Deprecated API

Contents

• Deprecated Interfaces
• Deprecated Classes
• Deprecated Enums
• Deprecated Exceptions
• Deprecated Fields
• Deprecated Methods
• Deprecated Constructors

Deprecated Interfaces

Interface and Description
io.jsonwebtoken.CompressionCodec since 0.12.0 in favor of CompressionAlgorithm to equal the RFC name for this concept.
io.jsonwebtoken.CompressionCodecResolver in favor of JwtParserBuilder.zip()
io.jsonwebtoken.JwtHandler since 0.12.0 in favor of calling Jwt.accept(JwtVisitor).
io.jsonwebtoken.SigningKeyResolver since 0.12.0. Implement Locator instead.

Deprecated Classes

Class and Description
io.jsonwebtoken.CompressionCodecs in favor of Jwts.ZIP.
io.jsonwebtoken.lang.RuntimeEnvironment since 0.12.0. will be removed before the 1.0 final release.
io.jsonwebtoken.SigningKeyResolverAdapter since 0.12.0. Use LocatorAdapter with JwtParserBuilder.keyLocator(Locator)

Deprecated Enums

Enum and Description
io.jsonwebtoken.SignatureAlgorithm since 0.12.0; use Jwts.SIG instead.

Deprecated Exceptions

Exceptions and Description
io.jsonwebtoken.SignatureException in favor of SignatureException; this class will be removed before 1.0

Deprecated Fields

Field and Description
io.jsonwebtoken.Header.ALGORITHM since 0.12.0 in favor of Header.getAlgorithm().
io.jsonwebtoken.JwsHeader.ALGORITHM since 0.12.0 in favor of Header.getAlgorithm()
io.jsonwebtoken.lang.RuntimeEnvironment.BOUNCY_CASTLE_AVAILABLE since 0.12.0. will be removed before the 1.0 final release.
io.jsonwebtoken.Header.COMPRESSION_ALGORITHM since 0.12.0 in favor of Header.getCompressionAlgorithm()
io.jsonwebtoken.Header.CONTENT_TYPE since 0.12.0 in favor of Header.getContentType().
io.jsonwebtoken.JwsHeader.CRITICAL since 0.12.0 in favor of ProtectedHeader.getCritical()
io.jsonwebtoken.CompressionCodecs.DEFLATE in favor of Jwts.ZIP.DEF.
io.jsonwebtoken.Header.DEPRECATED_COMPRESSION_ALGORITHM use Header.COMPRESSION_ALGORITHM instead.
io.jsonwebtoken.CompressionCodecs.GZIP in favor of Jwts.ZIP.GZIP
io.jsonwebtoken.ClaimJwtException.INCORRECT_EXPECTED_CLAIM_MESSAGE_TEMPLATE will be removed in a future release.
io.jsonwebtoken.JwsHeader.JSON_WEB_KEY since 0.12.0 in favor of ProtectedHeader.getJwk()
io.jsonwebtoken.JwsHeader.JWK_SET_URL since 0.12.0 in favor of ProtectedHeader.getJwkSetUrl()
io.jsonwebtoken.Header.JWT_TYPE since 0.12.0 - this constant is never used within the JJWT codebase.
io.jsonwebtoken.JwsHeader.KEY_ID since 0.12.0 in favor of ProtectedHeader.getKeyId()
io.jsonwebtoken.ClaimJwtException.MISSING_EXPECTED_CLAIM_MESSAGE_TEMPLATE will be removed in a future release.
io.jsonwebtoken.Header.TYPE since 0.12.0 in favor of Header.getType().
io.jsonwebtoken.JwsHeader.X509_CERT_CHAIN since 0.12.0 in favor of X509Accessor.getX509Chain()
io.jsonwebtoken.JwsHeader.X509_CERT_SHA1_THUMBPRINT since 0.12.0 in favor of X509Accessor.getX509Sha1Thumbprint()
io.jsonwebtoken.JwsHeader.X509_CERT_SHA256_THUMBPRINT since 0.12.0 in favor of X509Accessor.getX509Sha256Thumbprint()
io.jsonwebtoken.JwsHeader.X509_URL since 0.12.0 in favor of X509Accessor.getX509Url()

