Package io.helidon.microprofile.jwt.auth
Class JwtAuthProvider.Builder
java.lang.Object
io.helidon.microprofile.jwt.auth.JwtAuthProvider.Builder
- All Implemented Interfaces:
Builder<JwtAuthProvider.Builder,
,JwtAuthProvider> Supplier<JwtAuthProvider>
- Enclosing class:
- JwtAuthProvider
public static class JwtAuthProvider.Builder
extends Object
implements Builder<JwtAuthProvider.Builder,JwtAuthProvider>
Fluent API builder for
JwtAuthProvider
.-
Method Summary
Modifier and TypeMethodDescriptionaddExpectedAudience
(String audience) Add an audience expected in inbound JWTs.allowImpersonation
(boolean allowImpersonation) Whether to allow impersonation by explicitly overriding username from outbound requests usingEndpointConfig.PROPERTY_OUTBOUND_ID
property.atnTokenHandler
(TokenHandler tokenHandler) Token handler to extract username from request.authenticate
(boolean authenticate) Whether to authenticate requests.build()
Build the instance from this builder.Load this builder from a configuration.cookieProperty
(String cookieProperty) Specific cookie property name where we should search for JWT property.decryptKeyLocation
(String decryptKeyLocation) Private key to decryption of encrypted claims.defaultJwk
(Jwk defaultJwk) Default JWK which should be used.defaultKeyId
(String defaultKeyId) Default JWT key ID which should be used.expectedAudience
(String audience) Deprecated, for removal: This API element is subject to removal in a future version.expectedAudiences
(Collection<String> audiences) Replace expected audiences with the content of the provided collection.expectedIssuer
(String issuer) Expected issuer in incoming requests.Issuer used to create new JWTs.loadOnStartup
(boolean loadOnStartup) Whether to load JWK verification keys on server startup Default value isfalse
.optional
(boolean optional) Whether authentication is required.outboundConfig
(OutboundConfig config) Configuration of outbound rules.propagate
(boolean propagate) Whether to propagate identity.String representation of the public key.publicKeyPath
(String publicKeyPath) Path to public key.JWK resource used to sign JWTs created by us.subjectType
(SubjectType subjectType) Principal type this provider extracts (and also propagates).JWK resource used to verify JWTs created by other parties.
-
Method Details
-
build
Description copied from interface:Builder
Build the instance from this builder.- Specified by:
build
in interfaceBuilder<JwtAuthProvider.Builder,
JwtAuthProvider> - Returns:
- instance of the built type
-
propagate
Whether to propagate identity.- Parameters:
propagate
- whether to propagate identity (true) or not (false)- Returns:
- updated builder instance
-
authenticate
Whether to authenticate requests.- Parameters:
authenticate
- whether to authenticate (true) or not (false)- Returns:
- updated builder instance
-
allowImpersonation
Whether to allow impersonation by explicitly overriding username from outbound requests usingEndpointConfig.PROPERTY_OUTBOUND_ID
property. By default this is not allowed and identity can only be propagated.- Parameters:
allowImpersonation
- set to true to allow impersonation- Returns:
- updated builder instance
-
subjectType
Principal type this provider extracts (and also propagates).- Parameters:
subjectType
- type of principal- Returns:
- updated builder instance
-
atnTokenHandler
Token handler to extract username from request.- Parameters:
tokenHandler
- token handler instance- Returns:
- updated builder instance
-
optional
Whether authentication is required. By default, request will fail if the username cannot be extracted. If set to false, request will process and this provider will abstain.- Parameters:
optional
- whether authentication is optional (true) or required (false)- Returns:
- updated builder instance
-
outboundConfig
Configuration of outbound rules.- Parameters:
config
- outbound configuration, each target may contain custom objectJwtAuthProvider.JwtOutboundTarget
to add our configuration.- Returns:
- updated builder instance
-
signJwk
JWK resource used to sign JWTs created by us.- Parameters:
signJwkResource
- resource pointing to a JSON with keys- Returns:
- updated builder instance
-
verifyJwk
JWK resource used to verify JWTs created by other parties.- Parameters:
verifyJwkResource
- resource pointing to a JSON with keys- Returns:
- updated builder instance
-
issuer
Issuer used to create new JWTs.- Parameters:
issuer
- issuer to add to the issuer claim- Returns:
- updated builder instance
-
publicKey
String representation of the public key.- Parameters:
publicKey
- String representation- Returns:
- updated builder instance
-
publicKeyPath
Path to public key.- Parameters:
publicKeyPath
- Public key path- Returns:
- updated builder instance
-
defaultJwk
Default JWK which should be used.- Parameters:
defaultJwk
- Default JWK- Returns:
- updated builder instance
-
defaultKeyId
Default JWT key ID which should be used.- Parameters:
defaultKeyId
- Default JWT key ID- Returns:
- updated builder instance
-
config
Load this builder from a configuration.- Parameters:
config
- configuration to load from- Returns:
- updated builder instance
-
jwtHeader
- Parameters:
header
- header name which should be used- Returns:
- updated builder instance
-
cookieProperty
Specific cookie property name where we should search for JWT property.- Parameters:
cookieProperty
- cookie property name- Returns:
- updated builder instance
-
expectedIssuer
Expected issuer in incoming requests.- Parameters:
issuer
- name of issuer- Returns:
- updated builder instance
-
expectedAudience
@Deprecated(forRemoval=true, since="2.4.0") public JwtAuthProvider.Builder expectedAudience(String audience) Deprecated, for removal: This API element is subject to removal in a future version.useaddExpectedAudience(String)
insteadAudience expected in inbound JWTs.- Parameters:
audience
- audience string- Returns:
- updated builder instance
-
addExpectedAudience
Add an audience expected in inbound JWTs.- Parameters:
audience
- audience string- Returns:
- updated builder instance
-
expectedAudiences
Replace expected audiences with the content of the provided collection.- Parameters:
audiences
- expected audiences to use- Returns:
- updated builder instance
-
decryptKeyLocation
Private key to decryption of encrypted claims.- Parameters:
decryptKeyLocation
- private key location- Returns:
- updated builder instance
-
loadOnStartup
Whether to load JWK verification keys on server startup Default value isfalse
.- Parameters:
loadOnStartup
- load verification keys on server startup- Returns:
- updated builder instance
-
addExpectedAudience(String)
instead