Package io.envoyproxy.envoy.extensions.filters.http.jwt_authn.v3

Class JwtProvider

java.lang.Object
com.google.protobuf.AbstractMessageLite
com.google.protobuf.AbstractMessage
com.google.protobuf.GeneratedMessageV3
io.envoyproxy.envoy.extensions.filters.http.jwt_authn.v3.JwtProvider
All Implemented Interfaces:
com.google.protobuf.Message, com.google.protobuf.MessageLite, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, JwtProviderOrBuilder, Serializable
public final class JwtProvider extends com.google.protobuf.GeneratedMessageV3 implements JwtProviderOrBuilder
 Please see following for JWT authentication flow:

 * `JSON Web Token (JWT) <https://tools.ietf.org/html/rfc7519>`_
 * `The OAuth 2.0 Authorization Framework <https://tools.ietf.org/html/rfc6749>`_
 * `OpenID Connect <http://openid.net/connect>`_

 A JwtProvider message specifies how a JSON Web Token (JWT) can be verified. It specifies:

 * issuer: the principal that issues the JWT. If specified, it has to match the ``iss`` field in JWT.
 * allowed audiences: the ones in the token have to be listed here.
 * how to fetch public key JWKS to verify the token signature.
 * how to extract the JWT in the request.
 * how to pass successfully verified token payload.

 Example:

 .. code-block:: yaml

     issuer: https://example.com
     audiences:
     - bookstore_android.apps.googleusercontent.com
     - bookstore_web.apps.googleusercontent.com
     remote_jwks:
       http_uri:
         uri: https://example.com/.well-known/jwks.json
         cluster: example_jwks_cluster
         timeout: 1s
       cache_duration:
         seconds: 300

 [#next-free-field: 22]
Protobuf type envoy.extensions.filters.http.jwt_authn.v3.JwtProvider
See Also:

  • Field Details

    • ISSUER_FIELD_NUMBER

      public static final int ISSUER_FIELD_NUMBER
      See Also:

    • AUDIENCES_FIELD_NUMBER

      public static final int AUDIENCES_FIELD_NUMBER
      See Also:

    • SUBJECTS_FIELD_NUMBER

      public static final int SUBJECTS_FIELD_NUMBER
      See Also:

    • REQUIRE_EXPIRATION_FIELD_NUMBER

      public static final int REQUIRE_EXPIRATION_FIELD_NUMBER
      See Also:

    • MAX_LIFETIME_FIELD_NUMBER

      public static final int MAX_LIFETIME_FIELD_NUMBER
      See Also:

    • REMOTE_JWKS_FIELD_NUMBER

      public static final int REMOTE_JWKS_FIELD_NUMBER
      See Also:

    • LOCAL_JWKS_FIELD_NUMBER

      public static final int LOCAL_JWKS_FIELD_NUMBER
      See Also:

    • FORWARD_FIELD_NUMBER

      public static final int FORWARD_FIELD_NUMBER
      See Also:

    • FROM_HEADERS_FIELD_NUMBER

      public static final int FROM_HEADERS_FIELD_NUMBER
      See Also:

    • FROM_PARAMS_FIELD_NUMBER

      public static final int FROM_PARAMS_FIELD_NUMBER
      See Also:

    • FROM_COOKIES_FIELD_NUMBER

      public static final int FROM_COOKIES_FIELD_NUMBER
      See Also:

    • FORWARD_PAYLOAD_HEADER_FIELD_NUMBER

      public static final int FORWARD_PAYLOAD_HEADER_FIELD_NUMBER
      See Also:

    • PAD_FORWARD_PAYLOAD_HEADER_FIELD_NUMBER

      public static final int PAD_FORWARD_PAYLOAD_HEADER_FIELD_NUMBER
      See Also:

    • PAYLOAD_IN_METADATA_FIELD_NUMBER

      public static final int PAYLOAD_IN_METADATA_FIELD_NUMBER
      See Also:

    • NORMALIZE_PAYLOAD_IN_METADATA_FIELD_NUMBER

      public static final int NORMALIZE_PAYLOAD_IN_METADATA_FIELD_NUMBER
      See Also:

    • HEADER_IN_METADATA_FIELD_NUMBER

      public static final int HEADER_IN_METADATA_FIELD_NUMBER
      See Also:

    • FAILED_STATUS_IN_METADATA_FIELD_NUMBER

      public static final int FAILED_STATUS_IN_METADATA_FIELD_NUMBER
      See Also:

    • CLOCK_SKEW_SECONDS_FIELD_NUMBER

      public static final int CLOCK_SKEW_SECONDS_FIELD_NUMBER
      See Also:

    • JWT_CACHE_CONFIG_FIELD_NUMBER

      public static final int JWT_CACHE_CONFIG_FIELD_NUMBER
      See Also:

    • CLAIM_TO_HEADERS_FIELD_NUMBER

      public static final int CLAIM_TO_HEADERS_FIELD_NUMBER
      See Also:

    • CLEAR_ROUTE_CACHE_FIELD_NUMBER

      public static final int CLEAR_ROUTE_CACHE_FIELD_NUMBER
      See Also:

  • Method Details

    • newInstance

      protected Object newInstance(com.google.protobuf.GeneratedMessageV3.UnusedPrivateParameter unused)
      Overrides:
      newInstance in class com.google.protobuf.GeneratedMessageV3

    • getDescriptor

      public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

    • internalGetFieldAccessorTable

      protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
      Specified by:
      internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessageV3

    • getJwksSourceSpecifierCase

      public JwtProvider.JwksSourceSpecifierCase getJwksSourceSpecifierCase()
      Specified by:
      getJwksSourceSpecifierCase in interface JwtProviderOrBuilder

    • getIssuer

      public String getIssuer()
       Specify the `principal <https://tools.ietf.org/html/rfc7519#section-4.1.1>`_ that issued
 the JWT, usually a URL or an email address.

 It is optional. If specified, it has to match the ``iss`` field in JWT,
 otherwise the JWT ``iss`` field is not checked.

