KnoxService (nifi-web-security 1.20.0 API)

java.lang.Object
- org.apache.nifi.web.security.knox.KnoxService

```
public class KnoxService
extends Object
```
KnoxService is a service for managing the Apache Knox SSO.

Field Summary

Fields
Modifier and Type	Field and Description
`private Set<String>`	`audiences`
`private KnoxConfiguration`	`configuration`
`private String`	`knoxUrl`
`private static org.slf4j.Logger`	`logger`
`private com.nimbusds.jose.JWSVerifier`	`verifier`

Constructor Summary

Constructors
Constructor and Description

KnoxService(KnoxConfiguration configuration)
Creates a new KnoxService.

Constructors
Constructor and Description
`KnoxService(KnoxConfiguration configuration)` Creates a new KnoxService.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`String`	`getAuthenticationFromToken(String jwt)` Extracts the authentication from the token and verify it.
`String`	`getKnoxUrl()` Returns the Knox Url.
`boolean`	`isKnoxEnabled()` Returns whether Knox support is enabled.
`private boolean`	`validateAudience(com.nimbusds.jwt.SignedJWT jwtToken)` Validate the jwt audience.
`private boolean`	`validateExpiration(com.nimbusds.jwt.SignedJWT jwtToken)` Validate the jwt expiration.
`private boolean`	`validateSignature(com.nimbusds.jwt.SignedJWT jwtToken)` Validate the jwt signature.
`private boolean`	`validateToken(com.nimbusds.jwt.SignedJWT jwtToken)` Validate the specified jwt.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - logger
```
private static final org.slf4j.Logger logger
```
  - configuration
```
private KnoxConfiguration configuration
```
  - verifier
```
private com.nimbusds.jose.JWSVerifier verifier
```
  - knoxUrl
```
private String knoxUrl
```
  - audiences
```
private Set<String> audiences
```
- Constructor Detail
  - KnoxService
```
public KnoxService(KnoxConfiguration configuration)
```
    Creates a new KnoxService.
    
    Parameters:
    
    configuration - knox configuration
- Method Detail
  - isKnoxEnabled
```
public boolean isKnoxEnabled()
```
    Returns whether Knox support is enabled.
    
    Returns:
    
    whether Knox support is enabled
  - getKnoxUrl
```
public String getKnoxUrl()
```
    Returns the Knox Url.
    
    Returns:
    
    knox url
  - getAuthenticationFromToken
```
public String getAuthenticationFromToken(String jwt)
                                  throws ParseException,
                                         com.nimbusds.jose.JOSEException
```
    Extracts the authentication from the token and verify it.
    
    Parameters:
    
    jwt - signed jwt string
    
    Returns:
    
    the user authentication
    
    Throws:
    
    ParseException - if the payload of the jwt doesn't represent a valid json object and a jwt claims set
    
    com.nimbusds.jose.JOSEException - if the JWS object couldn't be verified
  - validateToken
```
private boolean validateToken(com.nimbusds.jwt.SignedJWT jwtToken)
                       throws com.nimbusds.jose.JOSEException,
                              ParseException
```
    Validate the specified jwt.
    
    Parameters:
    
    jwtToken - knox jwt
    
    Returns:
    
    whether this jwt is valid
    
    Throws:
    
    com.nimbusds.jose.JOSEException - if the jws object couldn't be verified
    
    ParseException - if the payload of the jwt doesn't represent a valid json object and a jwt claims set
  - validateSignature
```
private boolean validateSignature(com.nimbusds.jwt.SignedJWT jwtToken)
                           throws com.nimbusds.jose.JOSEException
```
    Validate the jwt signature.
    
    Parameters:
    
    jwtToken - knox jwt
    
    Returns:
    
    whether this jwt signature is valid
    
    Throws:
    
    com.nimbusds.jose.JOSEException - if the jws object couldn't be verified
  - validateAudience
```
private boolean validateAudience(com.nimbusds.jwt.SignedJWT jwtToken)
                          throws ParseException
```
    Validate the jwt audience.
    
    Parameters:
    
    jwtToken - knox jwt
    
    Returns:
    
    whether this jwt audience is valid
    
    Throws:
    
    ParseException - if the payload of the jwt doesn't represent a valid json object and a jwt claims set
  - validateExpiration
```
private boolean validateExpiration(com.nimbusds.jwt.SignedJWT jwtToken)
                            throws ParseException
```
    Validate the jwt expiration.
    
    Parameters:
    
    jwtToken - knox jwt
    
    Returns:
    
    whether this jwt is not expired
    
    Throws:
    
    ParseException - if the payload of the jwt doesn't represent a valid json object and a jwt claims set

Class KnoxService

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

logger

configuration

verifier

knoxUrl

audiences

Constructor Detail

KnoxService

Method Detail

isKnoxEnabled

getKnoxUrl

getAuthenticationFromToken

validateToken

validateSignature

validateAudience

validateExpiration