lccodes
diff --git a/‎lib/src/main/java/com/auth0/jwtdecodejava/JWTDecoder.java‎
Lines changed: 26 additions & 9 deletions b/‎lib/src/main/java/com/auth0/jwtdecodejava/JWTDecoder.java‎
Lines changed: 26 additions & 9 deletions
diff --git a/‎lib/src/main/java/com/auth0/jwtdecodejava/JWTVerifier.java‎
Lines changed: 72 additions & 6 deletions b/‎lib/src/main/java/com/auth0/jwtdecodejava/JWTVerifier.java‎
Lines changed: 72 additions & 6 deletions
diff --git a/‎lib/src/main/java/com/auth0/jwtdecodejava/SignUtils.java‎
Lines changed: 39 additions & 19 deletions b/‎lib/src/main/java/com/auth0/jwtdecodejava/SignUtils.java‎
Lines changed: 39 additions & 19 deletions
diff --git a/‎lib/src/main/java/com/auth0/jwtdecodejava/algorithms/Algorithm.java‎
Lines changed: 13 additions & 0 deletions b/‎lib/src/main/java/com/auth0/jwtdecodejava/algorithms/Algorithm.java‎
Lines changed: 13 additions & 0 deletions
diff --git a/‎lib/src/main/java/com/auth0/jwtdecodejava/exceptions/AlgorithmMismatchException.java‎
Lines changed: 1 addition & 1 deletion b/‎lib/src/main/java/com/auth0/jwtdecodejava/exceptions/AlgorithmMismatchException.java‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/src/main/java/com/auth0/jwtdecodejava/exceptions/InvalidClaimException.java‎
Lines changed: 1 addition & 1 deletion b/‎lib/src/main/java/com/auth0/jwtdecodejava/exceptions/InvalidClaimException.java‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/src/main/java/com/auth0/jwtdecodejava/exceptions/JWTDecodeException.java‎
Lines changed: 11 additions & 0 deletions b/‎lib/src/main/java/com/auth0/jwtdecodejava/exceptions/JWTDecodeException.java‎
Lines changed: 11 additions & 0 deletions
diff --git a/‎lib/src/main/java/com/auth0/jwtdecodejava/exceptions/JWTException.java‎
Lines changed: 0 additions & 11 deletions b/‎lib/src/main/java/com/auth0/jwtdecodejava/exceptions/JWTException.java‎
Lines changed: 0 additions & 11 deletions
diff --git a/‎lib/src/main/java/com/auth0/jwtdecodejava/exceptions/JWTVerificationException.java‎
Lines changed: 11 additions & 0 deletions b/‎lib/src/main/java/com/auth0/jwtdecodejava/exceptions/JWTVerificationException.java‎
Lines changed: 11 additions & 0 deletions
@@ -1,7 +1,7 @@
 package com.auth0.jwtdecodejava;
 
 import com.auth0.jwtdecodejava.algorithms.Algorithm;
-import com.auth0.jwtdecodejava.exceptions.JWTException;
+import com.auth0.jwtdecodejava.exceptions.JWTDecodeException;
 import com.auth0.jwtdecodejava.impl.JWTParser;
 import com.auth0.jwtdecodejava.interfaces.Claim;
 import com.auth0.jwtdecodejava.interfaces.Header;
@@ -10,27 +10,44 @@
 
 import java.util.Date;
 
-import static com.auth0.jwtdecodejava.SignUtils.base64Decode;
-
+/**
+ * The JWTDecoder class holds the decode method to parse a given Token into it's JWT representation.
+ */
 public final class JWTDecoder implements JWT {
 
     private Header header;
     private Payload payload;
     private String signature;
 
-    private JWTDecoder(String jwt) {
+    private JWTDecoder(String jwt) throws JWTDecodeException {
         parseToken(jwt);
     }
 
-    public static JWT decode(String jwt) {
-        return new JWTDecoder(jwt);
+    /**
+     * Decode a given Token into a JWT instance.
+     * Note that this method doesn't verify the JWT's signature! Use it only if you trust the issuer of the Token.
+     *
+     * @param token the String representation of the JWT.
+     * @return a decoded JWT.
+     * @throws JWTDecodeException if any part of the Token contained an invalid JWT or JSON format.
+     */
+    public static JWT decode(String token) throws JWTDecodeException {
+        return new JWTDecoder(token);
     }
 
