JwtOptions class

Configuration options for JWT verification.

Controls how tokens are extracted, validated, and which keys are used for signature verification. Supports both inline keys and remote JWKS endpoints.

final options = JwtOptions(
  issuer: 'https://auth.example.com',
  audience: ['my-api'],
  jwksUri: Uri.parse('https://auth.example.com/.well-known/jwks.json'),
);

Constructors

JwtOptions({bool enabled = true, String? issuer, List<String> audience = const <String>[], List<String> requiredClaims = const <String>[], Uri? jwksUri, List<Map<String, dynamic>> inlineKeys = const <Map<String, dynamic>>[], List<String> algorithms = const <String>['RS256'], Duration clockSkew = const Duration(seconds: 60), Duration jwksCacheTtl = const Duration(minutes: 5), String header = 'Authorization', String bearerPrefix = 'Bearer ', String cookieName = 'routed_auth_token'})

Creates a JwtOptions instance with the specified parameters.

const

Properties

algorithms → List<String>

The allowed algorithms for JWT signature verification.

final

audience → List<String>

The expected audience (aud) values for the JWT.

final

bearerPrefix → String

The prefix expected before the token in the authorization header.

final

clockSkew → Duration

The allowed clock skew for token expiry and not-before validation.

final

cookieName → String

The cookie name used to read or write JWT tokens.

final

enabled → bool

Whether JWT verification is enabled.

final

hashCode → int

The hash code for this object.

no setter, inherited

header → String

The HTTP header used to extract the JWT.

final

inlineKeys → List<Map<String, dynamic>>

Inline JSON Web Keys for verifying tokens.

final

issuer → String?

The expected issuer (iss) claim of the JWT.

final

jwksCacheTtl → Duration

The cache time-to-live for fetched JWKS keys.

final

jwksUri → Uri?

The URI for fetching JSON Web Key Sets (JWKS).

final

requiredClaims → List<String>

The claim names that must be present in the JWT.

final

runtimeType → Type

A representation of the runtime type of the object.

no setter, inherited

Methods

copyWith({bool? enabled, String? issuer, List<String>? audience, List<String>? requiredClaims, Uri? jwksUri, List<Map<String, dynamic>>? inlineKeys, List<String>? algorithms, Duration? clockSkew, Duration? jwksCacheTtl, String? header, String? bearerPrefix, String? cookieName}) → JwtOptions

Creates a copy of this JwtOptions with the specified overrides.

noSuchMethod(Invocation invocation) → dynamic

Invoked when a nonexistent method or property is accessed.

inherited

toString() → String

A string representation of this object.

inherited

Operators

operator ==(Object other) → bool

The equality operator.

inherited