 .. note::
     ``JwtRequirement`` :ref:`allow_missing <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtRequirement.allow_missing>`
     and :ref:`allow_missing_or_failed <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtRequirement.allow_missing_or_failed>`
     are implemented differently than other ``JwtRequirements``. Hence the usage of this field
     is different as follows if ``allow_missing`` or ``allow_missing_or_failed`` is used:

     * If a JWT has ``iss`` field, it needs to be specified by this field in one of ``JwtProviders``.
     * If a JWT doesn't have ``iss`` field, one of ``JwtProviders`` should fill this field empty.
     * Multiple ``JwtProviders`` should not have same value in this field.

 Examples:

 * https://securetoken.google.com
 * Example: 1234567-compute@developer.gserviceaccount.com
      string issuer = 1;
      Specified by:
      getIssuer in interface JwtProviderOrBuilder
      Returns:
      The issuer.

    • getIssuerBytes

      public com.google.protobuf.ByteString getIssuerBytes()
       Specify the `principal <https://tools.ietf.org/html/rfc7519#section-4.1.1>`_ that issued
 the JWT, usually a URL or an email address.

 It is optional. If specified, it has to match the ``iss`` field in JWT,
 otherwise the JWT ``iss`` field is not checked.

 .. note::
     ``JwtRequirement`` :ref:`allow_missing <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtRequirement.allow_missing>`
     and :ref:`allow_missing_or_failed <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtRequirement.allow_missing_or_failed>`
     are implemented differently than other ``JwtRequirements``. Hence the usage of this field
     is different as follows if ``allow_missing`` or ``allow_missing_or_failed`` is used:

     * If a JWT has ``iss`` field, it needs to be specified by this field in one of ``JwtProviders``.
     * If a JWT doesn't have ``iss`` field, one of ``JwtProviders`` should fill this field empty.
     * Multiple ``JwtProviders`` should not have same value in this field.

 Examples:

 * https://securetoken.google.com
 * Example: 1234567-compute@developer.gserviceaccount.com
      string issuer = 1;
      Specified by:
      getIssuerBytes in interface JwtProviderOrBuilder
      Returns:
      The bytes for issuer.

    • getAudiencesList

      public com.google.protobuf.ProtocolStringList getAudiencesList()
       The list of JWT `audiences <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ are
 allowed to access. A JWT containing any of these audiences will be accepted. If not specified,
 will not check audiences in the token.

 Example:

 .. code-block:: yaml

     audiences:
     - bookstore_android.apps.googleusercontent.com
     - bookstore_web.apps.googleusercontent.com
      repeated string audiences = 2;
      Specified by:
      getAudiencesList in interface JwtProviderOrBuilder
      Returns:
      A list containing the audiences.

    • getAudiencesCount

      public int getAudiencesCount()
       The list of JWT `audiences <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ are
 allowed to access. A JWT containing any of these audiences will be accepted. If not specified,
 will not check audiences in the token.

 Example:

 .. code-block:: yaml

     audiences:
     - bookstore_android.apps.googleusercontent.com
     - bookstore_web.apps.googleusercontent.com
      repeated string audiences = 2;
      Specified by:
      getAudiencesCount in interface JwtProviderOrBuilder
      Returns:
      The count of audiences.

    • getAudiences

      public String getAudiences(int index)
       The list of JWT `audiences <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ are
 allowed to access. A JWT containing any of these audiences will be accepted. If not specified,
 will not check audiences in the token.

 Example:

 .. code-block:: yaml

     audiences:
     - bookstore_android.apps.googleusercontent.com
     - bookstore_web.apps.googleusercontent.com
      repeated string audiences = 2;
      Specified by:
      getAudiences in interface JwtProviderOrBuilder
      Parameters:
      index - The index of the element to return.
      Returns:
      The audiences at the given index.

    • getAudiencesBytes

      public com.google.protobuf.ByteString getAudiencesBytes(int index)
       The list of JWT `audiences <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ are
 allowed to access. A JWT containing any of these audiences will be accepted. If not specified,
 will not check audiences in the token.

 Example:

 .. code-block:: yaml

     audiences:
     - bookstore_android.apps.googleusercontent.com
     - bookstore_web.apps.googleusercontent.com
      repeated string audiences = 2;
      Specified by:
      getAudiencesBytes in interface JwtProviderOrBuilder
      Parameters:
      index - The index of the value to return.
      Returns:
      The bytes of the audiences at the given index.

    • hasSubjects

      public boolean hasSubjects()
       Restrict the `subjects <https://tools.ietf.org/html/rfc7519#section-4.1.2>`_
 that the JwtProvider can assert. For instance, this could implement JWT-SVID
 `subject restrictions <https://github.com/spiffe/spiffe/blob/main/standards/JWT-SVID.md#31-subject>`_.
 If not specified, will not check subjects in the token.

 Example:

 .. code-block:: yaml

     subjects:
       prefix: spiffe://spiffe.example.com/
      .envoy.type.matcher.v3.StringMatcher subjects = 19;
      Specified by:
      hasSubjects in interface JwtProviderOrBuilder
      Returns:
      Whether the subjects field is set.

    • getSubjects

      public StringMatcher getSubjects()
       Restrict the `subjects <https://tools.ietf.org/html/rfc7519#section-4.1.2>`_
 that the JwtProvider can assert. For instance, this could implement JWT-SVID
 `subject restrictions <https://github.com/spiffe/spiffe/blob/main/standards/JWT-SVID.md#31-subject>`_.
 If not specified, will not check subjects in the token.

 Example:

 .. code-block:: yaml

     subjects:
       prefix: spiffe://spiffe.example.com/
      .envoy.type.matcher.v3.StringMatcher subjects = 19;
      Specified by:
      getSubjects in interface JwtProviderOrBuilder
      Returns:
      The subjects.

    • getSubjectsOrBuilder

      public StringMatcherOrBuilder getSubjectsOrBuilder()
       Restrict the `subjects <https://tools.ietf.org/html/rfc7519#section-4.1.2>`_
 that the JwtProvider can assert. For instance, this could implement JWT-SVID
 `subject restrictions <https://github.com/spiffe/spiffe/blob/main/standards/JWT-SVID.md#31-subject>`_.
 If not specified, will not check subjects in the token.

