Skip to content

Commit a007aaa

Browse files
hzalazhzalaz
authored
Merge pull request auth0#111 from auth0/chore-prepare-release
Prepare Release
2 parents ff49aea + f7402bf commit a007aaa

28 files changed

+196
-282
lines changed

.gitignore

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -72,6 +72,8 @@ hs_err_pid*
7272
### Gradle template
7373
.gradle
7474
build/
75+
target/
76+
dependency-reduced-pom.xml
7577

7678
# Ignore Gradle GUI config
7779
gradle-app.setting

README.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,12 @@
11

22

3-
# Java JWT [v3]
3+
# Java JWT
44

55
[![Build Status](https://travis-ci.org/auth0/java-jwt.svg?branch=v3)](https://travis-ci.org/auth0/java-jwt)
66
[![Coverage Status](https://img.shields.io/codecov/c/github/auth0/java-jwt/v3.svg?style=flat-square)](https://codecov.io/github/auth0/java-jwt)
77
[![License](http://img.shields.io/:license-mit-blue.svg?style=flat)](http://doge.mit-license.org)
88

9-
An implementation of [JSON Web Tokens](http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html) developed against `draft-ietf-oauth-json-web-token-08`.
9+
A Java implementation of [JSON Web Tokens (draft-ietf-oauth-json-web-token-08)](http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html)
1010

1111
## Installation
1212

lib/src/main/java/com/auth0/jwt/JWT.java

Lines changed: 15 additions & 94 deletions
Original file line numberDiff line numberDiff line change
@@ -3,123 +3,44 @@
33
import com.auth0.jwt.algorithms.Algorithm;
44
import com.auth0.jwt.exceptions.JWTDecodeException;
55
import com.auth0.jwt.interfaces.Claim;
6+
import com.auth0.jwt.interfaces.DecodedJWT;
67

78
import java.util.Date;
89
import java.util.List;
910

1011
@SuppressWarnings("WeakerAccess")
11-
public final class JWT implements com.auth0.jwt.interfaces.JWT {
12-
13-
private final com.auth0.jwt.interfaces.JWT jwt;
14-
15-
JWT(com.auth0.jwt.interfaces.JWT jwt) {
16-
this.jwt = jwt;
17-
}
12+
public abstract class JWT implements DecodedJWT {
1813

1914
/**
20-
* Decode a given Token into a JWT instance.
21-
* Note that this method doesn't verify the JWT's signature! Use it only if you trust the issuer of the Token.
15+
* Decode a given JWT token.
2216
*
23-
* @param token the String representation of the JWT.
24-
* @return a decoded JWT.
25-
* @throws JWTDecodeException if any part of the Token contained an invalid JWT or JSON format.
17+
* Note that this method <b>doesn't verify the token's signature!</b> Use it only if you trust the token or you already verified it.
18+
*
19+
* @param token with jwt format as string.
20+
* @return a decoded token.
21+
* @throws JWTDecodeException if any part of the token contained an invalid jwt or JSON format of each of the jwt parts.
2622
*/
2723
public static JWT decode(String token) throws JWTDecodeException {
28-
return new JWT(JWTDecoder.decode(token));
24+
return new JWTDecoder(token);
2925
}
3026

3127
/**
32-
* Creates a Verification instance to configure and verify a Token using the given Algorithm.
28+
* Returns a {@link JWTVerifier} builder with the algorithm to be used to validate token signature.
3329
*
34-
* @param algorithm the Algorithm to use in JWT verifications.
35-
* @return a Verification instance to configure.
30+
* @param algorithm that will be used to verify the token's signature.
31+
* @return {@link JWTVerifier} builder
3632
* @throws IllegalArgumentException if the provided algorithm is null.
3733
*/
38-
public static JWTVerifier.Verification require(Algorithm algorithm) throws IllegalArgumentException {
34+
public static JWTVerifier.Verification require(Algorithm algorithm) {
3935
return JWTVerifier.init(algorithm);
4036
}
4137

