Skip to content

Commit 3725f4f

Browse files
lbalmacedalbalmaceda
committed
restrict again the classes for create. allow arrays
1 parent 07ea314 commit 3725f4f

File tree

3 files changed

+104
-35
lines changed

3 files changed

+104
-35
lines changed

README.md

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -274,6 +274,7 @@ When creating a Token with the `JWT.create()` you can specify a custom Claim by
274274
```java
275275
JWT.create()
276276
.withClaim("name", 123)
277+
.withArrayClaim("array", new Integer[]{1, 2, 3})
277278
.sign(Algorithm.HMAC256("secret"));
278279
```
279280

@@ -282,11 +283,12 @@ You can also verify custom Claims on the `JWT.require()` by calling `withClaim()
282283
```java
283284
JWT.require(Algorithm.HMAC256("secret"))
284285
.withClaim("name", 123)
286+
.withArrayClaim("array", 1, 2, 3)
285287
.build()
286288
.verify("my.jwt.token");
287289
```
288290

289-
> Currently supported classes for custom Claim verification are: Boolean, Integer, Double, String, Date and Array of types String and Integer.
291+
> Currently supported classes for custom JWT Claim creation and verification are: Boolean, Integer, Double, String, Date and Arrays of type String and Integer.
290292
291293

292294
### Claim Class
@@ -299,7 +301,7 @@ The Claim class is a wrapper for the Claim values. It allows you to get the Clai
299301
* **asString()**: Returns the String value or null if it can't be converted.
300302
* **asDate()**: Returns the Date value or null if it can't be converted. This must be a NumericDate (Unix Epoch/Timestamp). Note that the [JWT Standard](https://tools.ietf.org/html/rfc7519#section-2) specified that all the *NumericDate* values must be in seconds.
301303

302-
#### Custom Class and Collections
304+
#### Custom Classes and Collections
303305
To obtain a Claim as a Collection you'll need to provide the **Class Type** of the contents to convert from.
304306

305307
* **as(class)**: Returns the value parsed as **Class Type**. For collections you should use the `asArray` and `asList` methods.

lib/src/main/java/com/auth0/jwt/JWTCreator.java

Lines changed: 91 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -158,15 +158,96 @@ public Builder withJWTId(String jwtId) {
158158
* @return this same Builder instance.
159159
* @throws IllegalArgumentException if the name is null.
160160
*/
161-
public Builder withClaim(String name, Object value) throws IllegalArgumentException {
162-
if (name == null) {
163-
throw new IllegalArgumentException("The Custom Claim's name can't be null.");
164-
}
161+
public Builder withClaim(String name, Boolean value) throws IllegalArgumentException {
162+
assertNonNull(name);
163+
addClaim(name, value);
164+
return this;
165+
}
165166

167+
/**
168+
* Add a custom Claim value.
169+
*
170+
* @param name the Claim's name.
171+
* @param value the Claim's value.
172+
* @return this same Builder instance.
173+
* @throws IllegalArgumentException if the name is null.
174+
*/
175+
public Builder withClaim(String name, Integer value) throws IllegalArgumentException {
176+
assertNonNull(name);
166177
addClaim(name, value);
167178
return this;
168179
}
169180

181+
/**
182+
* Add a custom Claim value.
183+
*
184+
* @param name the Claim's name.
185+
* @param value the Claim's value.
186+
* @return this same Builder instance.
187+
* @throws IllegalArgumentException if the name is null.
188+
*/
189+
public Builder withClaim(String name, Double value) throws IllegalArgumentException {
190+
assertNonNull(name);
191+
addClaim(name, value);
192+
return this;
193+
}
194+
195+
/**
196+
* Add a custom Claim value.
197+
*
198+
* @param name the Claim's name.
199+
* @param value the Claim's value.
200+
* @return this same Builder instance.
201+
* @throws IllegalArgumentException if the name is null.
202+
*/
203+
public Builder withClaim(String name, String value) throws IllegalArgumentException {
204+
assertNonNull(name);
205+
addClaim(name, value);
206+
return this;
207+
}
208+
209+
/**
210+
* Add a custom Claim value.
211+
*
212+
* @param name the Claim's name.
213+
* @param value the Claim's value.
214+
* @return this same Builder instance.
215+
* @throws IllegalArgumentException if the name is null.
216+
*/
217+
public Builder withClaim(String name, Date value) throws IllegalArgumentException {
218+
assertNonNull(name);
219+
addClaim(name, value);
220+
return this;
221+
}
222+
223+
/**
224+
* Add a custom Array Claim with the given items.
225+
*
226+
* @param name the Claim's name.
227+
* @param items the Claim's value.
228+
* @return this same Builder instance.
229+
* @throws IllegalArgumentException if the name is null.
230+
*/
231+
public Builder withArrayClaim(String name, String[] items) throws IllegalArgumentException {
232+
assertNonNull(name);
233+
addClaim(name, items);
234+
return this;
235+
}
236+
237+
/**
238+
* Add a custom Array Claim with the given items.
239+
*
240+
* @param name the Claim's name.
241+
* @param items the Claim's value.
242+
* @return this same Builder instance.
243+
* @throws IllegalArgumentException if the name is null.
244+
*/
245+
public Builder withArrayClaim(String name, Integer[] items) throws IllegalArgumentException {
246+
assertNonNull(name);
247+
addClaim(name, items);
248+
return this;
249+
}
250+
170251
/**
171252
* Creates a new JWT and signs is with the given algorithm
172253
*
@@ -183,6 +264,12 @@ public String sign(Algorithm algorithm) throws IllegalArgumentException, JWTCrea
183264
return new JWTCreator(algorithm, headerClaims, payloadClaims).sign();
184265
}
185266