 Example:

 .. code-block:: yaml

     subjects:
       prefix: spiffe://spiffe.example.com/
      .envoy.type.matcher.v3.StringMatcher subjects = 19;
      Specified by:
      getSubjectsOrBuilder in interface JwtProviderOrBuilder

    • getRequireExpiration

      public boolean getRequireExpiration()
       Requires that the credential contains an `expiration <https://tools.ietf.org/html/rfc7519#section-4.1.4>`_.
 For instance, this could implement JWT-SVID
 `expiration restrictions <https://github.com/spiffe/spiffe/blob/main/standards/JWT-SVID.md#33-expiration-time>`_.
 Unlike ``max_lifetime``, this only requires that expiration is present, where ``max_lifetime`` also checks the value.

 Example:

 .. code-block:: yaml

     require_expiration: true
      bool require_expiration = 20;
      Specified by:
      getRequireExpiration in interface JwtProviderOrBuilder
      Returns:
      The requireExpiration.

    • hasMaxLifetime

      public boolean hasMaxLifetime()
       Restrict the maximum remaining lifetime of a credential from the JwtProvider. Credential lifetime
 is the difference between the current time and the expiration of the credential. For instance,
 the following example will reject credentials that have a lifetime longer than 24 hours. If not set,
 expiration checking still occurs, but there is no limit on credential lifetime. If set, takes precedence
 over ``require_expiration``.

 Example:

 .. code-block:: yaml

     max_lifetime:
       seconds: 86400
      .google.protobuf.Duration max_lifetime = 21;
      Specified by:
      hasMaxLifetime in interface JwtProviderOrBuilder
      Returns:
      Whether the maxLifetime field is set.

    • getMaxLifetime

      public com.google.protobuf.Duration getMaxLifetime()
       Restrict the maximum remaining lifetime of a credential from the JwtProvider. Credential lifetime
 is the difference between the current time and the expiration of the credential. For instance,
 the following example will reject credentials that have a lifetime longer than 24 hours. If not set,
 expiration checking still occurs, but there is no limit on credential lifetime. If set, takes precedence
 over ``require_expiration``.

 Example:

 .. code-block:: yaml

     max_lifetime:
       seconds: 86400
      .google.protobuf.Duration max_lifetime = 21;
      Specified by:
      getMaxLifetime in interface JwtProviderOrBuilder
      Returns:
      The maxLifetime.

    • getMaxLifetimeOrBuilder

      public com.google.protobuf.DurationOrBuilder getMaxLifetimeOrBuilder()
       Restrict the maximum remaining lifetime of a credential from the JwtProvider. Credential lifetime
 is the difference between the current time and the expiration of the credential. For instance,
 the following example will reject credentials that have a lifetime longer than 24 hours. If not set,
 expiration checking still occurs, but there is no limit on credential lifetime. If set, takes precedence
 over ``require_expiration``.

 Example:

 .. code-block:: yaml

     max_lifetime:
       seconds: 86400
      .google.protobuf.Duration max_lifetime = 21;
      Specified by:
      getMaxLifetimeOrBuilder in interface JwtProviderOrBuilder

    • hasRemoteJwks

      public boolean hasRemoteJwks()
       JWKS can be fetched from remote server via HTTP/HTTPS. This field specifies the remote HTTP
 URI and how the fetched JWKS should be cached.

 Example:

 .. code-block:: yaml

    remote_jwks:
      http_uri:
        uri: https://www.googleapis.com/oauth2/v1/certs
        cluster: jwt.www.googleapis.com|443
        timeout: 1s
      cache_duration:
        seconds: 300
      .envoy.extensions.filters.http.jwt_authn.v3.RemoteJwks remote_jwks = 3;
      Specified by:
      hasRemoteJwks in interface JwtProviderOrBuilder
      Returns:
      Whether the remoteJwks field is set.

    • getRemoteJwks

      public RemoteJwks getRemoteJwks()
       JWKS can be fetched from remote server via HTTP/HTTPS. This field specifies the remote HTTP
 URI and how the fetched JWKS should be cached.

 Example:

 .. code-block:: yaml

    remote_jwks:
      http_uri:
        uri: https://www.googleapis.com/oauth2/v1/certs
        cluster: jwt.www.googleapis.com|443
        timeout: 1s
      cache_duration:
        seconds: 300
      .envoy.extensions.filters.http.jwt_authn.v3.RemoteJwks remote_jwks = 3;
      Specified by:
      getRemoteJwks in interface JwtProviderOrBuilder
      Returns:
      The remoteJwks.

    • getRemoteJwksOrBuilder

      public RemoteJwksOrBuilder getRemoteJwksOrBuilder()
       JWKS can be fetched from remote server via HTTP/HTTPS. This field specifies the remote HTTP
 URI and how the fetched JWKS should be cached.

 Example:

 .. code-block:: yaml

    remote_jwks:
      http_uri:
        uri: https://www.googleapis.com/oauth2/v1/certs
        cluster: jwt.www.googleapis.com|443
        timeout: 1s
      cache_duration:
        seconds: 300
      .envoy.extensions.filters.http.jwt_authn.v3.RemoteJwks remote_jwks = 3;
      Specified by:
      getRemoteJwksOrBuilder in interface JwtProviderOrBuilder

    • hasLocalJwks

      public boolean hasLocalJwks()
       JWKS is in local data source. It could be either in a local file or embedded in the
 inline_string.

 Example: local file

 .. code-block:: yaml

    local_jwks:
      filename: /etc/envoy/jwks/jwks1.txt

 Example: inline_string

 .. code-block:: yaml

    local_jwks:
      inline_string: ACADADADADA
      .envoy.config.core.v3.DataSource local_jwks = 4;
      Specified by:
      hasLocalJwks in interface JwtProviderOrBuilder
      Returns:
      Whether the localJwks field is set.

    • getLocalJwks

      public DataSource getLocalJwks()
       JWKS is in local data source. It could be either in a local file or embedded in the
 inline_string.

