java.lang.Object
- com.google.protobuf.AbstractMessageLite.Builder
- - com.google.protobuf.AbstractMessage.Builder<BuilderType>
  - - com.google.protobuf.GeneratedMessageV3.Builder<JwtProvider.Builder>
    - - io.envoyproxy.envoy.extensions.filters.http.jwt_authn.v3.JwtProvider.Builder

All Implemented Interfaces:: com.google.protobuf.Message.Builder, com.google.protobuf.MessageLite.Builder, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, JwtProviderOrBuilder, Cloneable

Enclosing class:: JwtProvider

public static final class JwtProvider.Builder
extends com.google.protobuf.GeneratedMessageV3.Builder<JwtProvider.Builder>
implements JwtProviderOrBuilder

 Please see following for JWT authentication flow:
 * `JSON Web Token (JWT) <https://tools.ietf.org/html/rfc7519>`_
 * `The OAuth 2.0 Authorization Framework <https://tools.ietf.org/html/rfc6749>`_
 * `OpenID Connect <http://openid.net/connect>`_
 A JwtProvider message specifies how a JSON Web Token (JWT) can be verified. It specifies:
 * issuer: the principal that issues the JWT. If specified, it has to match the ``iss`` field in JWT.
 * allowed audiences: the ones in the token have to be listed here.
 * how to fetch public key JWKS to verify the token signature.
 * how to extract JWT token in the request.
 * how to pass successfully verified token payload.
 Example:
 .. code-block:: yaml
     issuer: https://example.com
     audiences:
     - bookstore_android.apps.googleusercontent.com
     - bookstore_web.apps.googleusercontent.com
     remote_jwks:
       http_uri:
         uri: https://example.com/.well-known/jwks.json
         cluster: example_jwks_cluster
         timeout: 1s
       cache_duration:
         seconds: 300
 [#next-free-field: 15]