267+
private void assertNonNull(String name) {
268+
if (name == null) {
269+
throw new IllegalArgumentException("The Custom Claim's name can't be null.");
270+
}
271+
}
272+
186273
private void addClaim(String name, Object value) {
187274
if (value == null) {
188275
payloadClaims.remove(name);

lib/src/test/java/com/auth0/jwt/JWTCreatorTest.java

Lines changed: 9 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,9 @@
55
import org.junit.Test;
66
import org.junit.rules.ExpectedException;
77

8-
import java.util.*;
8+
import java.util.Date;
9+
import java.util.HashMap;
10+
import java.util.Map;
911

1012
import static org.hamcrest.Matchers.is;
1113
import static org.hamcrest.Matchers.notNullValue;
@@ -208,44 +210,22 @@ public void shouldAcceptCustomClaimOfTypeDate() throws Exception {
208210
}
209211

210212
@Test
211-
public void shouldAcceptCustomClaimOfTypeArray() throws Exception {
213+
public void shouldAcceptCustomArrayClaimOfTypeString() throws Exception {
212214
String jwt = JWTCreator.init()
213-
.withClaim("name", new Object[]{"text", 123, true})
215+
.withArrayClaim("name", new String[]{"text", "123", "true"})
214216
.sign(Algorithm.HMAC256("secret"));
215-
String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjpbInRleHQiLDEyMyx0cnVlXX0.uSulPFzLSbgfG8Lpr0jq0JDMhDlGGeQrx09PHEymu1E";
217+
String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjpbInRleHQiLCIxMjMiLCJ0cnVlIl19.lxM8EcmK1uSZRAPd0HUhXGZJdauRmZmLjoeqz4J9yAA";
216218

217219
assertThat(jwt, is(notNullValue()));
218220
assertThat(jwt, is(token));
219221
}
220222

221223
@Test
222-
public void shouldAcceptCustomClaimOfTypeList() throws Exception {
224+
public void shouldAcceptCustomArrayClaimOfTypeInteger() throws Exception {
223225
String jwt = JWTCreator.init()
224-
.withClaim("name", Arrays.asList("text", 123, true))
226+
.withArrayClaim("name", new Integer[]{1, 2, 3})
225227
.sign(Algorithm.HMAC256("secret"));
226-
String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjpbInRleHQiLDEyMyx0cnVlXX0.uSulPFzLSbgfG8Lpr0jq0JDMhDlGGeQrx09PHEymu1E";
227-
228-
assertThat(jwt, is(notNullValue()));
229-
assertThat(jwt, is(token));
230-
}
231-
232-
@Test
233-
public void shouldAcceptCustomClaimOfTypeMap() throws Exception {
234-
String jwt = JWTCreator.init()
235-
.withClaim("name", Collections.singletonMap("value", new Object[]{"text", 123, true}))
236-
.sign(Algorithm.HMAC256("secret"));
237-
String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjp7InZhbHVlIjpbInRleHQiLDEyMyx0cnVlXX19.CtZqZMoG__8yJQisT__pcv3NlynrkDl6qvq4sERx6D0";
238-
239-
assertThat(jwt, is(notNullValue()));
240-
assertThat(jwt, is(token));
241-
}
242-
243-
@Test
244-
public void shouldAcceptCustomClaimOfTypeObject() throws Exception {
245-
String jwt = JWTCreator.init()
246-
.withClaim("name", new UserPojo("john", 123))
247-
.sign(Algorithm.HMAC256("secret"));
248-
String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjp7Im5hbWUiOiJqb2huIiwiaWQiOjEyM319.4ar5Q2vy8h7mw-FjFp1XRoiiKQrrPqdrSqEfATCGmNM";
228+
String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjpbMSwyLDNdfQ.UEuMKRQYrzKAiPpPLhIVawWkKWA1zj0_GderrWUIyFE";
249229

250230
assertThat(jwt, is(notNullValue()));
251231
assertThat(jwt, is(token));

0 commit comments

Comments
 (0)