 Example: local file

 .. code-block:: yaml

    local_jwks:
      filename: /etc/envoy/jwks/jwks1.txt

 Example: inline_string

 .. code-block:: yaml

    local_jwks:
      inline_string: ACADADADADA
      .envoy.config.core.v3.DataSource local_jwks = 4;
      Specified by:
      getLocalJwks in interface JwtProviderOrBuilder
      Returns:
      The localJwks.

    • getLocalJwksOrBuilder

      public DataSourceOrBuilder getLocalJwksOrBuilder()
       JWKS is in local data source. It could be either in a local file or embedded in the
 inline_string.

 Example: local file

 .. code-block:: yaml

    local_jwks:
      filename: /etc/envoy/jwks/jwks1.txt

 Example: inline_string

 .. code-block:: yaml

    local_jwks:
      inline_string: ACADADADADA
      .envoy.config.core.v3.DataSource local_jwks = 4;
      Specified by:
      getLocalJwksOrBuilder in interface JwtProviderOrBuilder

    • getForward

      public boolean getForward()
       If false, the JWT is removed in the request after a success verification. If true, the JWT is
 not removed in the request. Default value is false.
 caveat: only works for from_header/from_params & has no effect for JWTs extracted through from_cookies.
      bool forward = 5;
      Specified by:
      getForward in interface JwtProviderOrBuilder
      Returns:
      The forward.

    • getFromHeadersList

      public List<JwtHeader> getFromHeadersList()
       Two fields below define where to extract the JWT from an HTTP request.

 If no explicit location is specified, the following default locations are tried in order:

 1. The Authorization header using the `Bearer schema
 <https://tools.ietf.org/html/rfc6750#section-2.1>`_. Example::

    Authorization: Bearer <token>.

 2. `access_token <https://tools.ietf.org/html/rfc6750#section-2.3>`_ query parameter.

 Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations
 its provider specified or from the default locations.

 Specify the HTTP headers to extract the JWT. For examples, following config:

 .. code-block:: yaml

   from_headers:
   - name: x-goog-iap-jwt-assertion

 can be used to extract token from header::

   ``x-goog-iap-jwt-assertion: <JWT>``.
      repeated .envoy.extensions.filters.http.jwt_authn.v3.JwtHeader from_headers = 6;
      Specified by:
      getFromHeadersList in interface JwtProviderOrBuilder

    • getFromHeadersOrBuilderList

      public List<? extends JwtHeaderOrBuilder> getFromHeadersOrBuilderList()
       Two fields below define where to extract the JWT from an HTTP request.

 If no explicit location is specified, the following default locations are tried in order:

 1. The Authorization header using the `Bearer schema
 <https://tools.ietf.org/html/rfc6750#section-2.1>`_. Example::

    Authorization: Bearer <token>.

 2. `access_token <https://tools.ietf.org/html/rfc6750#section-2.3>`_ query parameter.

 Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations
 its provider specified or from the default locations.

 Specify the HTTP headers to extract the JWT. For examples, following config:

 .. code-block:: yaml

   from_headers:
   - name: x-goog-iap-jwt-assertion

 can be used to extract token from header::

   ``x-goog-iap-jwt-assertion: <JWT>``.
      repeated .envoy.extensions.filters.http.jwt_authn.v3.JwtHeader from_headers = 6;
      Specified by:
      getFromHeadersOrBuilderList in interface JwtProviderOrBuilder

    • getFromHeadersCount

      public int getFromHeadersCount()
       Two fields below define where to extract the JWT from an HTTP request.

 If no explicit location is specified, the following default locations are tried in order:

 1. The Authorization header using the `Bearer schema
 <https://tools.ietf.org/html/rfc6750#section-2.1>`_. Example::

    Authorization: Bearer <token>.

 2. `access_token <https://tools.ietf.org/html/rfc6750#section-2.3>`_ query parameter.

 Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations
 its provider specified or from the default locations.

 Specify the HTTP headers to extract the JWT. For examples, following config:

 .. code-block:: yaml

   from_headers:
   - name: x-goog-iap-jwt-assertion

 can be used to extract token from header::

   ``x-goog-iap-jwt-assertion: <JWT>``.
      repeated .envoy.extensions.filters.http.jwt_authn.v3.JwtHeader from_headers = 6;
      Specified by:
      getFromHeadersCount in interface JwtProviderOrBuilder

    • getFromHeaders

      public JwtHeader getFromHeaders(int index)
       Two fields below define where to extract the JWT from an HTTP request.

 If no explicit location is specified, the following default locations are tried in order:

 1. The Authorization header using the `Bearer schema
 <https://tools.ietf.org/html/rfc6750#section-2.1>`_. Example::

    Authorization: Bearer <token>.

 2. `access_token <https://tools.ietf.org/html/rfc6750#section-2.3>`_ query parameter.

 Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations
 its provider specified or from the default locations.

 Specify the HTTP headers to extract the JWT. For examples, following config:

 .. code-block:: yaml

   from_headers:
   - name: x-goog-iap-jwt-assertion

 can be used to extract token from header::

   ``x-goog-iap-jwt-assertion: <JWT>``.
      repeated .envoy.extensions.filters.http.jwt_authn.v3.JwtHeader from_headers = 6;
      Specified by:
      getFromHeaders in interface JwtProviderOrBuilder

    • getFromHeadersOrBuilder

      public JwtHeaderOrBuilder getFromHeadersOrBuilder(int index)
       Two fields below define where to extract the JWT from an HTTP request.

 If no explicit location is specified, the following default locations are tried in order:

 1. The Authorization header using the `Bearer schema
 <https://tools.ietf.org/html/rfc6750#section-2.1>`_. Example::

    Authorization: Bearer <token>.

 2. `access_token <https://tools.ietf.org/html/rfc6750#section-2.3>`_ query parameter.

 Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations
 its provider specified or from the default locations.