Deprecated Methods

Method and Description
io.jsonwebtoken.JwtBuilder.addClaims(Map) since 0.12.0 in favor of JwtBuilder.claims().add(Map).and(). This method will be removed before the 1.0 release.
io.jsonwebtoken.JwtParserBuilder.base64UrlDecodeWith(Decoder) since 0.12.0 in favor of JwtParserBuilder.b64Url(Decoder). This method will be removed before the JJWT 1.0 release.
io.jsonwebtoken.JwtBuilder.base64UrlEncodeWith(Encoder) since 0.12.0 in favor of JwtBuilder.b64Url(Encoder).
io.jsonwebtoken.Jwts.claims(Map) since 0.12.0 in favor of Jwts.Jwts.claims().putAll(map).build(). This method will be removed before 1.0.
io.jsonwebtoken.CompressionCodec.compress(byte[])
io.jsonwebtoken.CompressionCodec.decompress(byte[])
io.jsonwebtoken.io.Deserializer.deserialize(byte[]) since 0.12.0 in favor of Deserializer.deserialize(Reader)
io.jsonwebtoken.JwtParserBuilder.deserializeJsonWith(Deserializer>) since 0.12.0 in favor of JwtParserBuilder.json(Deserializer). This method will be removed before the JJWT 1.0 release.
io.jsonwebtoken.lang.RuntimeEnvironment.enableBouncyCastleIfPossible() since 0.12.0. will be removed before the 1.0 final release.
io.jsonwebtoken.CompressionCodec.getAlgorithmName() since 0.12.0 in favor of Identifiable.getId() to ensure congruence with all other identifiable algorithms.
io.jsonwebtoken.Jwt.getBody() since 0.12.0 because it has been renamed to Jwt.getPayload(). 'Payload' (not body) is what the JWT specifications call this property, so it has been renamed to reflect the correct JWT nomenclature/taxonomy.
io.jsonwebtoken.Jws.getSignature() since 0.12.0 in favor of getDigest().
io.jsonwebtoken.security.Keys.keyPairFor(SignatureAlgorithm) since 0.12.0 in favor of your preferred SignatureAlgorithm instance's keyPair() builder method directly.
io.jsonwebtoken.JwtParser.parse(CharSequence, JwtHandler) since 0.12.0 in favor of JwtParser.parse(CharSequence).accept(visitor);
io.jsonwebtoken.JwtParser.parseClaimsJws(CharSequence) since 0.12.0 in favor of JwtParser.parseSignedClaims(CharSequence).
io.jsonwebtoken.JwtParser.parseClaimsJwt(CharSequence) since 0.12.0 in favor of JwtParser.parseUnsecuredClaims(CharSequence).
io.jsonwebtoken.JwtParser.parseContentJws(CharSequence) since 0.12.0 in favor of JwtParser.parseSignedContent(CharSequence).
io.jsonwebtoken.JwtParser.parseContentJwt(CharSequence) since 0.12.0 in favor of JwtParser.parseUnsecuredContent(CharSequence).
io.jsonwebtoken.security.Keys.secretKeyFor(SignatureAlgorithm) since 0.12.0. Use your preferred MacAlgorithm instance's key() builder method directly.
io.jsonwebtoken.io.Serializer.serialize(T) since 0.12.0 in favor of Serializer.serialize(Object, OutputStream)
io.jsonwebtoken.JwtBuilder.serializeToJsonWith(Serializer>) since 0.12.0 in favor of JwtBuilder.json(Serializer)
io.jsonwebtoken.ProtectedHeaderMutator.setAlgorithm(String) since 0.12.0 and will be removed before the 1.0 release.
io.jsonwebtoken.JwtParserBuilder.setAllowedClockSkewSeconds(long) since 0.12.0 in favor of the shorter and more modern builder-style named JwtParserBuilder.clockSkewSeconds(long). This method will be removed before the JJWT 1.0 release.
io.jsonwebtoken.ClaimsMutator.setAudience(String) since 0.12.0 in favor of ClaimsMutator.audience(). This method will be removed before the JJWT 1.0 release.
io.jsonwebtoken.JwtBuilder.setClaims(Map) since 0.12.0 in favor of using the JwtBuilder.claims() builder.
io.jsonwebtoken.JwtParserBuilder.setClock(Clock) since 0.12.0 for the more modern builder-style named JwtParserBuilder.clock(Clock) method. This method will be removed before the JJWT 1.0 release.
io.jsonwebtoken.HeaderMutator.setCompressionAlgorithm(String) since 0.12.0 and will be removed before the 1.0 release.
io.jsonwebtoken.JwtParserBuilder.setCompressionCodecResolver(CompressionCodecResolver) since 0.12.0 in favor of JwtParserBuilder.zip(). This method will be removed before the 1.0 release.
io.jsonwebtoken.HeaderMutator.setContentType(String) since 0.12.0 in favor of the more modern builder-style HeaderMutator.contentType(String).
io.jsonwebtoken.ClaimsMutator.setExpiration(Date) since 0.12.0 in favor of the shorter and more modern builder-style named ClaimsMutator.expiration(Date). This method will be removed before the JJWT 1.0 release.
