Package org.apache.syncope.core.spring.security

Interface JWTSSOProvider

All Superinterfaces:

com.nimbusds.jose.jca.JCAAware<com.nimbusds.jose.jca.JCAContext>, com.nimbusds.jose.JOSEProvider, com.nimbusds.jose.JWSProvider, com.nimbusds.jose.JWSVerifier

All Known Implementing Classes:

CustomJWTSSOProvider, MSEntraJWTSSOProvider, SyncopeJWTSSOProvider

public interface JWTSSOProvider
extends com.nimbusds.jose.JWSVerifier

Enables a generic mechanism for JWT validation and subject resolution which allows to plug in implementations recognizing JWT produced by third parties.

Method Summary

Modifier and Type	Method	Description
String	getIssuer()	Gives the identifier for the JWT issuer verified by this instance.
Pair<User,Set<SyncopeGrantedAuthority>>	resolve(com.nimbusds.jwt.JWTClaimsSet jwtClaims)	Attempts to resolve the given JWT claims into internal User and authorities.

Methods inherited from interface com.nimbusds.jose.jca.JCAAware

getJCAContext

Methods inherited from interface com.nimbusds.jose.JWSProvider

supportedJWSAlgorithms

Methods inherited from interface com.nimbusds.jose.JWSVerifier

verify

Method Details

getIssuer

String getIssuer()

Gives the identifier for the JWT issuer verified by this instance.

Returns:

identifier for the JWT issuer verified by this instance

resolve

Pair<User,Set<SyncopeGrantedAuthority>> resolve(com.nimbusds.jwt.JWTClaimsSet jwtClaims)

Attempts to resolve the given JWT claims into internal User and authorities. IMPORTANT: this is not invoked for the admin super-user.

Parameters:

jwtClaims - JWT claims

Returns:

internal User, with authorities, matching the provided JWT claims, if found; otherwise null