Package org.radarbase.auth.authentication

Class TokenValidator

  • All Implemented Interfaces:
    
public final class TokenValidator

    Validates JWT token signed by the Management Portal. It may be used from multiple coroutine contexts.

    • Method Detail

      • validateBlocking

         final RadarToken validateBlocking(String token)

        Validates an access token and returns the token as a RadarToken object.

        This will load all the verifiers. If a token cannot be verified, this method will fetch the verifiers again, as the source may have changed. It will then and re-check the token. However, the public key will not be fetched more than once every fetchTimeout, to prevent (malicious) clients from loading external token verifiers too frequently.

        This implementation calls runBlocking. If calling from Kotlin, prefer to use validate with coroutines instead.

        Parameters:
        token - The access token

      • validate

         final RadarToken validate(String token)

        Validates an access token and returns the token as a RadarToken object.

        This will load all the verifiers. If a token cannot be verified, this method will fetch the verifiers again, as the source may have changed. It will then and re-check the token. However, the public key will not be fetched more than once every fetchTimeout, to prevent (malicious) clients from loading external token verifiers too frequently.

        Parameters:
        token - The access token

      • refresh

         final Unit refresh()

        Refresh the token verifiers from cache on the next validation.