4238
/**
43-
* Creates a Builder instance to configure and construct a Token using the given Algorithm.
39+
* Returns a JWT builder used to create and sign jwt tokens
4440
*
45-
* @return a Builder instance to configure.
41+
* @return a jwt token builder.
4642
*/
4743
public static JWTCreator.Builder create() {
4844
return JWTCreator.init();
4945
}
50-
51-
@Override
52-
public String getSignature() {
53-
return jwt.getSignature();
54-
}
55-
56-
@Override
57-
public String getIssuer() {
58-
return jwt.getIssuer();
59-
}
60-
61-
@Override
62-
public String getSubject() {
63-
return jwt.getSubject();
64-
}
65-
66-
@Override
67-
public List<String> getAudience() {
68-
return jwt.getAudience();
69-
}
70-
71-
@Override
72-
public Date getExpiresAt() {
73-
return jwt.getExpiresAt();
74-
}
75-
76-
@Override
77-
public Date getNotBefore() {
78-
return jwt.getNotBefore();
79-
}
80-
81-
@Override
82-
public Date getIssuedAt() {
83-
return jwt.getIssuedAt();
84-
}
85-
86-
@Override
87-
public String getId() {
88-
return jwt.getId();
89-
}
90-
91-
@Override
92-
public Claim getClaim(String name) {
93-
return jwt.getClaim(name);
94-
}
95-
96-
@Override
97-
public Claim getHeaderClaim(String name) {
98-
return jwt.getHeaderClaim(name);
99-
}
100-
101-
@Override
102-
public String getAlgorithm() {
103-
return jwt.getAlgorithm();
104-
}
105-
106-
@Override
107-
public String getType() {
108-
return jwt.getType();
109-
}
110-
111-
@Override
112-
public String getContentType() {
113-
return jwt.getContentType();
114-
}
115-
116-
@Override
117-
public String getKeyId() {
118-
return jwt.getKeyId();
119-
}
120-
121-
@Override
122-
public String getToken() {
123-
return jwt.getToken();
124-
}
12546
}

lib/src/main/java/com/auth0/jwt/JWTCreator.java

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@
1616
import java.util.Map;
1717

1818
/**
19-
* The JWTCreator class holds the sign method to generate a complete JWT (with Signature) from a given Header and Payload content.
19+
* The JWTCreator class holds the sign method to generate a complete DecodedJWT (with Signature) from a given Header and Payload content.
2020
*/
2121
@SuppressWarnings("WeakerAccess")
2222
public final class JWTCreator {
@@ -50,7 +50,7 @@ static JWTCreator.Builder init() {
5050
}
5151

5252
/**
53-
* The Builder class holds the Claims that defines the JWT to be created.
53+
* The Builder class holds the Claims that defines the DecodedJWT to be created.
5454
*/
5555
public static class Builder {
5656
private final Map<String, Object> payloadClaims;
@@ -139,7 +139,7 @@ public Builder withIssuedAt(Date issuedAt) {
139139
}
140140

141141
/**
142-
* Add a specific JWT Id ("jti") claim.
142+
* Add a specific DecodedJWT Id ("jti") claim.
143143
*
144144
* @param jwtId the Token Id value.
145145
* @return this same Builder instance.
@@ -172,10 +172,10 @@ public Builder withClaim(String name, Object value) throws IllegalArgumentExcept
172172
}
173173

174174
/**
175-
* Creates a new instance of the JWT with the specified payloadClaims.
175+
* Creates a new instance of the DecodedJWT with the specified payloadClaims.
176176
*
177-
* @param algorithm the Algorithm to use on the JWT signing.
178-
* @return a new JWT instance.
177+
* @param algorithm the Algorithm to use on the DecodedJWT signing.
178+
* @return a new DecodedJWT instance.
179179
* @throws IllegalArgumentException if the provided algorithm is null.
180180
* @throws JWTCreationException if the Claims coudln't be converted to a valid JSON or there was a problem with the signing key.
181181
*/

lib/src/main/java/com/auth0/jwt/JWTDecoder.java

Lines changed: 4 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -3,8 +3,8 @@
33
import com.auth0.jwt.exceptions.JWTDecodeException;
44
import com.auth0.jwt.impl.JWTParser;
55
import com.auth0.jwt.interfaces.Claim;
6+
import com.auth0.jwt.interfaces.DecodedJWT;
67
import com.auth0.jwt.interfaces.Header;
7-
import com.auth0.jwt.interfaces.JWT;
88
import com.auth0.jwt.interfaces.Payload;
99
import org.apache.commons.codec.binary.Base64;
1010
import org.apache.commons.codec.binary.StringUtils;
@@ -13,33 +13,21 @@
1313
import java.util.List;
1414

