JwtProvider.Builder (Helidon 1.1.2 API)

java.lang.Object
- io.helidon.security.providers.jwt.JwtProvider.Builder

All Implemented Interfaces:

Builder<JwtProvider>, Supplier<JwtProvider>

Enclosing class:

JwtProvider
```
public static final class JwtProvider.Builder
extends Object
implements Builder<JwtProvider>
```
Fluent API builder for JwtProvider.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`JwtProvider.Builder`	`allowImpersonation(boolean allowImpersonation)` Whether to allow impersonation by explicitly overriding username from outbound requests using `JwtProvider.EP_PROPERTY_OUTBOUND_USER` property.
`JwtProvider.Builder`	`allowUnsigned(boolean allowUnsigned)` Configure support for unsigned JWT.
`JwtProvider.Builder`	`atnTokenHandler(TokenHandler tokenHandler)` Token handler to extract username from request.
`JwtProvider.Builder`	`authenticate(boolean authenticate)` Whether to authenticate requests.
`JwtProvider`	`build()` Build the instance from this builder.
`JwtProvider.Builder`	`config(Config config)` Load this builder from a configuration.
`void`	`expectedAudience(String audience)` Audience expected in inbound JWTs.
`JwtProvider.Builder`	`issuer(String issuer)` Issuer used to create new JWTs.
`JwtProvider.Builder`	`optional(boolean optional)` Whether authentication is required.
`JwtProvider.Builder`	`outboundConfig(OutboundConfig config)` Configuration of outbound rules.
`JwtProvider.Builder`	`propagate(boolean propagate)` Whether to propagate identity.
`JwtProvider.Builder`	`signJwk(Resource signJwkResource)` JWK resource used to sign JWTs created by us.
`JwtProvider.Builder`	`subjectType(SubjectType subjectType)` Principal type this provider extracts (and also propagates).
`JwtProvider.Builder`	`verifyJwk(Resource verifyJwkResource)` JWK resource used to verify JWTs created by other parties.
`JwtProvider.Builder`	`verifySignature(boolean shouldValidate)` Configure whether to verify signatures.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface io.helidon.common.Builder
get

- Method Detail
  - build
```
public JwtProvider build()
```
    Description copied from interface: Builder
    
    Build the instance from this builder.
    
    Specified by:
    
    build in interface Builder<JwtProvider>
    
    Returns:
    
    instance of the built type
  - propagate
```
public JwtProvider.Builder propagate(boolean propagate)
```
    Whether to propagate identity.
    
    Parameters:
    
    propagate - whether to propagate identity (true) or not (false)
    
    Returns:
    
    updated builder instance
  - authenticate
```
public JwtProvider.Builder authenticate(boolean authenticate)
```
    Whether to authenticate requests.
    
    Parameters:
    
    authenticate - whether to authenticate (true) or not (false)
    
    Returns:
    
    updated builder instance
  - allowImpersonation
```
public JwtProvider.Builder allowImpersonation(boolean allowImpersonation)
```
    Whether to allow impersonation by explicitly overriding username from outbound requests using JwtProvider.EP_PROPERTY_OUTBOUND_USER property. By default this is not allowed and identity can only be propagated.
    
    Parameters:
    
    allowImpersonation - set to true to allow impersonation
    
    Returns:
    
    updated builder instance
  - allowUnsigned
```
public JwtProvider.Builder allowUnsigned(boolean allowUnsigned)
```
    Configure support for unsigned JWT. If this is set to true any JWT that has algorithm set to none and no kid defined will be accepted. Note that this has serious security impact - if JWT can be sent from a third party, this allows the third party to send ANY JWT and it would be accpted as valid.
    
    Parameters:
    
    allowUnsigned - to allow unsigned (insecure) JWT
    
    Returns:
    
    updated builder insdtance
  - verifySignature
```
public JwtProvider.Builder verifySignature(boolean shouldValidate)
```
    Configure whether to verify signatures. Signatures verification is enabled by default. You can configure the provider not to verify signatures.
    Make sure your service is properly secured on network level and only accessible from a secure endpoint that provides the JWTs when signature verification is disabled. If signature verification is disabled, this service will accept ANY JWT
    
    Parameters:
    
    shouldValidate - set to false to disable validation of JWT signatures
    
    Returns:
    
    updated builder instance
  - subjectType
```
public JwtProvider.Builder subjectType(SubjectType subjectType)
```
    Principal type this provider extracts (and also propagates).
    
    Parameters:
    
    subjectType - type of principal
    
    Returns:
    
    updated builder instance
  - atnTokenHandler
```
public JwtProvider.Builder atnTokenHandler(TokenHandler tokenHandler)
```
    Token handler to extract username from request.
    
    Parameters:
    
    tokenHandler - token handler instance
    
    Returns:
    
    updated builder instance
  - optional
```
public JwtProvider.Builder optional(boolean optional)
```
    Whether authentication is required. By default, request will fail if the username cannot be extracted. If set to false, request will process and this provider will abstain.
    
    Parameters:
    
    optional - whether authentication is optional (true) or required (false)
    
    Returns:
    
    updated builder instance
  - outboundConfig
```
public JwtProvider.Builder outboundConfig(OutboundConfig config)
```
    Configuration of outbound rules.
    
    Parameters:
    
    config - outbound configuration, each target may contain custom object JwtProvider.JwtOutboundTarget to add our configuration.
    
    Returns:
    
    updated builder instance
  - signJwk
```
public JwtProvider.Builder signJwk(Resource signJwkResource)
```
    JWK resource used to sign JWTs created by us.
    
    Parameters:
    
    signJwkResource - resource pointing to a JSON with keys
    
    Returns:
    
    updated builder instance
  - verifyJwk
```
public JwtProvider.Builder verifyJwk(Resource verifyJwkResource)
```
    JWK resource used to verify JWTs created by other parties.
    
    Parameters:
    
    verifyJwkResource - resource pointing to a JSON with keys
    
    Returns:
    
    updated builder instance
  - issuer
```
public JwtProvider.Builder issuer(String issuer)
```
    Issuer used to create new JWTs.
    
    Parameters:
    
    issuer - issuer to add to the issuer claim
    
    Returns:
    
    updated builder instance
  - config
```
public JwtProvider.Builder config(Config config)
```
    Load this builder from a configuration.
    
    Parameters:
    
    config - configuration to load from
    
    Returns:
    
    updated builder instance
  - expectedAudience
```
public void expectedAudience(String audience)
```
    Audience expected in inbound JWTs.
    
    Parameters:
    
    audience - audience string

Class JwtProvider.Builder

Method Summary

Methods inherited from class java.lang.Object

Methods inherited from interface io.helidon.common.Builder

Method Detail

build

propagate

authenticate

allowImpersonation

allowUnsigned

verifySignature

subjectType

atnTokenHandler

optional

outboundConfig

signJwk

verifyJwk

issuer

config

expectedAudience