Protobuf type envoy.extensions.filters.http.jwt_authn.v3.JwtProvider

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`JwtProvider.Builder`	`addAllAudiences(Iterable<String> values)`	The list of JWT `audiences <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ are allowed to access.
`JwtProvider.Builder`	`addAllFromCookies(Iterable<String> values)`	JWT is sent in a cookie.
`JwtProvider.Builder`	`addAllFromHeaders(Iterable<? extends JwtHeader> values)`	Two fields below define where to extract the JWT from an HTTP request.
`JwtProvider.Builder`	`addAllFromParams(Iterable<String> values)`	JWT is sent in a query parameter.
`JwtProvider.Builder`	`addAudiences(String value)`	The list of JWT `audiences <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ are allowed to access.
`JwtProvider.Builder`	`addAudiencesBytes(com.google.protobuf.ByteString value)`	The list of JWT `audiences <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ are allowed to access.
`JwtProvider.Builder`	`addFromCookies(String value)`	JWT is sent in a cookie.
`JwtProvider.Builder`	`addFromCookiesBytes(com.google.protobuf.ByteString value)`	JWT is sent in a cookie.
`JwtProvider.Builder`	`addFromHeaders(int index, JwtHeader value)`	Two fields below define where to extract the JWT from an HTTP request.
`JwtProvider.Builder`	`addFromHeaders(int index, JwtHeader.Builder builderForValue)`	Two fields below define where to extract the JWT from an HTTP request.
`JwtProvider.Builder`	`addFromHeaders(JwtHeader value)`	Two fields below define where to extract the JWT from an HTTP request.
`JwtProvider.Builder`	`addFromHeaders(JwtHeader.Builder builderForValue)`	Two fields below define where to extract the JWT from an HTTP request.
`JwtHeader.Builder`	`addFromHeadersBuilder()`	Two fields below define where to extract the JWT from an HTTP request.
`JwtHeader.Builder`	`addFromHeadersBuilder(int index)`	Two fields below define where to extract the JWT from an HTTP request.
`JwtProvider.Builder`	`addFromParams(String value)`	JWT is sent in a query parameter.
`JwtProvider.Builder`	`addFromParamsBytes(com.google.protobuf.ByteString value)`	JWT is sent in a query parameter.
`JwtProvider.Builder`	`addRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)`
`JwtProvider`	`build()`
`JwtProvider`	`buildPartial()`
`JwtProvider.Builder`	`clear()`
`JwtProvider.Builder`	`clearAudiences()`	The list of JWT `audiences <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ are allowed to access.
`JwtProvider.Builder`	`clearClockSkewSeconds()`	Specify the clock skew in seconds when verifying JWT time constraint, such as ``exp``, and ``nbf``.
`JwtProvider.Builder`	`clearField(com.google.protobuf.Descriptors.FieldDescriptor field)`
`JwtProvider.Builder`	`clearForward()`	If false, the JWT is removed in the request after a success verification.
`JwtProvider.Builder`	`clearForwardPayloadHeader()`	This field specifies the header name to forward a successfully verified JWT payload to the backend.
`JwtProvider.Builder`	`clearFromCookies()`	JWT is sent in a cookie.
`JwtProvider.Builder`	`clearFromHeaders()`	Two fields below define where to extract the JWT from an HTTP request.
`JwtProvider.Builder`	`clearFromParams()`	JWT is sent in a query parameter.
`JwtProvider.Builder`	`clearHeaderInMetadata()`	If not empty, similar to :ref:`payload_in_metadata <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtProvider.payload_in_metadata>`, a successfully verified JWT header will be written to :ref:`Dynamic State <arch_overview_data_sharing_between_filters>` as an entry (``protobuf::Struct``) in ``envoy.filters.http.jwt_authn`` ``namespace`` with the value of this field as the key.
`JwtProvider.Builder`	`clearIssuer()`	Specify the `principal <https://tools.ietf.org/html/rfc7519#section-4.1.1>`_ that issued the JWT, usually a URL or an email address.
`JwtProvider.Builder`	`clearJwksSourceSpecifier()`
`JwtProvider.Builder`	`clearJwtCacheConfig()`	Enables JWT cache, its size is specified by ``jwt_cache_size``.
`JwtProvider.Builder`	`clearLocalJwks()`	JWKS is in local data source.
`JwtProvider.Builder`	`clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof)`
`JwtProvider.Builder`	`clearPadForwardPayloadHeader()`	When :ref:`forward_payload_header <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtProvider.forward_payload_header>` is specified, the base64 encoded payload will be added to the headers.
`JwtProvider.Builder`	`clearPayloadInMetadata()`	If non empty, successfully verified JWT payloads will be written to StreamInfo DynamicMetadata in the format as: ``namespace`` is the jwt_authn filter name as ````envoy.filters.http.jwt_authn```` The value is the ``protobuf::Struct``.
`JwtProvider.Builder`	`clearRemoteJwks()`	JWKS can be fetched from remote server via HTTP/HTTPS.
`JwtProvider.Builder`	`clone()`
`String`	`getAudiences(int index)`	The list of JWT `audiences <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ are allowed to access.
`com.google.protobuf.ByteString`	`getAudiencesBytes(int index)`	The list of JWT `audiences <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ are allowed to access.
`int`	`getAudiencesCount()`	The list of JWT `audiences <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ are allowed to access.
`com.google.protobuf.ProtocolStringList`	`getAudiencesList()`	The list of JWT `audiences <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ are allowed to access.
`int`	`getClockSkewSeconds()`	Specify the clock skew in seconds when verifying JWT time constraint, such as ``exp``, and ``nbf``.
`JwtProvider`	`getDefaultInstanceForType()`
`static com.google.protobuf.Descriptors.Descriptor`	`getDescriptor()`
`com.google.protobuf.Descriptors.Descriptor`	`getDescriptorForType()`
`boolean`	`getForward()`	If false, the JWT is removed in the request after a success verification.
`String`	`getForwardPayloadHeader()`	This field specifies the header name to forward a successfully verified JWT payload to the backend.
`com.google.protobuf.ByteString`	`getForwardPayloadHeaderBytes()`	This field specifies the header name to forward a successfully verified JWT payload to the backend.
`String`	`getFromCookies(int index)`	JWT is sent in a cookie.
`com.google.protobuf.ByteString`	`getFromCookiesBytes(int index)`	JWT is sent in a cookie.
`int`	`getFromCookiesCount()`	JWT is sent in a cookie.
`com.google.protobuf.ProtocolStringList`	`getFromCookiesList()`	JWT is sent in a cookie.
`JwtHeader`	`getFromHeaders(int index)`	Two fields below define where to extract the JWT from an HTTP request.
`JwtHeader.Builder`	`getFromHeadersBuilder(int index)`	Two fields below define where to extract the JWT from an HTTP request.
`List<JwtHeader.Builder>`	`getFromHeadersBuilderList()`	Two fields below define where to extract the JWT from an HTTP request.
`int`	`getFromHeadersCount()`	Two fields below define where to extract the JWT from an HTTP request.
`List<JwtHeader>`	`getFromHeadersList()`	Two fields below define where to extract the JWT from an HTTP request.
`JwtHeaderOrBuilder`	`getFromHeadersOrBuilder(int index)`	Two fields below define where to extract the JWT from an HTTP request.
`List<? extends JwtHeaderOrBuilder>`	`getFromHeadersOrBuilderList()`	Two fields below define where to extract the JWT from an HTTP request.
`String`	`getFromParams(int index)`	JWT is sent in a query parameter.
`com.google.protobuf.ByteString`	`getFromParamsBytes(int index)`	JWT is sent in a query parameter.
`int`	`getFromParamsCount()`	JWT is sent in a query parameter.
`com.google.protobuf.ProtocolStringList`	`getFromParamsList()`	JWT is sent in a query parameter.
`String`	`getHeaderInMetadata()`	If not empty, similar to :ref:`payload_in_metadata <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtProvider.payload_in_metadata>`, a successfully verified JWT header will be written to :ref:`Dynamic State <arch_overview_data_sharing_between_filters>` as an entry (``protobuf::Struct``) in ``envoy.filters.http.jwt_authn`` ``namespace`` with the value of this field as the key.
