java.lang.Object

io.fluxzero.proxy.JwtVerifier

public final class JwtVerifier extends Object

JwtVerifier provides functionality to verify the cryptographic signature of a JSON Web Token (JWT) and validate its claims.

This class relies on a JWKS (JSON Web Key Set) endpoint to resolve public keys used to verify the JWT signature. It supports the RS256 algorithm for signature verification.

The public keys are cached after being fetched from the JWKS endpoint to reduce network calls.

Nested Class Summary

Nested Classes

Modifier and Type

Class

Description

static class

JwtVerifier.JwtClaims

Represents the claims contained in a decoded JWT (JSON Web Token).
Constructor Summary

Constructors

Constructor

Description

JwtVerifier()
Method Summary

Modifier and Type

Method

Description

JwtVerifier.JwtClaims

verify(String jwt)

Verifies the provided JWT (JSON Web Token) for its signature, expiration, and not-before validity.

Methods inherited from class Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- JwtVerifier
  
  public JwtVerifier()
Method Details
- verify
  
  public JwtVerifier.JwtClaims verify(String jwt)
  
  Verifies the provided JWT (JSON Web Token) for its signature, expiration, and not-before validity.
  This method checks the JWT's structure and signature to ensure it has not been tampered with. It also validates the optional "exp" (expiration time) and "nbf" (not-before time) claims to confirm the token is within its valid usage time frame.
  
  Parameters:
  
  jwt - the JSON Web Token to be verified
  
  Returns:
  
  a JwtVerifier.JwtClaims object containing the claims from the valid JWT

Class JwtVerifier

Nested Class Summary

Constructor Summary

Method Summary

Methods inherited from class Object

Constructor Details

JwtVerifier

Method Details

verify