You are here

Home » API reference » JSON Web Token Authentication (JWT) 8.0 » JwtAuthEvents.php

final class JwtAuthEvents in JSON Web Token Authentication (JWT) 8.0

Same name and namespace in other branches
  1. 8 src/Authentication/Event/JwtAuthEvents.php \Drupal\jwt\Authentication\Event\JwtAuthEvents

Class JwtAuthEvents.

@package Drupal\jwt\Authentication\Event

Hierarchy

Expanded class hierarchy of JwtAuthEvents

3 files declare their use of JwtAuthEvents
JwtAuth.php in src/Authentication/Provider/JwtAuth.php
JwtAuthConsumerSubscriber.php in modules/jwt_auth_consumer/src/EventSubscriber/JwtAuthConsumerSubscriber.php
JwtAuthIssuerSubscriber.php in modules/jwt_auth_issuer/src/EventSubscriber/JwtAuthIssuerSubscriber.php

File

src/Authentication/Event/JwtAuthEvents.php, line 10

Namespace

Drupal\jwt\Authentication\Event
View source 
final class JwtAuthEvents {

  /**
   * Name of the event fired before validating a JWT.
   *
   * This event allows modules to provide custom validations for a JWT.
   * Subscribers should assume every token is invalid. Therefore, this event
   * should NOT perform any actions that depend on a valid JWT. This allows
   * other subscribers to invalidate the JWT. Actions that depend on a valid
   * token should use the VALID event.
   *
   * @Event
   *
   * @var string
   */
  const VALIDATE = 'jwt.validate';

  /**
   * Name of the event fired after a JWT has been validated.
   *
   * This event fires after a token has been validated. Responders to this event
   * should respond with a valid Drupal user ID. Subscribers may use this event
   * to create new users based on the JWT payload if necessary. Note that this
   * event fires AFTER the token has already been validated. Subscribers should
   * not attempt to prevent authentication during this event. They should
   * instead use the VALIDATE event.
   *
   * @Event
   *
   * @var string
   */
  const VALID = 'jwt.valid';

  /**
   * Name of the event fired before a new JWT is encoded.
   *
   * This event fires prior to a new JWT is encoded. The event contains the
   * payload of the JWT. Subscribers should use this event to add any claims to
   * the JWT before it is given to the client. Bear in mind, JWTs are not
   * encrypted, just signed. Subscribers should not store sensitive information
   * in a JWT.
   *
   * @Event
   *
   * @var string
   */
  const GENERATE = 'jwt.generate';

}

Members

Namesort descending Modifiers Type Description Overrides
JwtAuthEvents::GENERATE constant Name of the event fired before a new JWT is encoded.
JwtAuthEvents::VALID constant Name of the event fired after a JWT has been validated.
JwtAuthEvents::VALIDATE constant Name of the event fired before validating a JWT.