Skip to content

Latest commit

 

History

History
92 lines (65 loc) · 2.57 KB

README.md

File metadata and controls

92 lines (65 loc) · 2.57 KB

zerodep-web-push-java-ext-jwt-auth0

Provides an implementation for com.zerodeplibs.webpush.jwt.VAPIDJWTGenerator utilizing Java JWT - auth0.

Requirements

The version of com.auth0:java-jwt must be 3.17.0 or higher(the latest version is recommended).

Usage

pom.xml

You can use this sub-module by adding the dependency to your pom.xml.

<dependency>
    <groupId>com.zerodeplibs</groupId>
    <artifactId>zerodep-web-push-java</artifactId>
    <version>2.1.2</version>
</dependency>
<dependency>
    <groupId>com.zerodeplibs</groupId>
    <artifactId>zerodep-web-push-java-ext-jwt-auth0</artifactId>
    <version>2.1.2</version>
    <scope>runtime</scope>
</dependency>

java

By calling com.zerodeplibs.webpush.VAPIDKeyPairs#of(PrivateKeySource, PublicKeySource), the implementation class provided by this sub-module is loaded automatically.

VAPIDKeyPairs.of(
    PrivateKeySources.of..... ,
    PublicKeySources.of.......
);

Limitations

When creating a JWT by calling VAPIDJWTGenerator#generate, the claims in the token's payload are specified by the given com.zerodeplibs.webpush.jwt.VAPIDJWTParam object.

Also, by using VAPIDJWTParam.getBuilder#additionalClaim, you can specify arbitrary claims like the following.

VAPIDJWTParam param = VAPIDJWTParam.getBuilder()
    .resourceURLString("https://example.com")
    .expiresAfter(60, TimeUnit.SECONDS)
    .subject("mailto:test@example.com")
    .additionalClaim("myArbitraryClaim", "valueOfTheClaim") // Specifys an arbitrary claim.
    .build();

// This method internally calls VAPIDJWTGenerator#generate.
String value = vapidKeyPair.generateAuthorizationHeaderValue(param); 
.....

The underlying Auth0's library can support only Map, List, Boolean, Integer, Long, Double, String and Date as a type of claim.

So the following example doesn't work.

VAPIDJWTParam param = VAPIDJWTParam.getBuilder()
    .resourceURLString("https://example.com")
    .expiresAfter(60, TimeUnit.SECONDS)
    .subject("mailto:test@example.com")
    .additionalClaim("myArbitraryClaim", new MyClaim("...."))
    .build();

// This method internally calls VAPIDJWTGenerator#generate.
String value = vapidKeyPair.generateAuthorizationHeaderValue(param);// An exception will be thrown.

For more information, please consult the javadoc of com.auth0.jwt.JWTCreator.Builder#withPayload(java.util.Map<String, ?>).

MISC

Thread-safety

The implementations of this sub-module are thread-safe.