Package org.hippoecm.hst.container.security

Interface JwtTokenService

public interface JwtTokenService

Method Summary

Modifier and Type	Method	Description
String	createToken(javax.servlet.http.HttpServletRequest request, Map<String,Object> claims)	Returns a signed JWT (JWS) token for an HttpServletRequest that has been authenticated containing an HttpSession that can be retrieved via CmsSessionContext.getContext(HttpSession).
AccessToken	getAccessToken(String jws)

Method Detail

createToken

String createToken(javax.servlet.http.HttpServletRequest request,
                   Map<String,Object> claims)

Returns a signed JWT (JWS) token for an HttpServletRequest that has been authenticated containing an HttpSession that can be retrieved via CmsSessionContext.getContext(HttpSession). If the request has not already been authenticated or does not have its HttpSession attached to the CmsSessionContext, an IllegalStateException is thrown

Parameters:

request - the HttpServletRequest which must have an http session that has been authenticated already

claims - the claims to add to the token, for example which branch to render, if no extra claims, use empty map. The Objects need to be serializable to json

Returns:

a signed JWT token

Throws:

IllegalStateException - if the http request does not yet have an authenticated HttpSession or does not yet have it attached to the CmsSessionContext via CmsContextService.attachSessionContext(String, HttpSession)

getAccessToken

AccessToken getAccessToken(String jws)
                    throws InvalidTokenException

Parameters:

jws - the signed JWT token

Returns:

An AccessToken object

Throws:

InvalidTokenException - in case the JWT token is not bound to a valid CmsSessionContext (any more)

TokenException - in case the jwt service is not initialized or some unexpected exception happened not being catched and thrown as a InvalidTokenException