Package com.sun.identity.entitlement

Class JwtClaimSubject

  • All Implemented Interfaces:
    EntitlementSubject
    public class JwtClaimSubject
extends Object
implements EntitlementSubject
    A policy subject condition that examines claims in a Json Web Token (JWT) subject, such as an OpenID Connect ID token. Currently only supports testing claims for string equality and contained in collection.

    • Constructor Detail

      • JwtClaimSubject

        public JwtClaimSubject()

    • Method Detail

      • setState

        public void setState​(String state)
        Description copied from interface: EntitlementSubject
        Sets state of this object from a JSON string.
        Specified by:
        setState in interface EntitlementSubject
        Parameters:
        state - State of the object encoded as a JSON string

      • getState

        public String getState()
        Description copied from interface: EntitlementSubject
        Returns state of the object encoded as a JSON string.
        Specified by:
        getState in interface EntitlementSubject
        Returns:
        state of the object encoded as a JSON string.

      • getSearchIndexAttributes

        public Map<String,​Set<String>> getSearchIndexAttributes()
        Description copied from interface: EntitlementSubject
        Returns attribute names and values that could be used for indexing. These values will be used by the authorization engine to obtain the applicable policies for a given Subject.
        Specified by:
        getSearchIndexAttributes in interface EntitlementSubject
        Returns:
        a map of key-value pairs that will be used for indexing the entitlements that contain this EntitlementSubject.

      • getRequiredAttributeNames

        public Set<String> getRequiredAttributeNames()
        Description copied from interface: EntitlementSubject
        Returns a set of attribute names that are used for evaluation. During evaluation, the Evaluator would try to populate these attributes in the Subject for the EntitlementSubject's consumption.
        Specified by:
        getRequiredAttributeNames in interface EntitlementSubject
        Returns:
        a set of attributes that would be required by the EntitlementSubject's implementation.

      • claimMatches

        public boolean claimMatches​(org.forgerock.json.JsonValue claim,
                            String claimValue)

      • isIdentity

        public boolean isIdentity()
        Description copied from interface: EntitlementSubject
        Returns true is this subject is an identity object.
        Specified by:
        isIdentity in interface EntitlementSubject
        Returns:
        true is this subject is an identity object.

      • setClaimName

        public void setClaimName​(String claim)

      • getClaimName

        public String getClaimName()

      • setClaimValue

        public void setClaimValue​(String value)

      • getClaimValue

        public String getClaimValue()

      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class Object