`com.google.protobuf.ByteString`	`getHeaderInMetadataBytes()`	If not empty, similar to :ref:`payload_in_metadata <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtProvider.payload_in_metadata>`, a successfully verified JWT header will be written to :ref:`Dynamic State <arch_overview_data_sharing_between_filters>` as an entry (``protobuf::Struct``) in ``envoy.filters.http.jwt_authn`` ``namespace`` with the value of this field as the key.
`String`	`getIssuer()`	Specify the `principal <https://tools.ietf.org/html/rfc7519#section-4.1.1>`_ that issued the JWT, usually a URL or an email address.
`com.google.protobuf.ByteString`	`getIssuerBytes()`	Specify the `principal <https://tools.ietf.org/html/rfc7519#section-4.1.1>`_ that issued the JWT, usually a URL or an email address.
`JwtProvider.JwksSourceSpecifierCase`	`getJwksSourceSpecifierCase()`
`JwtCacheConfig`	`getJwtCacheConfig()`	Enables JWT cache, its size is specified by ``jwt_cache_size``.
`JwtCacheConfig.Builder`	`getJwtCacheConfigBuilder()`	Enables JWT cache, its size is specified by ``jwt_cache_size``.
`JwtCacheConfigOrBuilder`	`getJwtCacheConfigOrBuilder()`	Enables JWT cache, its size is specified by ``jwt_cache_size``.
`DataSource`	`getLocalJwks()`	JWKS is in local data source.
`DataSource.Builder`	`getLocalJwksBuilder()`	JWKS is in local data source.
`DataSourceOrBuilder`	`getLocalJwksOrBuilder()`	JWKS is in local data source.
`boolean`	`getPadForwardPayloadHeader()`	When :ref:`forward_payload_header <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtProvider.forward_payload_header>` is specified, the base64 encoded payload will be added to the headers.
`String`	`getPayloadInMetadata()`	If non empty, successfully verified JWT payloads will be written to StreamInfo DynamicMetadata in the format as: ``namespace`` is the jwt_authn filter name as ````envoy.filters.http.jwt_authn```` The value is the ``protobuf::Struct``.
`com.google.protobuf.ByteString`	`getPayloadInMetadataBytes()`	If non empty, successfully verified JWT payloads will be written to StreamInfo DynamicMetadata in the format as: ``namespace`` is the jwt_authn filter name as ````envoy.filters.http.jwt_authn```` The value is the ``protobuf::Struct``.
`RemoteJwks`	`getRemoteJwks()`	JWKS can be fetched from remote server via HTTP/HTTPS.
`RemoteJwks.Builder`	`getRemoteJwksBuilder()`	JWKS can be fetched from remote server via HTTP/HTTPS.
`RemoteJwksOrBuilder`	`getRemoteJwksOrBuilder()`	JWKS can be fetched from remote server via HTTP/HTTPS.
`boolean`	`hasJwtCacheConfig()`	Enables JWT cache, its size is specified by ``jwt_cache_size``.
`boolean`	`hasLocalJwks()`	JWKS is in local data source.
`boolean`	`hasRemoteJwks()`	JWKS can be fetched from remote server via HTTP/HTTPS.
`protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable`	`internalGetFieldAccessorTable()`
`boolean`	`isInitialized()`
`JwtProvider.Builder`	`mergeFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)`
`JwtProvider.Builder`	`mergeFrom(com.google.protobuf.Message other)`
`JwtProvider.Builder`	`mergeFrom(JwtProvider other)`
`JwtProvider.Builder`	`mergeJwtCacheConfig(JwtCacheConfig value)`	Enables JWT cache, its size is specified by ``jwt_cache_size``.
`JwtProvider.Builder`	`mergeLocalJwks(DataSource value)`	JWKS is in local data source.
`JwtProvider.Builder`	`mergeRemoteJwks(RemoteJwks value)`	JWKS can be fetched from remote server via HTTP/HTTPS.
`JwtProvider.Builder`	`mergeUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)`
`JwtProvider.Builder`	`removeFromHeaders(int index)`	Two fields below define where to extract the JWT from an HTTP request.
`JwtProvider.Builder`	`setAudiences(int index, String value)`	The list of JWT `audiences <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ are allowed to access.
`JwtProvider.Builder`	`setClockSkewSeconds(int value)`	Specify the clock skew in seconds when verifying JWT time constraint, such as ``exp``, and ``nbf``.
`JwtProvider.Builder`	`setField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)`
`JwtProvider.Builder`	`setForward(boolean value)`	If false, the JWT is removed in the request after a success verification.
`JwtProvider.Builder`	`setForwardPayloadHeader(String value)`	This field specifies the header name to forward a successfully verified JWT payload to the backend.
`JwtProvider.Builder`	`setForwardPayloadHeaderBytes(com.google.protobuf.ByteString value)`	This field specifies the header name to forward a successfully verified JWT payload to the backend.
`JwtProvider.Builder`	`setFromCookies(int index, String value)`	JWT is sent in a cookie.
`JwtProvider.Builder`	`setFromHeaders(int index, JwtHeader value)`	Two fields below define where to extract the JWT from an HTTP request.
`JwtProvider.Builder`	`setFromHeaders(int index, JwtHeader.Builder builderForValue)`	Two fields below define where to extract the JWT from an HTTP request.
`JwtProvider.Builder`	`setFromParams(int index, String value)`	JWT is sent in a query parameter.
`JwtProvider.Builder`	`setHeaderInMetadata(String value)`	If not empty, similar to :ref:`payload_in_metadata <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtProvider.payload_in_metadata>`, a successfully verified JWT header will be written to :ref:`Dynamic State <arch_overview_data_sharing_between_filters>` as an entry (``protobuf::Struct``) in ``envoy.filters.http.jwt_authn`` ``namespace`` with the value of this field as the key.
`JwtProvider.Builder`	`setHeaderInMetadataBytes(com.google.protobuf.ByteString value)`	If not empty, similar to :ref:`payload_in_metadata <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtProvider.payload_in_metadata>`, a successfully verified JWT header will be written to :ref:`Dynamic State <arch_overview_data_sharing_between_filters>` as an entry (``protobuf::Struct``) in ``envoy.filters.http.jwt_authn`` ``namespace`` with the value of this field as the key.
`JwtProvider.Builder`	`setIssuer(String value)`	Specify the `principal <https://tools.ietf.org/html/rfc7519#section-4.1.1>`_ that issued the JWT, usually a URL or an email address.
`JwtProvider.Builder`	`setIssuerBytes(com.google.protobuf.ByteString value)`	Specify the `principal <https://tools.ietf.org/html/rfc7519#section-4.1.1>`_ that issued the JWT, usually a URL or an email address.
`JwtProvider.Builder`	`setJwtCacheConfig(JwtCacheConfig value)`	Enables JWT cache, its size is specified by ``jwt_cache_size``.
`JwtProvider.Builder`	`setJwtCacheConfig(JwtCacheConfig.Builder builderForValue)`	Enables JWT cache, its size is specified by ``jwt_cache_size``.
`JwtProvider.Builder`	`setLocalJwks(DataSource value)`	JWKS is in local data source.
`JwtProvider.Builder`	`setLocalJwks(DataSource.Builder builderForValue)`	JWKS is in local data source.
`JwtProvider.Builder`	`setPadForwardPayloadHeader(boolean value)`	When :ref:`forward_payload_header <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtProvider.forward_payload_header>` is specified, the base64 encoded payload will be added to the headers.
`JwtProvider.Builder`	`setPayloadInMetadata(String value)`	If non empty, successfully verified JWT payloads will be written to StreamInfo DynamicMetadata in the format as: ``namespace`` is the jwt_authn filter name as ````envoy.filters.http.jwt_authn```` The value is the ``protobuf::Struct``.
`JwtProvider.Builder`	`setPayloadInMetadataBytes(com.google.protobuf.ByteString value)`	If non empty, successfully verified JWT payloads will be written to StreamInfo DynamicMetadata in the format as: ``namespace`` is the jwt_authn filter name as ````envoy.filters.http.jwt_authn```` The value is the ``protobuf::Struct``.
`JwtProvider.Builder`	`setRemoteJwks(RemoteJwks value)`	JWKS can be fetched from remote server via HTTP/HTTPS.
`JwtProvider.Builder`	`setRemoteJwks(RemoteJwks.Builder builderForValue)`	JWKS can be fetched from remote server via HTTP/HTTPS.
`JwtProvider.Builder`	`setRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, int index, Object value)`
`JwtProvider.Builder`	`setUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)`

