Module org.elasticsearch.security
Class JwtStringClaimValidator
java.lang.Object
org.elasticsearch.xpack.security.authc.jwt.JwtStringClaimValidator
- All Implemented Interfaces:
JwtFieldValidator
Validates a specific string claim form a
JWTClaimsSet against both a list of explicit values and a list of Lucene patterns.
The validation is successful if the claim's value matches any of the allowed values or patterns from the lists.
The JWTClaimsSet claim value can either be a single string or an array of strings.
The JwtStringClaimValidator can be configured to only accept a single string claim value
(and reject string array claims) when the singleValuedClaim field is set to true.
When it is an array of string, the validation is successful when ANY array element matches ANY of the allowed values or patterns
(and singleValuedClaim field is false).-
Field Summary
Fields -
Constructor Summary
ConstructorsConstructorDescriptionJwtStringClaimValidator(String claimName, boolean singleValuedClaim, Collection<String> allowedClaimValues, Collection<String> allowedClaimValuePatterns) JwtStringClaimValidator(String claimName, boolean singleValuedClaim, Map<String, String> fallbackClaimNames, Collection<String> allowedClaimValues, Collection<String> allowedClaimValuePatterns) -
Method Summary
Modifier and TypeMethodDescriptionvoidvalidate(com.nimbusds.jose.JWSHeader jwsHeader, com.nimbusds.jwt.JWTClaimsSet jwtClaimsSet) Validate the given header and claims.
-
Field Details
-
ALLOW_ALL_SUBJECTS
-
-
Constructor Details
-
JwtStringClaimValidator
public JwtStringClaimValidator(String claimName, boolean singleValuedClaim, Collection<String> allowedClaimValues, Collection<String> allowedClaimValuePatterns) -
JwtStringClaimValidator
public JwtStringClaimValidator(String claimName, boolean singleValuedClaim, Map<String, String> fallbackClaimNames, Collection<String> allowedClaimValues, Collection<String> allowedClaimValuePatterns)
-
-
Method Details
-
validate
public void validate(com.nimbusds.jose.JWSHeader jwsHeader, com.nimbusds.jwt.JWTClaimsSet jwtClaimsSet) Description copied from interface:JwtFieldValidatorValidate the given header and claims. Throw exception if the validation fails.- Specified by:
validatein interfaceJwtFieldValidator- Parameters:
jwsHeader- The header section of a JWTjwtClaimsSet- The claims set section of a JWT
-