5.5. JWTValidator

class eprosima::is::sh::websocket::JwtValidator

Class that validates the received JSON Web Token according to the VerificationPolicy specified on the configuration file.

Public Functions

void verify(const std::string &token)

Verifies the token.

Parameters

  • [in] token: String containing the JSON Web Token.

Exceptions

  • VerificationError:

void add_verification_policy(const VerificationPolicy &policy)

Adds a policy to resolve the verification strategy to use.

The VerificationPolicy should set the VerificationStrategy and returns true if it is able to provide a strategy. If there are multiple policies that can process a token, the 1st policy that matches is used. VerificationPolicyFactory contains some simple predefined policies.

Remark

The idea is that JwtValidator should support verifying in multiple use cases. For example, choosing a secret based on the issuer or other claims and any custom strategy as required. There is no way to open up such flexibility from within the class so the conclusion is to have a handler that the consumer supplies to choose the verification method.

Parameters

  • [in] policy: The policy to be added.

class eprosima::is::sh::websocket::VerificationPolicy

Class containing all the relevant information about the verification policy, which includes the public key or the secret key used for generating the token.

Public Types

using Rule = std::pair<std::string, std::string>

Rule signature.

Public Functions

VerificationPolicy(std::vector<Rule> rules, std::vector<Rule> header_rules, std::string secret_or_pubkey)

Constructor.

const std::string &secret_or_pubkey() const

Retrieves the public key or secret.

class ServerConfig

Loads from the YAML configuration file the authentication policy that will be used by the JwtValidator.