Methods inherited from class com.google.protobuf.GeneratedMessageV3.Builder
getAllFields, getField, getFieldBuilder, getOneofFieldDescriptor, getParentForChildren, getRepeatedField, getRepeatedFieldBuilder, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof, internalGetMapField, internalGetMutableMapField, isClean, markClean, newBuilderForField, onBuilt, onChanged, setUnknownFieldsProto3

Methods inherited from class com.google.protobuf.AbstractMessage.Builder
findInitializationErrors, getInitializationErrorString, internalMergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, newUninitializedMessageException, toString

Methods inherited from class com.google.protobuf.AbstractMessageLite.Builder
addAll, addAll, mergeDelimitedFrom, mergeDelimitedFrom, mergeFrom, newUninitializedMessageException

Methods inherited from class java.lang.Object
equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface com.google.protobuf.Message.Builder
mergeDelimitedFrom, mergeDelimitedFrom

Methods inherited from interface com.google.protobuf.MessageLite.Builder
mergeFrom

Methods inherited from interface com.google.protobuf.MessageOrBuilder
findInitializationErrors, getAllFields, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof

Method Detail

getDescriptor

public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

internalGetFieldAccessorTable
```
protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
```
Specified by:

internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessageV3.Builder<JwtProvider.Builder>

clear
```
public JwtProvider.Builder clear()
```
Specified by:

clear in interface com.google.protobuf.Message.Builder

Specified by:

clear in interface com.google.protobuf.MessageLite.Builder

Overrides:

clear in class com.google.protobuf.GeneratedMessageV3.Builder<JwtProvider.Builder>

getDescriptorForType
```
public com.google.protobuf.Descriptors.Descriptor getDescriptorForType()
```
Specified by:

getDescriptorForType in interface com.google.protobuf.Message.Builder

Specified by:

getDescriptorForType in interface com.google.protobuf.MessageOrBuilder

Overrides:

getDescriptorForType in class com.google.protobuf.GeneratedMessageV3.Builder<JwtProvider.Builder>

getDefaultInstanceForType
```
public JwtProvider getDefaultInstanceForType()
```
Specified by:

getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder

Specified by:

getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder

build
```
public JwtProvider build()
```
Specified by:

build in interface com.google.protobuf.Message.Builder

Specified by:

build in interface com.google.protobuf.MessageLite.Builder

buildPartial
```
public JwtProvider buildPartial()
```
Specified by:

buildPartial in interface com.google.protobuf.Message.Builder

Specified by:

buildPartial in interface com.google.protobuf.MessageLite.Builder

clone
```
public JwtProvider.Builder clone()
```
Specified by:

clone in interface com.google.protobuf.Message.Builder

Specified by:

clone in interface com.google.protobuf.MessageLite.Builder

Overrides:

clone in class com.google.protobuf.GeneratedMessageV3.Builder<JwtProvider.Builder>

setField

public JwtProvider.Builder setField(com.google.protobuf.Descriptors.FieldDescriptor field,
                                    Object value)

Specified by:: setField in interface com.google.protobuf.Message.Builder
Overrides:: setField in class com.google.protobuf.GeneratedMessageV3.Builder<JwtProvider.Builder>

clearField
```
public JwtProvider.Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field)
```
Specified by:

clearField in interface com.google.protobuf.Message.Builder

Overrides:

clearField in class com.google.protobuf.GeneratedMessageV3.Builder<JwtProvider.Builder>

clearOneof
```
public JwtProvider.Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof)
```
Specified by:

clearOneof in interface com.google.protobuf.Message.Builder

Overrides:

clearOneof in class com.google.protobuf.GeneratedMessageV3.Builder<JwtProvider.Builder>

setRepeatedField

public JwtProvider.Builder setRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field,
                                            int index,
                                            Object value)