1515
/**
16-
* The JWTDecoder class holds the decode method to parse a given Token into it's JWT representation.
16+
* The JWTDecoder class holds the decode method to parse a given Token into it's DecodedJWT representation.
1717
*/
1818
@SuppressWarnings("WeakerAccess")
19-
final class JWTDecoder implements JWT {
19+
final class JWTDecoder extends JWT {
2020

2121
private final String token;
2222
private Header header;
2323
private Payload payload;
2424
private String signature;
2525

26-
private JWTDecoder(String jwt) throws JWTDecodeException {
26+
JWTDecoder(String jwt) throws JWTDecodeException {
2727
this.token = jwt;
2828
parseToken(jwt);
2929
}
3030

31-
/**
32-
* Decode a given Token into a JWT instance.
33-
* Note that this method doesn't verify the JWT's signature! Use it only if you trust the issuer of the Token.
34-
*
35-
* @param token the String representation of the JWT.
36-
* @return a decoded JWT.
37-
* @throws JWTDecodeException if any part of the Token contained an invalid JWT or JSON format.
38-
*/
39-
static JWT decode(String token) throws JWTDecodeException {
40-
return new JWTDecoder(token);
41-
}
42-
4331
private void parseToken(String token) throws JWTDecodeException {
4432
final String[] parts = TokenUtils.splitToken(token);
4533
final JWTParser converter = new JWTParser();

lib/src/main/java/com/auth0/jwt/JWTVerifier.java

Lines changed: 14 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -7,12 +7,13 @@
77
import com.auth0.jwt.exceptions.SignatureVerificationException;
88
import com.auth0.jwt.impl.PublicClaims;
99
import com.auth0.jwt.interfaces.Claim;
10+
import com.auth0.jwt.interfaces.DecodedJWT;
1011
import org.apache.commons.codec.binary.Base64;
1112

1213
import java.util.*;
1314

1415
/**
15-
* The JWTVerifier class holds the verify method to assert that a given Token has not only a proper JWT format, but also it's signature matches.
16+
* The JWTVerifier class holds the verify method to assert that a given Token has not only a proper DecodedJWT format, but also it's signature matches.
1617
*/
1718
@SuppressWarnings("WeakerAccess")
1819
public final class JWTVerifier {
@@ -29,7 +30,7 @@ public final class JWTVerifier {
2930
/**
3031
* Initialize a JWTVerifier instance using the given Algorithm.
3132
*
32-
* @param algorithm the Algorithm to use on the JWT verification.
33+
* @param algorithm the Algorithm to use on the DecodedJWT verification.
3334
* @return a JWTVerifier.Verification instance to configure.
3435
* @throws IllegalArgumentException if the provided algorithm is null.
3536
*/
@@ -38,7 +39,7 @@ static JWTVerifier.Verification init(Algorithm algorithm) throws IllegalArgument
3839
}
3940

4041
/**
41-
* The Verification class holds the Claims required by a JWT to be valid.
42+
* The Verification class holds the Claims required by a DecodedJWT to be valid.
4243
*/
4344
public static class Verification {
4445
private final Algorithm algorithm;
@@ -153,7 +154,7 @@ public Verification acceptIssuedAt(long leeway) throws IllegalArgumentException
153154
}
154155