-    private void parseToken(String token) throws JWTException {
+    private void parseToken(String token) throws JWTDecodeException {
         final String[] parts = SignUtils.splitToken(token);
         final JWTParser converter = new JWTParser();
-        header = converter.parseHeader(base64Decode(parts[0]));
-        payload = converter.parsePayload(base64Decode(parts[1]));
+        String headerJson;
+        String payloadJson;
+        try {
+            headerJson = SignUtils.base64Decode(parts[0]);
+            payloadJson = SignUtils.base64Decode(parts[1]);
+        } catch (NullPointerException e) {
+            throw new JWTDecodeException("The UTF-8 Charset isn't initialized.", e);
+        }
+        header = converter.parseHeader(headerJson);
+        payload = converter.parsePayload(payloadJson);
         signature = parts[2];
     }
 
 
@@ -6,7 +6,7 @@
 import com.auth0.jwtdecodejava.algorithms.RSAlgorithm;
 import com.auth0.jwtdecodejava.exceptions.AlgorithmMismatchException;
 import com.auth0.jwtdecodejava.exceptions.InvalidClaimException;
-import com.auth0.jwtdecodejava.exceptions.JWTException;
+import com.auth0.jwtdecodejava.exceptions.JWTVerificationException;
 import com.auth0.jwtdecodejava.exceptions.SignatureVerificationException;
 import com.auth0.jwtdecodejava.impl.PublicClaims;
 import com.auth0.jwtdecodejava.interfaces.JWT;
@@ -22,6 +22,9 @@
 
 import static com.auth0.jwtdecodejava.algorithms.NoneAlgorithm.none;
 
+/**
+ * The JWTVerifier class holds the verify method to assert that a given Token has not only a proper JWT format, but also it's signature matches.
+ */
 public class JWTVerifier {
     private final Algorithm algorithm;
     private final String secret;
@@ -35,14 +38,35 @@ private JWTVerifier(Algorithm algorithm, String secret, PublicKey key) {
         this.claims = new HashMap<>();
     }
 
-    public static JWTVerifier init() throws IllegalArgumentException {
+    /**
+     * Initialize a JWTVerifier instance using the Algorithm "none".
+     *
+     * @return a JWTVerifier instance to configure.
+     */
+    public static JWTVerifier init() {
         return init(none, null, null);
     }
 
+    /**
+     * Initialize a JWTVerifier instance using a HS Algorithm.
+     *
+     * @param algorithm a HSAlgorithm. Valid values are HS256, HS384, HS512.
+     * @param secret    to use when verifying the signature.
+     * @return a JWTVerifier instance to configure.
+     * @throws IllegalArgumentException if the provided algorithm is null or if the secret is null.
+     */
     public static JWTVerifier init(HSAlgorithm algorithm, String secret) throws IllegalArgumentException {
         return init(algorithm, null, secret);
     }
 
+    /**
+     * Initialize a JWTVerifier instance using a RS Algorithm.
+     *
+     * @param algorithm a RSAlgorithm. Valid values are RS256, RS384, RS512.
+     * @param publicKey to use when verifying the signature.
+     * @return a JWTVerifier instance to configure.
+     * @throws IllegalArgumentException if the provided algorithm is null or if the publicKey is null.
+     */
     public static JWTVerifier init(RSAlgorithm algorithm, PublicKey publicKey) throws IllegalArgumentException {
         return init(algorithm, publicKey, null);
     }
@@ -60,50 +84,92 @@ private static JWTVerifier init(Algorithm algorithm, PublicKey publicKey, String
         return new JWTVerifier(algorithm, secret, publicKey);
     }
 
+    /**
+     * Require a specific Issuer ("iss") claim.
+     *
+     * @return this same JWTVerifier instance.
+     */
     public JWTVerifier withIssuer(String issuer) {
         requireClaim(PublicClaims.ISSUER, issuer);
         return this;
     }
 
+    /**
+     * Require a specific Subject ("sub") claim.
+     *
+     * @return this same JWTVerifier instance.
+     */
     public JWTVerifier withSubject(String subject) {
         requireClaim(PublicClaims.SUBJECT, subject);
         return this;
     }
 
+    /**
+     * Require a specific Audience ("aud") claim.
+     *
+     * @return this same JWTVerifier instance.
+     */
     public JWTVerifier withAudience(String[] audience) {
         requireClaim(PublicClaims.AUDIENCE, audience);
         return this;
     }
 
+    /**
+     * Require a specific Expires At ("exp") claim.
+     *
+     * @return this same JWTVerifier instance.
+     */
     public JWTVerifier withExpiresAt(Date expiresAt) {
         requireClaim(PublicClaims.EXPIRES_AT, expiresAt);
         return this;
     }
 