Specified by:: setRepeatedField in interface com.google.protobuf.Message.Builder
Overrides:: setRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<JwtProvider.Builder>

addRepeatedField

public JwtProvider.Builder addRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field,
                                            Object value)

Specified by:: addRepeatedField in interface com.google.protobuf.Message.Builder
Overrides:: addRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<JwtProvider.Builder>

mergeFrom
```
public JwtProvider.Builder mergeFrom(com.google.protobuf.Message other)
```
Specified by:

mergeFrom in interface com.google.protobuf.Message.Builder

Overrides:

mergeFrom in class com.google.protobuf.AbstractMessage.Builder<JwtProvider.Builder>

mergeFrom

public JwtProvider.Builder mergeFrom(JwtProvider other)

isInitialized
```
public final boolean isInitialized()
```
Specified by:

isInitialized in interface com.google.protobuf.MessageLiteOrBuilder

Overrides:

isInitialized in class com.google.protobuf.GeneratedMessageV3.Builder<JwtProvider.Builder>

mergeFrom
```
public JwtProvider.Builder mergeFrom(com.google.protobuf.CodedInputStream input,
                                     com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                              throws IOException
```
Specified by:

mergeFrom in interface com.google.protobuf.Message.Builder

Specified by:

mergeFrom in interface com.google.protobuf.MessageLite.Builder

Overrides:

mergeFrom in class com.google.protobuf.AbstractMessage.Builder<JwtProvider.Builder>

Throws:

IOException

getJwksSourceSpecifierCase
```
public JwtProvider.JwksSourceSpecifierCase getJwksSourceSpecifierCase()
```
Specified by:

getJwksSourceSpecifierCase in interface JwtProviderOrBuilder

clearJwksSourceSpecifier

public JwtProvider.Builder clearJwksSourceSpecifier()

getIssuer

public String getIssuer()

 Specify the `principal <https://tools.ietf.org/html/rfc7519#section-4.1.1>`_ that issued
 the JWT, usually a URL or an email address.
 It is optional. If specified, it has to match the ``iss`` field in JWT,
 otherwise the JWT ``iss`` field is not checked.
 Note: ``JwtRequirement`` :ref:`allow_missing <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtRequirement.allow_missing>`
 and :ref:`allow_missing_or_failed <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtRequirement.allow_missing_or_failed>`
 are implemented differently than other ``JwtRequirements``. Hence the usage of this field
 is different as follows if ``allow_missing`` or ``allow_missing_or_failed`` is used:
 * If a JWT has ``iss`` field, it needs to be specified by this field in one of ``JwtProviders``.
 * If a JWT doesn't have ``iss`` field, one of ``JwtProviders`` should fill this field empty.
 * Multiple ``JwtProviders`` should not have same value in this field.
 Example: https://securetoken.google.com
 Example: 1234567-compute@developer.gserviceaccount.com

string issuer = 1;

Specified by:: getIssuer in interface JwtProviderOrBuilder
Returns:: The issuer.

getIssuerBytes

public com.google.protobuf.ByteString getIssuerBytes()

 Specify the `principal <https://tools.ietf.org/html/rfc7519#section-4.1.1>`_ that issued
 the JWT, usually a URL or an email address.
 It is optional. If specified, it has to match the ``iss`` field in JWT,
 otherwise the JWT ``iss`` field is not checked.
 Note: ``JwtRequirement`` :ref:`allow_missing <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtRequirement.allow_missing>`
 and :ref:`allow_missing_or_failed <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtRequirement.allow_missing_or_failed>`
 are implemented differently than other ``JwtRequirements``. Hence the usage of this field
 is different as follows if ``allow_missing`` or ``allow_missing_or_failed`` is used:
 * If a JWT has ``iss`` field, it needs to be specified by this field in one of ``JwtProviders``.
 * If a JWT doesn't have ``iss`` field, one of ``JwtProviders`` should fill this field empty.
 * Multiple ``JwtProviders`` should not have same value in this field.
 Example: https://securetoken.google.com
 Example: 1234567-compute@developer.gserviceaccount.com

string issuer = 1;

Specified by:: getIssuerBytes in interface JwtProviderOrBuilder
Returns:: The bytes for issuer.

setIssuer

public JwtProvider.Builder setIssuer(String value)

 Specify the `principal <https://tools.ietf.org/html/rfc7519#section-4.1.1>`_ that issued
 the JWT, usually a URL or an email address.
 It is optional. If specified, it has to match the ``iss`` field in JWT,
 otherwise the JWT ``iss`` field is not checked.
 Note: ``JwtRequirement`` :ref:`allow_missing <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtRequirement.allow_missing>`
 and :ref:`allow_missing_or_failed <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtRequirement.allow_missing_or_failed>`
 are implemented differently than other ``JwtRequirements``. Hence the usage of this field
 is different as follows if ``allow_missing`` or ``allow_missing_or_failed`` is used:
 * If a JWT has ``iss`` field, it needs to be specified by this field in one of ``JwtProviders``.
 * If a JWT doesn't have ``iss`` field, one of ``JwtProviders`` should fill this field empty.
 * Multiple ``JwtProviders`` should not have same value in this field.
 Example: https://securetoken.google.com
 Example: 1234567-compute@developer.gserviceaccount.com

string issuer = 1;

Parameters:: value - The issuer to set.
Returns:: This builder for chaining.

clearIssuer

public JwtProvider.Builder clearIssuer()