155156
/**
156-
* Require a specific JWT Id ("jti") claim.
157+
* Require a specific DecodedJWT Id ("jti") claim.
157158
*
158159
* @param jwtId the required Id value
159160
* @return this same Verification instance.
@@ -231,12 +232,12 @@ private void requireClaim(String name, Object value) {
231232
/**
232233
* Perform the verification against the given Token, using any previous configured options.
233234
*
234-
* @param token the String representation of the JWT.
235-
* @return a verified JWT.
236-
* @throws JWTVerificationException if any of the required contents inside the JWT is invalid.
235+
* @param token the String representation of the DecodedJWT.
236+
* @return a verified DecodedJWT.
237+
* @throws JWTVerificationException if any of the required contents inside the DecodedJWT is invalid.
237238
*/
238-
public JWT verify(String token) throws JWTVerificationException {
239-
JWT jwt = new JWT(JWTDecoder.decode(token));
239+
public DecodedJWT verify(String token) throws JWTVerificationException {
240+
DecodedJWT jwt = JWTDecoder.decode(token);
240241
verifyAlgorithm(jwt, algorithm);
241242
verifySignature(TokenUtils.splitToken(token));
242243
verifyClaims(jwt, claims);
@@ -249,16 +250,17 @@ private void verifySignature(String[] parts) throws SignatureVerificationExcepti
249250
algorithm.verify(content, signature);
250251
}
251252

252-
private void verifyAlgorithm(JWT jwt, Algorithm expectedAlgorithm) throws AlgorithmMismatchException {
253+
private void verifyAlgorithm(DecodedJWT jwt, Algorithm expectedAlgorithm) throws AlgorithmMismatchException {
253254
if (!expectedAlgorithm.getName().equals(jwt.getAlgorithm())) {
254-
throw new AlgorithmMismatchException("The provided Algorithm doesn't match the one defined in the JWT's Header.");
255+
throw new AlgorithmMismatchException("The provided Algorithm doesn't match the one defined in the DecodedJWT's Header.");
255256
}
256257
}
257258

258-
private void verifyClaims(JWT jwt, Map<String, Object> claims) {
259+
private void verifyClaims(DecodedJWT jwt, Map<String, Object> claims) {
259260
for (Map.Entry<String, Object> entry : claims.entrySet()) {
260261
switch (entry.getKey()) {
261262
case PublicClaims.AUDIENCE:
263+
//noinspection unchecked
262264
assertValidAudienceClaim(jwt.getAudience(), (List<String>) entry.getValue());
263265
break;
264266
case PublicClaims.EXPIRES_AT:

lib/src/main/java/com/auth0/jwt/algorithms/Algorithm.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -160,7 +160,7 @@ protected Algorithm(String name, String description) {
160160
}
161161

162162
/**
163-
* Getter for the name of this Algorithm, as defined in the JWT Standard. i.e. "HS256"
163+
* Getter for the name of this Algorithm, as defined in the DecodedJWT Standard. i.e. "HS256"
164164
*
165165
* @return the algorithm name.
166166
*/

lib/src/main/java/com/auth0/jwt/impl/HeaderImpl.java renamed to lib/src/main/java/com/auth0/jwt/impl/BasicHeader.java

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -8,19 +8,19 @@
88
import java.util.HashMap;
99
import java.util.Map;
1010

11-
import static com.auth0.jwt.impl.ClaimImpl.extractClaim;
11+
import static com.auth0.jwt.impl.JsonNodeClaim.extractClaim;
1212

1313
/**
14-
* The HeaderImpl class implements the Header interface.
14+
* The BasicHeader class implements the Header interface.
1515
*/
16-
class HeaderImpl implements Header {
16+
class BasicHeader implements Header {
1717
private final String algorithm;
1818
private final String type;
1919
private final String contentType;
2020
private final String keyId;
2121
private final Map<String, JsonNode> tree;
2222

23-
HeaderImpl(String algorithm, String type, String contentType, String keyId, Map<String, JsonNode> tree) {
23+
BasicHeader(String algorithm, String type, String contentType, String keyId, Map<String, JsonNode> tree) {
2424
this.algorithm = algorithm;
2525
this.type = type;
2626
this.contentType = contentType;

lib/src/main/java/com/auth0/jwt/impl/ClaimsHolder.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
import java.util.Map;
55

66
/**
7-
* The ClaimsHolder class is just a wrapper for the Map of Claims.
7+
* The ClaimsHolder class is just a wrapper for the Map of Claims used for building a JWT.
88
*/
99
public final class ClaimsHolder {
1010
private Map<String, Object> claims;

0 commit comments

Comments
 (0)