+    /**
+     * Require a specific Not Before ("nbf") claim.
+     *
+     * @return this same JWTVerifier instance.
+     */
     public JWTVerifier withNotBefore(Date notBefore) {
         requireClaim(PublicClaims.NOT_BEFORE, notBefore);
         return this;
     }
 
+    /**
+     * Require a specific Issued At ("iat") claim.
+     *
+     * @return this same JWTVerifier instance.
+     */
     public JWTVerifier withIssuedAt(Date issuedAt) {
         requireClaim(PublicClaims.ISSUED_AT, issuedAt);
         return this;
     }
 
+    /**
+     * Require a specific JWT Id ("jti") claim.
+     *
+     * @return this same JWTVerifier instance.
+     */
     public JWTVerifier withJWTId(String jwtId) {
         requireClaim(PublicClaims.JWT_ID, jwtId);
         return this;
     }
 
-    public JWT verify(String token) throws JWTException {
+    /**
+     * Perform the verification against the given Token, using any previous configured options.
+     *
+     * @param token the String representation of the JWT.
+     * @return a verified JWT.
+     * @throws JWTVerificationException if any of the required contents inside the JWT is invalid.
+     */
+    public JWT verify(String token) throws JWTVerificationException {
         JWT jwt = JWTDecoder.decode(token);
         verifyAlgorithm(jwt, algorithm);
         verifySignature(SignUtils.splitToken(token));
         verifyClaims(jwt, claims);
         return jwt;
     }
 
-    private void verifySignature(String[] parts) {
+    private void verifySignature(String[] parts) throws SignatureVerificationException {
         if (algorithm instanceof HSAlgorithm) {
             try {
                 SignUtils.verifyHS((HSAlgorithm) algorithm, parts, secret);
@@ -121,7 +187,7 @@ private void verifySignature(String[] parts) {
         }
     }
 
-    private void verifyAlgorithm(JWT jwt, Algorithm expectedAlgorithm) throws AlgorithmMismatchException, IllegalArgumentException {
+    private void verifyAlgorithm(JWT jwt, Algorithm expectedAlgorithm) throws AlgorithmMismatchException {
         if (!expectedAlgorithm.equals(jwt.getAlgorithm())) {
             throw new AlgorithmMismatchException("The provided Algorithm doesn't match the one defined in the JWT's Header.");
         }
@@ -133,7 +199,7 @@ private void verifyClaims(JWT jwt, Map<String, Object> claims) {
         }
     }
 
-    private void assertValidClaim(JWT jwt, String claimName, Object expectedValue) {
+    private void assertValidClaim(JWT jwt, String claimName, Object expectedValue) throws InvalidClaimException {
         boolean isValid;
         if (PublicClaims.AUDIENCE.equals(claimName)) {
             isValid = Arrays.equals(jwt.getAudience(), (String[]) expectedValue);
 
@@ -2,7 +2,7 @@
 
 import com.auth0.jwtdecodejava.algorithms.HSAlgorithm;
 import com.auth0.jwtdecodejava.algorithms.RSAlgorithm;
-import com.auth0.jwtdecodejava.exceptions.JWTException;
+import com.auth0.jwtdecodejava.exceptions.JWTDecodeException;
 import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.codec.binary.StringUtils;
 
@@ -12,38 +12,58 @@
 
 class SignUtils {
 
-    static String base64Decode(String string) throws JWTException {
-        String decoded;
-        try {
-            decoded = StringUtils.newStringUtf8(Base64.decodeBase64(string));
-        } catch (NullPointerException e) {
-            throw new JWTException("Received bytes didn't correspond to a valid Base64 encoded string.", e);
-        }
-        return decoded;
+    /**
+     * Decodes a given String from it's Base64 string representation into a UTF-8 String.
+     *
+     * @param source the source of the decode process.
+     * @return a UTF-8 String representing the Base64 decoded source.
+     * @throws NullPointerException if the UTF-8 Charset isn't initialized.
+     */
+    static String base64Decode(String source) throws NullPointerException {
+        return StringUtils.newStringUtf8(Base64.decodeBase64(source));
     }
 
-    static String base64Encode(String string) throws JWTException {
-        String encoded;
-        try {
-            encoded = StringUtils.newStringUtf8(Base64.encodeBase64(string.getBytes(), false, true));
-        } catch (NullPointerException e) {
-            throw new JWTException("Received bytes didn't correspond to a valid Base64 encoded string.", e);
-        }
-        return encoded;
+    /**
+     * Encodes a given String into it's Base64 string representation.
+     *
+     * @param source the source of the decode process.
+     * @return a UTF-8 String encoded into it's Base64 representation.
+     * @throws NullPointerException     if the UTF-8 Charset isn't initialized.
+     * @throws IllegalArgumentException if the source string is too long.
+     */
+    static String base64Encode(String source) throws NullPointerException, IllegalArgumentException {
+        return StringUtils.newStringUtf8(Base64.encodeBase64(source.getBytes(), false, true));
     }
 
