Module org.elasticsearch.security
Class JwtAuthenticationToken
java.lang.Object
org.elasticsearch.xpack.security.authc.jwt.JwtAuthenticationToken
- All Implemented Interfaces:
AuthenticationToken
An
AuthenticationToken to hold JWT authentication related content.-
Constructor Summary
ConstructorsConstructorDescriptionJwtAuthenticationToken(com.nimbusds.jwt.SignedJWT signedJWT, byte[] userCredentialsHash, SecureString clientAuthenticationSharedSecret) Store a mandatory JWT and optional Shared Secret. -
Method Summary
Modifier and TypeMethodDescriptionvoidcom.nimbusds.jwt.JWTClaimsSetcom.nimbusds.jwt.SignedJWTbyte[]toString()static JwtAuthenticationTokentryParseJwt(SecureString userCredentials, SecureString clientCredentials)
-
Constructor Details
-
JwtAuthenticationToken
public JwtAuthenticationToken(com.nimbusds.jwt.SignedJWT signedJWT, byte[] userCredentialsHash, @Nullable SecureString clientAuthenticationSharedSecret) Store a mandatory JWT and optional Shared Secret.- Parameters:
signedJWT- The JWT parsed from the end-user credentialsuserCredentialsHash- The hash of the end-user credentials is used to compute the key for user cache at the realm level. See alsoJwtRealm#authenticate.clientAuthenticationSharedSecret- URL-safe Shared Secret for Client authentication. Required by some JWT realms.
-
-
Method Details
-
tryParseJwt
public static JwtAuthenticationToken tryParseJwt(SecureString userCredentials, @Nullable SecureString clientCredentials) -
principal
- Specified by:
principalin interfaceAuthenticationToken
-
credentials
- Specified by:
credentialsin interfaceAuthenticationToken
-
getSignedJWT
public com.nimbusds.jwt.SignedJWT getSignedJWT() -
getJWTClaimsSet
public com.nimbusds.jwt.JWTClaimsSet getJWTClaimsSet() -
getUserCredentialsHash
public byte[] getUserCredentialsHash() -
clearCredentials
public void clearCredentials()- Specified by:
clearCredentialsin interfaceAuthenticationToken
-
toString
-