 Specify the `principal <https://tools.ietf.org/html/rfc7519#section-4.1.1>`_ that issued
 the JWT, usually a URL or an email address.
 It is optional. If specified, it has to match the ``iss`` field in JWT,
 otherwise the JWT ``iss`` field is not checked.
 Note: ``JwtRequirement`` :ref:`allow_missing <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtRequirement.allow_missing>`
 and :ref:`allow_missing_or_failed <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtRequirement.allow_missing_or_failed>`
 are implemented differently than other ``JwtRequirements``. Hence the usage of this field
 is different as follows if ``allow_missing`` or ``allow_missing_or_failed`` is used:
 * If a JWT has ``iss`` field, it needs to be specified by this field in one of ``JwtProviders``.
 * If a JWT doesn't have ``iss`` field, one of ``JwtProviders`` should fill this field empty.
 * Multiple ``JwtProviders`` should not have same value in this field.
 Example: https://securetoken.google.com
 Example: 1234567-compute@developer.gserviceaccount.com

string issuer = 1;

Returns:: This builder for chaining.

setIssuerBytes

public JwtProvider.Builder setIssuerBytes(com.google.protobuf.ByteString value)

 Specify the `principal <https://tools.ietf.org/html/rfc7519#section-4.1.1>`_ that issued
 the JWT, usually a URL or an email address.
 It is optional. If specified, it has to match the ``iss`` field in JWT,
 otherwise the JWT ``iss`` field is not checked.
 Note: ``JwtRequirement`` :ref:`allow_missing <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtRequirement.allow_missing>`
 and :ref:`allow_missing_or_failed <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtRequirement.allow_missing_or_failed>`
 are implemented differently than other ``JwtRequirements``. Hence the usage of this field
 is different as follows if ``allow_missing`` or ``allow_missing_or_failed`` is used:
 * If a JWT has ``iss`` field, it needs to be specified by this field in one of ``JwtProviders``.
 * If a JWT doesn't have ``iss`` field, one of ``JwtProviders`` should fill this field empty.
 * Multiple ``JwtProviders`` should not have same value in this field.
 Example: https://securetoken.google.com
 Example: 1234567-compute@developer.gserviceaccount.com

string issuer = 1;

Parameters:: value - The bytes for issuer to set.
Returns:: This builder for chaining.

getAudiencesList

public com.google.protobuf.ProtocolStringList getAudiencesList()

 The list of JWT `audiences <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ are
 allowed to access. A JWT containing any of these audiences will be accepted. If not specified,
 will not check audiences in the token.
 Example:
 .. code-block:: yaml
     audiences:
     - bookstore_android.apps.googleusercontent.com
     - bookstore_web.apps.googleusercontent.com

repeated string audiences = 2;

Specified by:: getAudiencesList in interface JwtProviderOrBuilder
Returns:: A list containing the audiences.

getAudiencesCount

public int getAudiencesCount()

 The list of JWT `audiences <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ are
 allowed to access. A JWT containing any of these audiences will be accepted. If not specified,
 will not check audiences in the token.
 Example:
 .. code-block:: yaml
     audiences:
     - bookstore_android.apps.googleusercontent.com
     - bookstore_web.apps.googleusercontent.com

repeated string audiences = 2;

Specified by:: getAudiencesCount in interface JwtProviderOrBuilder
Returns:: The count of audiences.

getAudiences

public String getAudiences(int index)

 The list of JWT `audiences <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ are
 allowed to access. A JWT containing any of these audiences will be accepted. If not specified,
 will not check audiences in the token.
 Example:
 .. code-block:: yaml
     audiences:
     - bookstore_android.apps.googleusercontent.com
     - bookstore_web.apps.googleusercontent.com

repeated string audiences = 2;

Specified by:: getAudiences in interface JwtProviderOrBuilder
Parameters:: index - The index of the element to return.
Returns:: The audiences at the given index.

getAudiencesBytes

public com.google.protobuf.ByteString getAudiencesBytes(int index)

 The list of JWT `audiences <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ are
 allowed to access. A JWT containing any of these audiences will be accepted. If not specified,
 will not check audiences in the token.
 Example:
 .. code-block:: yaml
     audiences:
     - bookstore_android.apps.googleusercontent.com
     - bookstore_web.apps.googleusercontent.com

repeated string audiences = 2;

Specified by:: getAudiencesBytes in interface JwtProviderOrBuilder
Parameters:: index - The index of the value to return.
Returns:: The bytes of the audiences at the given index.

setAudiences

public JwtProvider.Builder setAudiences(int index,
                                        String value)

 The list of JWT `audiences <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ are
 allowed to access. A JWT containing any of these audiences will be accepted. If not specified,
 will not check audiences in the token.
 Example:
 .. code-block:: yaml
     audiences:
     - bookstore_android.apps.googleusercontent.com
     - bookstore_web.apps.googleusercontent.com

repeated string audiences = 2;

Parameters:: index - The index to set the value at.; value - The audiences to set.
Returns:: This builder for chaining.

addAudiences

public JwtProvider.Builder addAudiences(String value)

 The list of JWT `audiences <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ are
 allowed to access. A JWT containing any of these audiences will be accepted. If not specified,
 will not check audiences in the token.
 Example:
 .. code-block:: yaml
     audiences:
     - bookstore_android.apps.googleusercontent.com
     - bookstore_web.apps.googleusercontent.com

repeated string audiences = 2;

Parameters:: value - The audiences to add.
Returns:: This builder for chaining.

addAllAudiences

public JwtProvider.Builder addAllAudiences(Iterable<String> values)

 The list of JWT `audiences <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ are
 allowed to access. A JWT containing any of these audiences will be accepted. If not specified,
 will not check audiences in the token.
 Example:
 .. code-block:: yaml
     audiences:
     - bookstore_android.apps.googleusercontent.com
     - bookstore_web.apps.googleusercontent.com

repeated string audiences = 2;