io.jsonwebtoken.JwtBuilder.setHeader(Map) since 0.12.0 in favor of JwtBuilder.header().empty().add(map).and() (to replace all header parameters) or JwtBuilder.header().add(map).and() to only append the map entries. This method will be removed before the 1.0 release.
io.jsonwebtoken.JwtBuilder.setHeaderParam(String, Object) since 0.12.0 in favor of JwtBuilder.header().add(name, value).and(). This method will be removed before the 1.0 release.
io.jsonwebtoken.JwtBuilder.setHeaderParams(Map) since 0.12.0 in favor of JwtBuilder.header().add(map).and(). This method will be removed before the 1.0 release.
io.jsonwebtoken.ClaimsMutator.setId(String) since 0.12.0 in favor of the shorter and more modern builder-style named ClaimsMutator.id(String). This method will be removed before the JJWT 1.0 release.
io.jsonwebtoken.ClaimsMutator.setIssuedAt(Date) since 0.12.0 in favor of the shorter and more modern builder-style named ClaimsMutator.issuedAt(Date). This method will be removed before the JJWT 1.0 release.
io.jsonwebtoken.ClaimsMutator.setIssuer(String) since 0.12.0 in favor of the shorter and more modern builder-style named ClaimsMutator.issuer(String). This method will be removed before the JJWT 1.0 release.
io.jsonwebtoken.ProtectedHeaderMutator.setKeyId(String) since 0.12.0 in favor of the more modern builder-style ProtectedHeaderMutator.keyId(String) method.
io.jsonwebtoken.ClaimsMutator.setNotBefore(Date) since 0.12.0 in favor of the shorter and more modern builder-style named ClaimsMutator.notBefore(Date). This method will be removed before the JJWT 1.0 release.
io.jsonwebtoken.JwtBuilder.setPayload(String) since 0.12.0 in favor of JwtBuilder.content(String) because both Claims and Content are technically 'payloads', so this method name is misleading. This method will be removed before the 1.0 release.
io.jsonwebtoken.JwtParserBuilder.setSigningKey(byte[]) since 0.12.0 in favor of JwtParserBuilder.verifyWith(SecretKey) for type safety and name congruence with the JwtParserBuilder.decryptWith(SecretKey) method.
io.jsonwebtoken.JwtParserBuilder.setSigningKey(Key) since 0.12.0 in favor of JwtParserBuilder.verifyWith(SecretKey) for naming congruence with the JwtParserBuilder.decryptWith(SecretKey) method.
io.jsonwebtoken.JwtParserBuilder.setSigningKey(String) in favor of JwtParserBuilder.verifyWith(SecretKey) as explained in the above Deprecation Notice, and will be removed in 1.0.0.
io.jsonwebtoken.JwtParserBuilder.setSigningKeyResolver(SigningKeyResolver) since 0.12.0 in favor of JwtParserBuilder.keyLocator(Locator)
io.jsonwebtoken.ClaimsMutator.setSubject(String) since 0.12.0 in favor of the shorter and more modern builder-style named ClaimsMutator.subject(String). This method will be removed before the JJWT 1.0 release.
io.jsonwebtoken.HeaderMutator.setType(String) since 0.12.0 in favor of the more modern builder-style HeaderMutator.type(String) method. This method will be removed before the 1.0 release.
io.jsonwebtoken.JwtBuilder.signWith(Key, SignatureAlgorithm) since 0.12.0 to use the more flexible JwtBuilder.signWith(Key, SecureDigestAlgorithm).
io.jsonwebtoken.JwtBuilder.signWith(SignatureAlgorithm, byte[]) as of 0.10.0: use Keys.hmacShaKeyFor(bytes) to obtain the Key and then invoke JwtBuilder.signWith(Key) or JwtBuilder.signWith(Key, SecureDigestAlgorithm). This method will be removed in the 1.0 release.
io.jsonwebtoken.JwtBuilder.signWith(SignatureAlgorithm, Key) since 0.10.0. Use JwtBuilder.signWith(Key, SecureDigestAlgorithm) instead. This method will be removed before the 1.0 release.
io.jsonwebtoken.JwtBuilder.signWith(SignatureAlgorithm, String) as of 0.10.0: use JwtBuilder.signWith(Key) or JwtBuilder.signWith(Key, SignatureAlgorithm) instead. This method will be removed in the 1.0 release.
io.jsonwebtoken.ClaimsMutator.AudienceCollection.single(String) This is technically not deprecated because the JWT RFC mandates support for single string values, but it is marked as deprecated to discourage its use when possible.

Deprecated Constructors

Constructor and Description
io.jsonwebtoken.MissingClaimException(Header, Claims, String, Object, String, Throwable) since 0.12.0 since it is not used in JJWT's codebase
io.jsonwebtoken.PrematureJwtException(Header, Claims, String, Throwable) since 0.12.0 since it is not used in JJWT's codebase