Package akka.javasdk.annotations

Annotation Interface JWT.StaticClaim

Enclosing class:

JWT

public static @interface JWT.StaticClaim

A static claim is a claim that is required to be present on the token, and have a particular value. This can be used to ensure that the token has a particular role, for example.

If the claim is not present, or does not have the expected value, then the request will be rejected with a 403 Forbidden response.

If the claim is present, but does not have the expected value, then the request will be rejected with a 403 Forbidden response.

If the claim is present, and has the expected value, then the request will be allowed to proceed. Each static claim can be configured either with a 'value' or a 'pattern' that will be matched against the value of the claim, but not both.

Required Element Summary

Required Elements

Modifier and Type	Required Element	Description
String	claim	The claim name needs to be a hardcoded literal (e.g.

Optional Element Summary

Optional Elements

Modifier and Type	Optional Element	Description
String	pattern	This receives a regex expression (Java flavor) used to match on the incoming claim value.
String[]	values	The value can be set as: a hardcoded literal (e.g.

Element Details

claim

String claim

The claim name needs to be a hardcoded literal (e.g. "role")

values

String[] values

The value can be set as: a hardcoded literal (e.g. "admin"), an ENV variable (e.g "${ENV_VAR}") or a combination of both (e.g. "${ENV_VAR}-admin"). When declaring multiple values, ALL of those will be required when validating the claim.

Default:

{}

pattern

String pattern

This receives a regex expression (Java flavor) used to match on the incoming claim value. Cannot be used in conjunction with value field above. It's one or the other.

NOTE: when signing, a static claim defined with a pattern will not be included in the token.

Usage examples:

• claim value is not empty: "\\S+"
• claim value has one of 2 possible values: "^(admin|manager)$"

Default:

""