Package tech.lastbox.jwt

Class JwtService

java.lang.Object
tech.lastbox.jwt.JwtService
public class JwtService extends Object
Service class responsible for managing JWT creation, validation, and revocation. It generates JWTs, validates them, and can revoke existing tokens.

  • Constructor Details

    • JwtService

      public JwtService(JwtConfig jwtConfig)
      Constructs a new JwtService instance with the provided configuration.
      Parameters:
      jwtConfig - the JWT configuration object containing algorithm, secret key, issuers, and expiration settings

  • Method Details

    • generateToken

      @Transactional public Token generateToken(String subject, String issuer, List<String> scope)
      Generates a JWT for the specified subject with a given issuer and scope.

      The token includes claims for expiration, issued time, issuer, and scope. It is saved in the configured token store if available.

      Parameters:
      subject - the subject (e.g., user identifier) for whom the token is generated
      issuer - the trusted issuer of the token
      scope - the list of permissions or roles associated with the token
      Returns:
      a Token object containing the generated token and its metadata
      Throws:
      tech.lastbox.jwt.TokenCreationException - if the subject, issuer, or scope is invalid

    • generateToken

      @Transactional public Token generateToken(String subject, String issuer)
      Generates a JWT for the specified subject with a given issuer.

      The token includes claims for expiration, issued time, issuer, without scope. It is saved in the configured token store if available.

      Parameters:
      subject - the subject (e.g., user identifier) for whom the token is generated
      issuer - the trusted issuer of the token
      Returns:
      a Token object containing the generated token and its metadata
      Throws:
      tech.lastbox.jwt.TokenCreationException - if the subject, issuer, or scope is invalid

    • revokeToken

      @Transactional public void revokeToken(String token)
      Revokes the specified token, marking it as invalid in the token store.

      If the token does not exist in the store or the store is not configured, an exception is thrown.

      Parameters:
      token - the token to revoke
      Throws:
      tech.lastbox.jwt.TokenRevocationException - if the token cannot be revoked or is not found

    • validateToken

      public TokenValidation validateToken(String token)
      Retrieves and validates a token either from the token store or by decoding it directly.

      If a token store is configured, the token is fetched and validated from the store. Otherwise, the token is decoded and validated using the configured algorithm and issuer list.

      Parameters:
      token - the token to retrieve and validate
      Returns:
      an Optional containing the valid Token, or an empty Optional if invalid or not found

    • getToken

      public Optional<Token> getToken(String token)
      Retrieves and validates a token from the token store or decodes it if the store is not available.

      If the token is found in the store and is valid, it is returned as a Token. If not found or invalid, an empty Optional is returned. If the token store is not available, the token is decoded and validated using the configured algorithm and issuer.

      Parameters:
      token - The token to retrieve and validate.
      Returns:
      An Optional containing the valid Token, or an empty Optional if invalid or not found.