Parameters:: values - The audiences to add.
Returns:: This builder for chaining.

clearAudiences

public JwtProvider.Builder clearAudiences()

 The list of JWT `audiences <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ are
 allowed to access. A JWT containing any of these audiences will be accepted. If not specified,
 will not check audiences in the token.
 Example:
 .. code-block:: yaml
     audiences:
     - bookstore_android.apps.googleusercontent.com
     - bookstore_web.apps.googleusercontent.com

repeated string audiences = 2;

Returns:: This builder for chaining.

addAudiencesBytes

public JwtProvider.Builder addAudiencesBytes(com.google.protobuf.ByteString value)

 The list of JWT `audiences <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ are
 allowed to access. A JWT containing any of these audiences will be accepted. If not specified,
 will not check audiences in the token.
 Example:
 .. code-block:: yaml
     audiences:
     - bookstore_android.apps.googleusercontent.com
     - bookstore_web.apps.googleusercontent.com

repeated string audiences = 2;

Parameters:: value - The bytes of the audiences to add.
Returns:: This builder for chaining.

hasRemoteJwks

public boolean hasRemoteJwks()

 JWKS can be fetched from remote server via HTTP/HTTPS. This field specifies the remote HTTP
 URI and how the fetched JWKS should be cached.
 Example:
 .. code-block:: yaml
    remote_jwks:
      http_uri:
        uri: https://www.googleapis.com/oauth2/v1/certs
        cluster: jwt.www.googleapis.com|443
        timeout: 1s
      cache_duration:
        seconds: 300

.envoy.extensions.filters.http.jwt_authn.v3.RemoteJwks remote_jwks = 3;

Specified by:: hasRemoteJwks in interface JwtProviderOrBuilder
Returns:: Whether the remoteJwks field is set.

getRemoteJwks

public RemoteJwks getRemoteJwks()

 JWKS can be fetched from remote server via HTTP/HTTPS. This field specifies the remote HTTP
 URI and how the fetched JWKS should be cached.
 Example:
 .. code-block:: yaml
    remote_jwks:
      http_uri:
        uri: https://www.googleapis.com/oauth2/v1/certs
        cluster: jwt.www.googleapis.com|443
        timeout: 1s
      cache_duration:
        seconds: 300

.envoy.extensions.filters.http.jwt_authn.v3.RemoteJwks remote_jwks = 3;

Specified by:: getRemoteJwks in interface JwtProviderOrBuilder
Returns:: The remoteJwks.

setRemoteJwks

public JwtProvider.Builder setRemoteJwks(RemoteJwks value)

 JWKS can be fetched from remote server via HTTP/HTTPS. This field specifies the remote HTTP
 URI and how the fetched JWKS should be cached.
 Example:
 .. code-block:: yaml
    remote_jwks:
      http_uri:
        uri: https://www.googleapis.com/oauth2/v1/certs
        cluster: jwt.www.googleapis.com|443
        timeout: 1s
      cache_duration:
        seconds: 300

.envoy.extensions.filters.http.jwt_authn.v3.RemoteJwks remote_jwks = 3;

setRemoteJwks

public JwtProvider.Builder setRemoteJwks(RemoteJwks.Builder builderForValue)

 JWKS can be fetched from remote server via HTTP/HTTPS. This field specifies the remote HTTP
 URI and how the fetched JWKS should be cached.
 Example:
 .. code-block:: yaml
    remote_jwks:
      http_uri:
        uri: https://www.googleapis.com/oauth2/v1/certs
        cluster: jwt.www.googleapis.com|443
        timeout: 1s
      cache_duration:
        seconds: 300

.envoy.extensions.filters.http.jwt_authn.v3.RemoteJwks remote_jwks = 3;

mergeRemoteJwks

public JwtProvider.Builder mergeRemoteJwks(RemoteJwks value)

 JWKS can be fetched from remote server via HTTP/HTTPS. This field specifies the remote HTTP
 URI and how the fetched JWKS should be cached.
 Example:
 .. code-block:: yaml
    remote_jwks:
      http_uri:
        uri: https://www.googleapis.com/oauth2/v1/certs
        cluster: jwt.www.googleapis.com|443
        timeout: 1s
      cache_duration:
        seconds: 300

.envoy.extensions.filters.http.jwt_authn.v3.RemoteJwks remote_jwks = 3;

clearRemoteJwks

public JwtProvider.Builder clearRemoteJwks()

 JWKS can be fetched from remote server via HTTP/HTTPS. This field specifies the remote HTTP
 URI and how the fetched JWKS should be cached.
 Example:
 .. code-block:: yaml
    remote_jwks:
      http_uri:
        uri: https://www.googleapis.com/oauth2/v1/certs
        cluster: jwt.www.googleapis.com|443
        timeout: 1s
      cache_duration:
        seconds: 300

.envoy.extensions.filters.http.jwt_authn.v3.RemoteJwks remote_jwks = 3;

getRemoteJwksBuilder

public RemoteJwks.Builder getRemoteJwksBuilder()

 JWKS can be fetched from remote server via HTTP/HTTPS. This field specifies the remote HTTP
 URI and how the fetched JWKS should be cached.
 Example:
 .. code-block:: yaml
    remote_jwks:
      http_uri:
        uri: https://www.googleapis.com/oauth2/v1/certs
        cluster: jwt.www.googleapis.com|443
        timeout: 1s
      cache_duration:
        seconds: 300

.envoy.extensions.filters.http.jwt_authn.v3.RemoteJwks remote_jwks = 3;

getRemoteJwksOrBuilder

public RemoteJwksOrBuilder getRemoteJwksOrBuilder()