 Specify the HTTP headers to extract the JWT. For examples, following config:

 .. code-block:: yaml

   from_headers:
   - name: x-goog-iap-jwt-assertion

 can be used to extract token from header::

   ``x-goog-iap-jwt-assertion: <JWT>``.
      repeated .envoy.extensions.filters.http.jwt_authn.v3.JwtHeader from_headers = 6;
      Specified by:
      getFromHeadersOrBuilder in interface JwtProviderOrBuilder

    • getFromParamsList

      public com.google.protobuf.ProtocolStringList getFromParamsList()
       JWT is sent in a query parameter. ``jwt_params`` represents the query parameter names.

 For example, if config is:

 .. code-block:: yaml

   from_params:
   - jwt_token

 The JWT format in query parameter is::

    /path?jwt_token=<JWT>
      repeated string from_params = 7;
      Specified by:
      getFromParamsList in interface JwtProviderOrBuilder
      Returns:
      A list containing the fromParams.

    • getFromParamsCount

      public int getFromParamsCount()
       JWT is sent in a query parameter. ``jwt_params`` represents the query parameter names.

 For example, if config is:

 .. code-block:: yaml

   from_params:
   - jwt_token

 The JWT format in query parameter is::

    /path?jwt_token=<JWT>
      repeated string from_params = 7;
      Specified by:
      getFromParamsCount in interface JwtProviderOrBuilder
      Returns:
      The count of fromParams.

    • getFromParams

      public String getFromParams(int index)
       JWT is sent in a query parameter. ``jwt_params`` represents the query parameter names.

 For example, if config is:

 .. code-block:: yaml

   from_params:
   - jwt_token

 The JWT format in query parameter is::

    /path?jwt_token=<JWT>
      repeated string from_params = 7;
      Specified by:
      getFromParams in interface JwtProviderOrBuilder
      Parameters:
      index - The index of the element to return.
      Returns:
      The fromParams at the given index.

    • getFromParamsBytes

      public com.google.protobuf.ByteString getFromParamsBytes(int index)
       JWT is sent in a query parameter. ``jwt_params`` represents the query parameter names.

 For example, if config is:

 .. code-block:: yaml

   from_params:
   - jwt_token

 The JWT format in query parameter is::

    /path?jwt_token=<JWT>
      repeated string from_params = 7;
      Specified by:
      getFromParamsBytes in interface JwtProviderOrBuilder
      Parameters:
      index - The index of the value to return.
      Returns:
      The bytes of the fromParams at the given index.

    • getFromCookiesList

      public com.google.protobuf.ProtocolStringList getFromCookiesList()
       JWT is sent in a cookie. ``from_cookies`` represents the cookie names to extract from.

 For example, if config is:

 .. code-block:: yaml

   from_cookies:
   - auth-token

 Then JWT will be extracted from ``auth-token`` cookie in the request.
      repeated string from_cookies = 13;
      Specified by:
      getFromCookiesList in interface JwtProviderOrBuilder
      Returns:
      A list containing the fromCookies.

    • getFromCookiesCount

      public int getFromCookiesCount()
       JWT is sent in a cookie. ``from_cookies`` represents the cookie names to extract from.

 For example, if config is:

 .. code-block:: yaml

   from_cookies:
   - auth-token

 Then JWT will be extracted from ``auth-token`` cookie in the request.
      repeated string from_cookies = 13;
      Specified by:
      getFromCookiesCount in interface JwtProviderOrBuilder
      Returns:
      The count of fromCookies.

    • getFromCookies

      public String getFromCookies(int index)
       JWT is sent in a cookie. ``from_cookies`` represents the cookie names to extract from.

 For example, if config is:

 .. code-block:: yaml

   from_cookies:
   - auth-token

 Then JWT will be extracted from ``auth-token`` cookie in the request.
      repeated string from_cookies = 13;
      Specified by:
      getFromCookies in interface JwtProviderOrBuilder
      Parameters:
      index - The index of the element to return.
      Returns:
      The fromCookies at the given index.

    • getFromCookiesBytes

      public com.google.protobuf.ByteString getFromCookiesBytes(int index)
       JWT is sent in a cookie. ``from_cookies`` represents the cookie names to extract from.

 For example, if config is:

 .. code-block:: yaml

   from_cookies:
   - auth-token

 Then JWT will be extracted from ``auth-token`` cookie in the request.
      repeated string from_cookies = 13;
      Specified by:
      getFromCookiesBytes in interface JwtProviderOrBuilder
      Parameters:
      index - The index of the value to return.
      Returns:
      The bytes of the fromCookies at the given index.

    • getForwardPayloadHeader

      public String getForwardPayloadHeader()
       This field specifies the header name to forward a successfully verified JWT payload to the
 backend. The forwarded data is::

    base64url_encoded(jwt_payload_in_JSON)

 If it is not specified, the payload will not be forwarded.
      string forward_payload_header = 8 [(.validate.rules) = { ... }
      Specified by:
      getForwardPayloadHeader in interface JwtProviderOrBuilder
      Returns:
      The forwardPayloadHeader.

    • getForwardPayloadHeaderBytes

      public com.google.protobuf.ByteString getForwardPayloadHeaderBytes()
       This field specifies the header name to forward a successfully verified JWT payload to the
 backend. The forwarded data is::

    base64url_encoded(jwt_payload_in_JSON)

 If it is not specified, the payload will not be forwarded.
      string forward_payload_header = 8 [(.validate.rules) = { ... }
      Specified by:
      getForwardPayloadHeaderBytes in interface JwtProviderOrBuilder
      Returns:
      The bytes for forwardPayloadHeader.

    • getPadForwardPayloadHeader

      public boolean getPadForwardPayloadHeader()
       When :ref:`forward_payload_header <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtProvider.forward_payload_header>`
 is specified, the base64 encoded payload will be added to the headers.
 Normally JWT based64 encode doesn't add padding. If this field is true,
 the header will be padded.

 This field is only relevant if :ref:`forward_payload_header <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtProvider.forward_payload_header>`
 is specified.
      bool pad_forward_payload_header = 11;
      Specified by:
      getPadForwardPayloadHeader in interface JwtProviderOrBuilder
      Returns:
      The padForwardPayloadHeader.

