public static final String |
ALLOW_UNSAFE_KEY_RESOLVER_URL_CONFIG |
"allowUnsafeURL" |
protected static final String |
ALLOW_UNSAFE_KEY_RESOLVER_URL_DOC |
"WARNING: This is for development purpose only and should not be used in production! Allow verification key resolver to use HTTP instead of HTTPS." |
public static final String |
AUDIENCE_CONFIG |
"audience" |
protected static final String |
AUDIENCE_DOC |
"Identifies the recipients a token is intended for. If configured, tokens must have an entry matching this value in their aud claim. By default tokens with an audience claim present will be rejected." |
public static final String |
CONFIG_PREFIX |
"authenticator.jwt." |
public static final String |
HTTPS_JWKS |
"https" |
public static final String |
ISSUER_CONFIG |
"issuer" |
protected static final String |
ISSUER_DOC |
"JWT Authentication token issuer." |
public static final String |
JKU_JWKS |
"jku" |
public static final String |
JKU_KEY_RESOLVER_WHITELIST_CONFIG |
"jkuDomainWhiteList" |
protected static final String |
JKU_KEY_RESOLVER_WHITELIST_DOC |
"List of acceptable token provider domains. Domains may be absolute such as auth.myprovider.com, or relative such as .myprovider.com" |
public static final String |
JWKS_LOCATION_CONFIG |
"jwksLocation" |
public static final String |
JWKS_PEMFILE |
"pemfile" |
public static final String |
KEY_RESOLVER_CONFIG |
"verificationKeyResolver" |
protected static final String |
KEY_RESOLVER_DOC |
"" |
public static final String |
VERIFICATION_KEY_REFRESH_INTERVAL_MS_CONFIG |
"verificationKeyRefreshInterval" |
protected static final String |
VERIFICATION_KEY_REFRESH_INTERVAL_MS_DOC |
"Frequency with which to update the key cache. This is only applicable for the https key resolver" |