 JWKS can be fetched from remote server via HTTP/HTTPS. This field specifies the remote HTTP
 URI and how the fetched JWKS should be cached.
 Example:
 .. code-block:: yaml
    remote_jwks:
      http_uri:
        uri: https://www.googleapis.com/oauth2/v1/certs
        cluster: jwt.www.googleapis.com|443
        timeout: 1s
      cache_duration:
        seconds: 300

.envoy.extensions.filters.http.jwt_authn.v3.RemoteJwks remote_jwks = 3;

Specified by:: getRemoteJwksOrBuilder in interface JwtProviderOrBuilder

hasLocalJwks

public boolean hasLocalJwks()

 JWKS is in local data source. It could be either in a local file or embedded in the
 inline_string.
 Example: local file
 .. code-block:: yaml
    local_jwks:
      filename: /etc/envoy/jwks/jwks1.txt
 Example: inline_string
 .. code-block:: yaml
    local_jwks:
      inline_string: ACADADADADA

.envoy.config.core.v3.DataSource local_jwks = 4;

Specified by:: hasLocalJwks in interface JwtProviderOrBuilder
Returns:: Whether the localJwks field is set.

getLocalJwks

public DataSource getLocalJwks()

 JWKS is in local data source. It could be either in a local file or embedded in the
 inline_string.
 Example: local file
 .. code-block:: yaml
    local_jwks:
      filename: /etc/envoy/jwks/jwks1.txt
 Example: inline_string
 .. code-block:: yaml
    local_jwks:
      inline_string: ACADADADADA

.envoy.config.core.v3.DataSource local_jwks = 4;

Specified by:: getLocalJwks in interface JwtProviderOrBuilder
Returns:: The localJwks.

setLocalJwks

public JwtProvider.Builder setLocalJwks(DataSource value)

 JWKS is in local data source. It could be either in a local file or embedded in the
 inline_string.
 Example: local file
 .. code-block:: yaml
    local_jwks:
      filename: /etc/envoy/jwks/jwks1.txt
 Example: inline_string
 .. code-block:: yaml
    local_jwks:
      inline_string: ACADADADADA

.envoy.config.core.v3.DataSource local_jwks = 4;

setLocalJwks

public JwtProvider.Builder setLocalJwks(DataSource.Builder builderForValue)

 JWKS is in local data source. It could be either in a local file or embedded in the
 inline_string.
 Example: local file
 .. code-block:: yaml
    local_jwks:
      filename: /etc/envoy/jwks/jwks1.txt
 Example: inline_string
 .. code-block:: yaml
    local_jwks:
      inline_string: ACADADADADA

.envoy.config.core.v3.DataSource local_jwks = 4;

mergeLocalJwks

public JwtProvider.Builder mergeLocalJwks(DataSource value)

 JWKS is in local data source. It could be either in a local file or embedded in the
 inline_string.
 Example: local file
 .. code-block:: yaml
    local_jwks:
      filename: /etc/envoy/jwks/jwks1.txt
 Example: inline_string
 .. code-block:: yaml
    local_jwks:
      inline_string: ACADADADADA

.envoy.config.core.v3.DataSource local_jwks = 4;

clearLocalJwks

public JwtProvider.Builder clearLocalJwks()

 JWKS is in local data source. It could be either in a local file or embedded in the
 inline_string.
 Example: local file
 .. code-block:: yaml
    local_jwks:
      filename: /etc/envoy/jwks/jwks1.txt
 Example: inline_string
 .. code-block:: yaml
    local_jwks:
      inline_string: ACADADADADA

.envoy.config.core.v3.DataSource local_jwks = 4;

getLocalJwksBuilder

public DataSource.Builder getLocalJwksBuilder()

 JWKS is in local data source. It could be either in a local file or embedded in the
 inline_string.
 Example: local file
 .. code-block:: yaml
    local_jwks:
      filename: /etc/envoy/jwks/jwks1.txt
 Example: inline_string
 .. code-block:: yaml
    local_jwks:
      inline_string: ACADADADADA

.envoy.config.core.v3.DataSource local_jwks = 4;

getLocalJwksOrBuilder

public DataSourceOrBuilder getLocalJwksOrBuilder()

 JWKS is in local data source. It could be either in a local file or embedded in the
 inline_string.
 Example: local file
 .. code-block:: yaml
    local_jwks:
      filename: /etc/envoy/jwks/jwks1.txt
 Example: inline_string
 .. code-block:: yaml
    local_jwks:
      inline_string: ACADADADADA

.envoy.config.core.v3.DataSource local_jwks = 4;

Specified by:: getLocalJwksOrBuilder in interface JwtProviderOrBuilder

getForward

public boolean getForward()

 If false, the JWT is removed in the request after a success verification. If true, the JWT is
 not removed in the request. Default value is false.
 caveat: only works for from_header & has no effect for JWTs extracted through from_params & from_cookies.

bool forward = 5;

Specified by:: getForward in interface JwtProviderOrBuilder
Returns:: The forward.

setForward

public JwtProvider.Builder setForward(boolean value)

 If false, the JWT is removed in the request after a success verification. If true, the JWT is
 not removed in the request. Default value is false.
 caveat: only works for from_header & has no effect for JWTs extracted through from_params & from_cookies.

bool forward = 5;

Parameters:: value - The forward to set.
Returns:: This builder for chaining.

clearForward

public JwtProvider.Builder clearForward()

 If false, the JWT is removed in the request after a success verification. If true, the JWT is
 not removed in the request. Default value is false.
 caveat: only works for from_header & has no effect for JWTs extracted through from_params & from_cookies.

bool forward = 5;

Returns:: This builder for chaining.