    • getPayloadInMetadata

      public String getPayloadInMetadata()
       If non empty, successfully verified JWT payloads will be written to StreamInfo DynamicMetadata
 in the format as: ``namespace`` is the jwt_authn filter name as ````envoy.filters.http.jwt_authn````
 The value is the ``protobuf::Struct``. The value of this field will be the key for its ``fields``
 and the value is the ``protobuf::Struct`` converted from JWT JSON payload.

 For example, if payload_in_metadata is ``my_payload``:

 .. code-block:: yaml

   envoy.filters.http.jwt_authn:
     my_payload:
       iss: https://example.com
       sub: test@example.com
       aud: https://example.com
       exp: 1501281058
      string payload_in_metadata = 9;
      Specified by:
      getPayloadInMetadata in interface JwtProviderOrBuilder
      Returns:
      The payloadInMetadata.

    • getPayloadInMetadataBytes

      public com.google.protobuf.ByteString getPayloadInMetadataBytes()
       If non empty, successfully verified JWT payloads will be written to StreamInfo DynamicMetadata
 in the format as: ``namespace`` is the jwt_authn filter name as ````envoy.filters.http.jwt_authn````
 The value is the ``protobuf::Struct``. The value of this field will be the key for its ``fields``
 and the value is the ``protobuf::Struct`` converted from JWT JSON payload.

 For example, if payload_in_metadata is ``my_payload``:

 .. code-block:: yaml

   envoy.filters.http.jwt_authn:
     my_payload:
       iss: https://example.com
       sub: test@example.com
       aud: https://example.com
       exp: 1501281058
      string payload_in_metadata = 9;
      Specified by:
      getPayloadInMetadataBytes in interface JwtProviderOrBuilder
      Returns:
      The bytes for payloadInMetadata.

    • hasNormalizePayloadInMetadata

      public boolean hasNormalizePayloadInMetadata()
       Normalizes the payload representation in the request metadata.
      .envoy.extensions.filters.http.jwt_authn.v3.JwtProvider.NormalizePayload normalize_payload_in_metadata = 18;
      Specified by:
      hasNormalizePayloadInMetadata in interface JwtProviderOrBuilder
      Returns:
      Whether the normalizePayloadInMetadata field is set.

    • getNormalizePayloadInMetadata

      public JwtProvider.NormalizePayload getNormalizePayloadInMetadata()
       Normalizes the payload representation in the request metadata.
      .envoy.extensions.filters.http.jwt_authn.v3.JwtProvider.NormalizePayload normalize_payload_in_metadata = 18;
      Specified by:
      getNormalizePayloadInMetadata in interface JwtProviderOrBuilder
      Returns:
      The normalizePayloadInMetadata.

    • getNormalizePayloadInMetadataOrBuilder

      public JwtProvider.NormalizePayloadOrBuilder getNormalizePayloadInMetadataOrBuilder()
       Normalizes the payload representation in the request metadata.
      .envoy.extensions.filters.http.jwt_authn.v3.JwtProvider.NormalizePayload normalize_payload_in_metadata = 18;
      Specified by:
      getNormalizePayloadInMetadataOrBuilder in interface JwtProviderOrBuilder

    • getHeaderInMetadata

      public String getHeaderInMetadata()
       If not empty, similar to :ref:`payload_in_metadata <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtProvider.payload_in_metadata>`,
 a successfully verified JWT header will be written to :ref:`Dynamic State <arch_overview_data_sharing_between_filters>`
 as an entry (``protobuf::Struct``) in ``envoy.filters.http.jwt_authn`` ``namespace`` with the
 value of this field as the key.

 For example, if ``header_in_metadata`` is ``my_header``:

 .. code-block:: yaml

   envoy.filters.http.jwt_authn:
     my_header:
       alg: JWT
       kid: EF71iSaosbC5C4tC6Syq1Gm647M
       alg: PS256

 When the metadata has ``envoy.filters.http.jwt_authn`` entry already (for example if
 :ref:`payload_in_metadata <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtProvider.payload_in_metadata>`
 is not empty), it will be inserted as a new entry in the same ``namespace`` as shown below:

 .. code-block:: yaml

   envoy.filters.http.jwt_authn:
     my_payload:
       iss: https://example.com
       sub: test@example.com
       aud: https://example.com
       exp: 1501281058
     my_header:
       alg: JWT
       kid: EF71iSaosbC5C4tC6Syq1Gm647M
       alg: PS256

 .. warning::
   Using the same key name for :ref:`header_in_metadata <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtProvider.payload_in_metadata>`
   and :ref:`payload_in_metadata <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtProvider.payload_in_metadata>`
   is not suggested due to potential override of existing entry, while it is not enforced during
   config validation.
      string header_in_metadata = 14;
      Specified by:
      getHeaderInMetadata in interface JwtProviderOrBuilder
      Returns:
      The headerInMetadata.

    • getHeaderInMetadataBytes

      public com.google.protobuf.ByteString getHeaderInMetadataBytes()
       If not empty, similar to :ref:`payload_in_metadata <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtProvider.payload_in_metadata>`,
 a successfully verified JWT header will be written to :ref:`Dynamic State <arch_overview_data_sharing_between_filters>`
 as an entry (``protobuf::Struct``) in ``envoy.filters.http.jwt_authn`` ``namespace`` with the
 value of this field as the key.

 For example, if ``header_in_metadata`` is ``my_header``:

 .. code-block:: yaml

   envoy.filters.http.jwt_authn:
     my_header:
       alg: JWT
       kid: EF71iSaosbC5C4tC6Syq1Gm647M
       alg: PS256

 When the metadata has ``envoy.filters.http.jwt_authn`` entry already (for example if
 :ref:`payload_in_metadata <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtProvider.payload_in_metadata>`
 is not empty), it will be inserted as a new entry in the same ``namespace`` as shown below:

 .. code-block:: yaml

   envoy.filters.http.jwt_authn:
     my_payload:
       iss: https://example.com
       sub: test@example.com
       aud: https://example.com
       exp: 1501281058
     my_header:
       alg: JWT
       kid: EF71iSaosbC5C4tC6Syq1Gm647M
       alg: PS256

 .. warning::
   Using the same key name for :ref:`header_in_metadata <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtProvider.payload_in_metadata>`
   and :ref:`payload_in_metadata <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtProvider.payload_in_metadata>`
   is not suggested due to potential override of existing entry, while it is not enforced during
   config validation.
      string header_in_metadata = 14;
      Specified by:
      getHeaderInMetadataBytes in interface JwtProviderOrBuilder
      Returns:
      The bytes for headerInMetadata.

