Package io.jenkins.blueocean.auth.jwt
Class JwtAuthenticationService
- java.lang.Object
-
- io.jenkins.blueocean.auth.jwt.JwtAuthenticationService
-
- All Implemented Interfaces:
ExtensionPoint
,Action
,ModelObject
,RootAction
,UnprotectedRootAction
- Direct Known Subclasses:
JwtAuthenticationServiceImpl
public abstract class JwtAuthenticationService extends Object implements UnprotectedRootAction, ExtensionPoint
JWT endpoint resource. Provides functionality to get JWT token and also provides JWK endpoint to get public key using keyId.- Author:
- Vivek Pandey
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface hudson.ExtensionPoint
ExtensionPoint.LegacyInstancesAreScopedToHudson
-
-
Constructor Summary
Constructors Constructor Description JwtAuthenticationService()
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description SigningPublicKey
getJwks(String keyId)
Binds Json web key to the URL space.abstract net.sf.json.JSONObject
getJwkSet()
Binds Json web keys to the URL space.abstract JwtToken
getToken(Integer expiryTimeInMins, Integer maxExpiryTimeInMins)
Gives JWT token for authenticated user.String
getUrlName()
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface hudson.model.Action
getDisplayName, getIconFileName
-
-
-
-
Method Detail
-
getUrlName
public String getUrlName()
- Specified by:
getUrlName
in interfaceAction
-
getToken
@GET @WebMethod(name="token") public abstract JwtToken getToken(@Nullable @QueryParameter("expiryTimeInMins") Integer expiryTimeInMins, @Nullable @QueryParameter("maxExpiryTimeInMins") Integer maxExpiryTimeInMins)
Gives JWT token for authenticated user. See https://tools.ietf.org/html/rfc7519.- Parameters:
expiryTimeInMins
- token expiry time. Default 30 min.maxExpiryTimeInMins
- max token expiry time. Default expiry time is 8 hours (480 mins)- Returns:
- JWT if there is authenticated user or if anonymous user has at least READ permission, otherwise 401 error code is returned
-
getJwks
@GET public SigningPublicKey getJwks(String keyId)
Binds Json web key to the URL space.- Parameters:
keyId
- keyId of the key- Returns:
- JWK response
- See Also:
- the spec
-
getJwkSet
@GET @WebMethod(name="jwk-set") public abstract net.sf.json.JSONObject getJwkSet()
Binds Json web keys to the URL space.- Returns:
- a JWKS
- See Also:
- the JWK Set Format spec
-
-