Class TokenValidator
-
- All Implemented Interfaces:
public final class TokenValidator
Validates JWT token signed by the Management Portal. It may be used from multiple coroutine contexts.
-
-
Constructor Summary
Constructors Constructor Description TokenValidator(List<TokenVerifierLoader> verifierLoaders, Duration fetchTimeout, Duration maxAge)
TokenValidator(List<TokenVerifierLoader> verifierLoaders, Duration fetchTimeout)
TokenValidator(List<TokenVerifierLoader> verifierLoaders)
-
Method Summary
Modifier and Type Method Description final RadarToken
validateBlocking(String token)
Validates an access token and returns the token as a RadarToken object. final RadarToken
validate(String token)
Validates an access token and returns the token as a RadarToken object. final Unit
refresh()
Refresh the token verifiers from cache on the next validation. -
-
Constructor Detail
-
TokenValidator
TokenValidator(List<TokenVerifierLoader> verifierLoaders, Duration fetchTimeout, Duration maxAge)
-
TokenValidator
TokenValidator(List<TokenVerifierLoader> verifierLoaders, Duration fetchTimeout)
-
TokenValidator
TokenValidator(List<TokenVerifierLoader> verifierLoaders)
-
-
Method Detail
-
validateBlocking
final RadarToken validateBlocking(String token)
Validates an access token and returns the token as a RadarToken object.
This will load all the verifiers. If a token cannot be verified, this method will fetch the verifiers again, as the source may have changed. It will then and re-check the token. However, the public key will not be fetched more than once every
fetchTimeout
, to prevent (malicious) clients from loading external token verifiers too frequently.This implementation calls runBlocking. If calling from Kotlin, prefer to use validate with coroutines instead.
- Parameters:
token
- The access token
-
validate
final RadarToken validate(String token)
Validates an access token and returns the token as a RadarToken object.
This will load all the verifiers. If a token cannot be verified, this method will fetch the verifiers again, as the source may have changed. It will then and re-check the token. However, the public key will not be fetched more than once every
fetchTimeout
, to prevent (malicious) clients from loading external token verifiers too frequently.- Parameters:
token
- The access token
-
-
-
-