-    static String[] splitToken(String token) {
+    /**
+     * Splits the given token on the "." chars into a String array with 3 parts.
+     *
+     * @param token the string to split.
+     * @return the array representing the 3 parts of the token.
+     * @throws JWTDecodeException if the Token doesn't have 3 parts.
+     */
+    static String[] splitToken(String token) throws JWTDecodeException {
         String[] parts = token.split("\\.");
         if (parts.length == 2 && token.endsWith(".")) {
             //Tokens with alg='none' have empty String as Signature.
             parts = new String[]{parts[0], parts[1], ""};
         }
         if (parts.length != 3) {
-            throw new JWTException(String.format("The token was expected to have 3 parts, but got %s.", parts.length));
+            throw new JWTDecodeException(String.format("The token was expected to have 3 parts, but got %s.", parts.length));
         }
         return parts;
     }
 
+    /**
+     * Verify the given JWT parts using a specific HS Algorithm and a given secret.
+     *
+     * @param algorithm the HSAlgorithm to use. Must be one of HS256, HS384, or HS512.
+     * @param jwtParts  a valid array of size 3 representing the JWT parts.
+     * @param secret    the secret used when signing the token's content.
+     * @return whether the Token's signature is valid or not.
+     * @throws NoSuchAlgorithmException if the chosen algorithm isn't present.
+     * @throws InvalidKeyException
+     */
     static boolean verifyHS(HSAlgorithm algorithm, String[] jwtParts, String secret) throws NoSuchAlgorithmException, InvalidKeyException {
         if (secret == null) {
             throw new IllegalArgumentException("The Secret cannot be null");
 
@@ -1,9 +1,22 @@
 package com.auth0.jwtdecodejava.algorithms;
 
+/**
+ * The Algorithm class represents an algorithm to be used in the Signing or Verification process of a Token.
+ */
 public interface Algorithm {
 
+    /**
+     * Getter for the description required when instantiating a Mac or Signature object.
+     *
+     * @return the algorithm description.
+     */
     String describe();
 
+    /**
+     * Getter for the name of this algorithm as referenced in the JWT standard.
+     *
+     * @return the algorithm name.
+     */
     String name();
 
 }
@@ -1,6 +1,6 @@
 package com.auth0.jwtdecodejava.exceptions;
 
-public class AlgorithmMismatchException extends JWTException{
+public class AlgorithmMismatchException extends JWTVerificationException {
     public AlgorithmMismatchException(String message) {
         super(message);
     }
 
@@ -1,7 +1,7 @@
 package com.auth0.jwtdecodejava.exceptions;
 
 
-public class InvalidClaimException extends JWTException {
+public class InvalidClaimException extends JWTVerificationException {
     public InvalidClaimException(String message) {
         super(message);
     }
 
@@ -0,0 +1,11 @@
+package com.auth0.jwtdecodejava.exceptions;
+
+public class JWTDecodeException extends RuntimeException {
+    public JWTDecodeException(String message) {
+        this(message, null);
+    }
+
+    public JWTDecodeException(String message, Throwable cause) {
+        super(message, cause);
+    }
+}
@@ -0,0 +1,11 @@
+package com.auth0.jwtdecodejava.exceptions;
+
+public class JWTVerificationException extends RuntimeException {
+    public JWTVerificationException(String message) {
+        this(message, null);
+    }
+
+    public JWTVerificationException(String message, Throwable cause) {
+        super(message, cause);
+    }
+}
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`package com.auth0.jwtdecodejava.exceptions;`
`2`	`2`
`3`		`-public class AlgorithmMismatchException extends JWTException{`
	`3`	`+public class AlgorithmMismatchException extends JWTVerificationException {`
`4`	`4`	`public AlgorithmMismatchException(String message) {`
`5`	`5`	`super(message);`
`6`	`6`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`package com.auth0.jwtdecodejava.exceptions;`
`2`	`2`
`3`	`3`
`4`		`-public class InvalidClaimException extends JWTException {`
	`4`	`+public class InvalidClaimException extends JWTVerificationException {`
`5`	`5`	`public InvalidClaimException(String message) {`
`6`	`6`	`super(message);`
`7`	`7`	`}`