    • getFailedStatusInMetadata

      public String getFailedStatusInMetadata()
       If non empty, the failure status ``::google::jwt_verify::Status`` for a non verified JWT will be written to StreamInfo DynamicMetadata
 in the format as: ``namespace`` is the jwt_authn filter name as ``envoy.filters.http.jwt_authn``
 The value is the ``protobuf::Struct``. The values of this field will be ``code`` and ``message``
 and they will contain the JWT authentication failure status code and a message describing the failure.

 For example, if failed_status_in_metadata is ``my_auth_failure_status``:

 .. code-block:: yaml

   envoy.filters.http.jwt_authn:
     my_auth_failure_status:
       code: 3
       message: Jwt expired
      string failed_status_in_metadata = 16;
      Specified by:
      getFailedStatusInMetadata in interface JwtProviderOrBuilder
      Returns:
      The failedStatusInMetadata.

    • getFailedStatusInMetadataBytes

      public com.google.protobuf.ByteString getFailedStatusInMetadataBytes()
       If non empty, the failure status ``::google::jwt_verify::Status`` for a non verified JWT will be written to StreamInfo DynamicMetadata
 in the format as: ``namespace`` is the jwt_authn filter name as ``envoy.filters.http.jwt_authn``
 The value is the ``protobuf::Struct``. The values of this field will be ``code`` and ``message``
 and they will contain the JWT authentication failure status code and a message describing the failure.

 For example, if failed_status_in_metadata is ``my_auth_failure_status``:

 .. code-block:: yaml

   envoy.filters.http.jwt_authn:
     my_auth_failure_status:
       code: 3
       message: Jwt expired
      string failed_status_in_metadata = 16;
      Specified by:
      getFailedStatusInMetadataBytes in interface JwtProviderOrBuilder
      Returns:
      The bytes for failedStatusInMetadata.

    • getClockSkewSeconds

      public int getClockSkewSeconds()
       Specify the clock skew in seconds when verifying JWT time constraint,
 such as ``exp``, and ``nbf``. If not specified, default is 60 seconds.
      uint32 clock_skew_seconds = 10;
      Specified by:
      getClockSkewSeconds in interface JwtProviderOrBuilder
      Returns:
      The clockSkewSeconds.

    • hasJwtCacheConfig

      public boolean hasJwtCacheConfig()
       Enables JWT cache, its size is specified by ``jwt_cache_size``.
 Only valid JWTs are cached.
      .envoy.extensions.filters.http.jwt_authn.v3.JwtCacheConfig jwt_cache_config = 12;
      Specified by:
      hasJwtCacheConfig in interface JwtProviderOrBuilder
      Returns:
      Whether the jwtCacheConfig field is set.

    • getJwtCacheConfig

      public JwtCacheConfig getJwtCacheConfig()
       Enables JWT cache, its size is specified by ``jwt_cache_size``.
 Only valid JWTs are cached.
      .envoy.extensions.filters.http.jwt_authn.v3.JwtCacheConfig jwt_cache_config = 12;
      Specified by:
      getJwtCacheConfig in interface JwtProviderOrBuilder
      Returns:
      The jwtCacheConfig.

    • getJwtCacheConfigOrBuilder

      public JwtCacheConfigOrBuilder getJwtCacheConfigOrBuilder()
       Enables JWT cache, its size is specified by ``jwt_cache_size``.
 Only valid JWTs are cached.
      .envoy.extensions.filters.http.jwt_authn.v3.JwtCacheConfig jwt_cache_config = 12;
      Specified by:
      getJwtCacheConfigOrBuilder in interface JwtProviderOrBuilder

    • getClaimToHeadersList

      public List<JwtClaimToHeader> getClaimToHeadersList()
       Add JWT claim to HTTP Header
 Specify the claim name you want to copy in which HTTP header. For examples, following config:
 The claim must be of type; string, int, double, bool. Array type claims are not supported

 .. literalinclude:: /_configs/repo/jwt_authn.yaml
    :language: yaml
    :lines: 44-48
    :linenos:
    :lineno-start: 44
    :caption: :download:`jwt_authn.yaml </_configs/repo/jwt_authn.yaml>`

 This header is only reserved for jwt claim; any other value will be overwritten.
      repeated .envoy.extensions.filters.http.jwt_authn.v3.JwtClaimToHeader claim_to_headers = 15;
      Specified by:
      getClaimToHeadersList in interface JwtProviderOrBuilder

    • getClaimToHeadersOrBuilderList

      public List<? extends JwtClaimToHeaderOrBuilder> getClaimToHeadersOrBuilderList()
       Add JWT claim to HTTP Header
 Specify the claim name you want to copy in which HTTP header. For examples, following config:
 The claim must be of type; string, int, double, bool. Array type claims are not supported

 .. literalinclude:: /_configs/repo/jwt_authn.yaml
    :language: yaml
    :lines: 44-48
    :linenos:
    :lineno-start: 44
    :caption: :download:`jwt_authn.yaml </_configs/repo/jwt_authn.yaml>`

 This header is only reserved for jwt claim; any other value will be overwritten.
      repeated .envoy.extensions.filters.http.jwt_authn.v3.JwtClaimToHeader claim_to_headers = 15;
      Specified by:
      getClaimToHeadersOrBuilderList in interface JwtProviderOrBuilder

    • getClaimToHeadersCount

      public int getClaimToHeadersCount()
       Add JWT claim to HTTP Header
 Specify the claim name you want to copy in which HTTP header. For examples, following config:
 The claim must be of type; string, int, double, bool. Array type claims are not supported

