JWT Interceptions

The JWT Services will announce some key events for you to listen to
cbSecurity_onJWTCreation - Whenever a new token is generated for a user
cbSecurity_onJWTInvalidation - Whenever an invalidation occurs for a token
cbSecurity_onJWTValidAuthentication - Whenever a valid JWT token is parsed, tested and authenticated with the authentication services
cbSecurity_onJWTInvalidUser - When trying to find the token's subject and the user service returns null or not a valid user
cbSecurity_onJWTInvalidClaims - When the parsed token does not adhere to the required claims
cbSecurity_onJWTExpiration - When the parsed token has expired
cbSecurity_onJWTStorageRejection - When the parsed token is valid but cannot be found in the permanent storage
cbSecurity_onJWTValidParsing - When the parsed token has passed all validation procedures but has NOT been authenticated yet.
cbSecurity_onJWTCreation
This event has the following data in the interceptData struct
Key
Description
token
The JWT token
payload
The payload that was used to create it
user
The user it belongs to
cbSecurity_onJWTInvalidation
This event has the following data in the interceptData struct
Key
Description
token
The JWT token that was invalidated
cbSecurity_onJWTValidAuthentication
This event has the following data in the interceptData struct
Key
Description
token
The JWT token that was parsed
payload
The payload that was decoded
user
The authenticated user
cbSecurity_onJWTInvalidUser
This event has the following data in the interceptData struct
Key
Description
token
The JWT token that was parsed
payload
The JWT payload that was parsed
cbSecurity_onJWTInvalidClaims
This event has the following data in the interceptData struct
Key
Description
token
The JWT token that was parsed
payload
The JWT payload that was parsed
cbSecurity_onJWTExpiration
This event has the following data in the interceptData struct
Key
Description
token
The JWT token that was parsed
payload
The JWT payload that was parsed
cbSecurity_onJWTStorageRejection
This event has the following data in the interceptData struct
Key
Description
token
The JWT token that was parsed
payload
The JWT payload that was parsed
cbSecurity_onJWTValidParsing
This event has the following data in the interceptData struct
Key
Description
token
The JWT token that was parsed
payload
The JWT payload that was parsed
Example
interceptors/SecurityAudit.cfc
component extends="coldbox.system.Interceptor"{
​
    function cbSecurity_onJWTCreation( event, interceptData ){
        // do what you like here
    }
​
}

JWT - Previous

Token Storage

Last modified 1mo ago

Key	Description
`token`	The JWT token
`payload`	The payload that was used to create it
`user`	The user it belongs to

Key	Description
`token`	The JWT token that was parsed
`payload`	The payload that was decoded
`user`	The authenticated user