwtUser.
Arguments:
user :: pdk.jwt.JwtUser
token :: pdk.core.String - serialized JWT.
secret :: pdk.core.String - constant used to sign the token.
Result:
output :: pdk.core.Boolean
Possible exceptions
NullPointerException - throws if the user, token or secret argument is
NULL
isTokenExpired
Verify the token has been expired.
Arguments:
token :: pdk.core.String - serialized JWT.
secret :: pdk.core.String - constant used to sign the token.
Result:
output :: pdk.core.Boolean
Possible exceptions
NullPointerException - throws if the token or secret argument is
NULL
getUserIdFromToken
Returns the userId attribute from the serialized jwt token.
Arguments:
token :: pdk.core.String - serialized JWT.
secret :: pdk.core.String - constant used to sign the token.
Result:
output :: pdk.core.String - userId
Possible exceptions
NullPointerException - throws if the token or secret argument is
NULL
getUserFromToken
Returns the user as an object from the serialized jwt token.
Arguments:
token :: pdk.core.String - serialized JWT.
secret :: pdk.core.String - constant used to sign the token.
Result:
output :: pdk.jwt.JwtUser
Possible exceptions
NullPointerException - throws if the token or secret argument is
NULL
getExpirationDateFromToken
Returns the expiration date from the serialized jwt token.
Arguments:
token :: pdk.core.String - serialized JWT.
secret :: pdk.core.String - constant used to sign the token.
Result:
output :: pdk.core.Date
Possible exceptions
NullPointerException - throws if the token or secret argument is
NULL
generateTokenWithPayload (since 5.0.5.3 version)
Actually builds the JWT and serializes it to a compact, URL-safe string according to the JWT Compact Serialization rules.
Supported signature algorithms:
| Value | Digital Signature or MAC Algorithm |
|---|---|
HS256 | HMAC using SHA-256 |
HS384 | HMAC using SHA-384 |
HS512 | HMAC using SHA-512 |
RS256 | RSASSA-PKCS-v1_5 using SHA-256 |
RS384 | RSASSA-PKCS-v1_5 using SHA-384 |
RS512 | RSASSA-PKCS-v1_5 using SHA-512 |
ES256 | ECDSA using P-256 and SHA-256 |
ES384 | ECDSA using P-384 and SHA-384 |
ES512 | ECDSA using P-521 and SHA-512 |
PS256 | RSASSA-PSS using SHA-256 and MGF1 with SHA-256 |
PS384 | RSASSA-PSS using SHA-384 and MGF1 with SHA-384 |
PS512 | RSASSA-PSS using SHA-512 and MGF1 with SHA-512 |
none | No digital signature or MAC performed |
Arguments:
payload :: pdk.net.JsonObject - any JSON object
term :: pdk.core.Integer - used to calculate expiration date. Value in seconds.
secret :: pdk.core.String - constant used to sign the token
signatureAlgorithm :: pdk.core.String - cryptographic algorithms for digital sign
Result:
output :: pdk.core.String - serialized JWT.
Possible exceptions
NullPointerException - throws if the payload, term, secret or signatureAlgorithm argument is
NULLSignatureException - throws if the unsupported signature algorithm was defined
getTokenPayload
Returns the payload as a JSON object from the serialized jwt token.
Arguments:
token :: pdk.core.String - serialized JWT.
secret :: pdk.core.String - constant used to sign the token.
Result:
output :: pdk.net.JsonObject
Possible exceptions
NullPointerException - throws if the token or secret argument is
NULL
isSignatureValid
Is used to verify the integrity and authenticity of a JSON Web Token (JWT). It checks whether the signature of the token is valid by comparing it against the provided secret. This function is crucial for ensuring that the token has not been tampered with and that it was indeed issued by a trusted party.
Arguments:
token :: pdk.core.String - serialized JWT.
secret :: pdk.core.String - constant used to sign the token.
Result:
output :: pdk.core.Boolean
Possible exceptions
NullPointerException - throws if the token or secret argument is
NULL
Last updated