Package org.atmosphere.auth

Interface TokenValidator

Functional Interface:

This is a functional interface and can therefore be used as the assignment target for a lambda expression or method reference.

@FunctionalInterface
public interface TokenValidator

SPI for validating authentication tokens on Atmosphere connections. Implementations are responsible for verifying tokens (JWT, opaque, session-based, etc.) and returning structured results that the AuthInterceptor uses to allow, deny, or trigger refresh flows.

Usage

 framework.interceptor(new AuthInterceptor(token -> {
     var claims = myJwtLib.verify(token);
     return new TokenValidator.Valid(claims.getSubject(), claims);
 }));
 

Since:

4.0

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static final record	TokenValidator.Expired	The token has expired but was otherwise valid.
static final record	TokenValidator.Invalid	The token is invalid (bad signature, malformed, revoked, etc.).
static interface	TokenValidator.Result	The result of token validation.
static final record	TokenValidator.Valid	The token is valid.

Method Summary

Modifier and Type	Method	Description
TokenValidator.Result	validate(String token)	Validate the given token string.

Method Details

validate

TokenValidator.Result validate(String token)

Validate the given token string.

Parameters:

token - the raw token extracted from the request (header or query param)

Returns:

a TokenValidator.Result indicating the outcome