 .. literalinclude:: /_configs/repo/jwt_authn.yaml
    :language: yaml
    :lines: 44-48
    :linenos:
    :lineno-start: 44
    :caption: :download:`jwt_authn.yaml </_configs/repo/jwt_authn.yaml>`

 This header is only reserved for jwt claim; any other value will be overwritten.
      repeated .envoy.extensions.filters.http.jwt_authn.v3.JwtClaimToHeader claim_to_headers = 15;
      Specified by:
      getClaimToHeadersCount in interface JwtProviderOrBuilder

    • getClaimToHeaders

      public JwtClaimToHeader getClaimToHeaders(int index)
       Add JWT claim to HTTP Header
 Specify the claim name you want to copy in which HTTP header. For examples, following config:
 The claim must be of type; string, int, double, bool. Array type claims are not supported

 .. literalinclude:: /_configs/repo/jwt_authn.yaml
    :language: yaml
    :lines: 44-48
    :linenos:
    :lineno-start: 44
    :caption: :download:`jwt_authn.yaml </_configs/repo/jwt_authn.yaml>`

 This header is only reserved for jwt claim; any other value will be overwritten.
      repeated .envoy.extensions.filters.http.jwt_authn.v3.JwtClaimToHeader claim_to_headers = 15;
      Specified by:
      getClaimToHeaders in interface JwtProviderOrBuilder

    • getClaimToHeadersOrBuilder

      public JwtClaimToHeaderOrBuilder getClaimToHeadersOrBuilder(int index)
       Add JWT claim to HTTP Header
 Specify the claim name you want to copy in which HTTP header. For examples, following config:
 The claim must be of type; string, int, double, bool. Array type claims are not supported

 .. literalinclude:: /_configs/repo/jwt_authn.yaml
    :language: yaml
    :lines: 44-48
    :linenos:
    :lineno-start: 44
    :caption: :download:`jwt_authn.yaml </_configs/repo/jwt_authn.yaml>`

 This header is only reserved for jwt claim; any other value will be overwritten.
      repeated .envoy.extensions.filters.http.jwt_authn.v3.JwtClaimToHeader claim_to_headers = 15;
      Specified by:
      getClaimToHeadersOrBuilder in interface JwtProviderOrBuilder

    • getClearRouteCache

      public boolean getClearRouteCache()
       Clears route cache in order to allow the JWT to correctly affect
 routing decisions. Filter clears all cached routes when:

 1. The field is set to ``true``.

 2. At least one ``claim_to_headers`` header is added to the request OR
    if ``payload_in_metadata`` is set.
      bool clear_route_cache = 17;
      Specified by:
      getClearRouteCache in interface JwtProviderOrBuilder
      Returns:
      The clearRouteCache.

    • isInitialized

      public final boolean isInitialized()
      Specified by:
      isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
      Overrides:
      isInitialized in class com.google.protobuf.GeneratedMessageV3

    • writeTo

      public void writeTo(com.google.protobuf.CodedOutputStream output) throws IOException
      Specified by:
      writeTo in interface com.google.protobuf.MessageLite
      Overrides:
      writeTo in class com.google.protobuf.GeneratedMessageV3
      Throws:
      IOException

    • getSerializedSize

      public int getSerializedSize()
      Specified by:
      getSerializedSize in interface com.google.protobuf.MessageLite
      Overrides:
      getSerializedSize in class com.google.protobuf.GeneratedMessageV3

    • equals

      public boolean equals(Object obj)
      Specified by:
      equals in interface com.google.protobuf.Message
      Overrides:
      equals in class com.google.protobuf.AbstractMessage

    • hashCode

      public int hashCode()
      Specified by:
      hashCode in interface com.google.protobuf.Message
      Overrides:
      hashCode in class com.google.protobuf.AbstractMessage

    • parseFrom

      public static JwtProvider parseFrom(ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static JwtProvider parseFrom(ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static JwtProvider parseFrom(com.google.protobuf.ByteString data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static JwtProvider parseFrom(com.google.protobuf.ByteString data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static JwtProvider parseFrom(byte[] data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static JwtProvider parseFrom(byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static JwtProvider parseFrom(InputStream input) throws IOException
      Throws:
      IOException

    • parseFrom

      public static JwtProvider parseFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException

    • parseDelimitedFrom

      public static JwtProvider parseDelimitedFrom(InputStream input) throws IOException
      Throws:
      IOException

    • parseDelimitedFrom

      public static JwtProvider parseDelimitedFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException

    • parseFrom

      public static JwtProvider parseFrom(com.google.protobuf.CodedInputStream input) throws IOException
      Throws:
      IOException

    • parseFrom

      public static JwtProvider parseFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException

    • newBuilderForType

      public JwtProvider.Builder newBuilderForType()
      Specified by:
      newBuilderForType in interface com.google.protobuf.Message
      Specified by:
      newBuilderForType in interface com.google.protobuf.MessageLite

    • newBuilder

      public static JwtProvider.Builder newBuilder()

    • newBuilder

      public static JwtProvider.Builder newBuilder(JwtProvider prototype)

    • toBuilder

      public JwtProvider.Builder toBuilder()
      Specified by:
      toBuilder in interface com.google.protobuf.Message
      Specified by:
      toBuilder in interface com.google.protobuf.MessageLite

    • newBuilderForType

      protected JwtProvider.Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent)
      Specified by:
      newBuilderForType in class com.google.protobuf.GeneratedMessageV3

    • getDefaultInstance

      public static JwtProvider getDefaultInstance()

    • parser

      public static com.google.protobuf.Parser<JwtProvider> parser()

    • getParserForType

      public com.google.protobuf.Parser<JwtProvider> getParserForType()
      Specified by:
      getParserForType in interface com.google.protobuf.Message
      Specified by:
      getParserForType in interface com.google.protobuf.MessageLite
      Overrides:
      getParserForType in class com.google.protobuf.GeneratedMessageV3

    • getDefaultInstanceForType

      public JwtProvider getDefaultInstanceForType()
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder