This class will load system provided hashing strategies and algorithms.

Please consult the documentation for a detailed explanation.

When applicable, use of VertxContextPRNG rather than create new PRNG objects is helpful to keep the system entropy usage to the minimum avoiding potential blocking across the application.

The use of VertxContextPRNG is particularly appropriate when multiple handlers use random numbers.

By default the hashing strategy is SHA-512. If you're already running in production this is backwards compatible, however for new deployments or security upgrades it is recommended to use the PBKDF2 strategy as it is the current OWASP recommendation for password storage.

You can implement this to provide a different hashing strategy to the default.

If any expiresInMinutes, audience, subject, issuer are not provided, there is no default. The jwt generated won't include those properties in the payload.

Generated JWTs will include an iat claim by default unless noTimestamp is specified.

Users are to implement the isAuthorized method to verify authorities. For provides that do not export the permissions/roles in the token, this interface allows you to communicate with 3rd party services such as graph APIs to collect the required data.

The contract is that once an authority is checked for a given user, it's value is cached during the execution of the request. If a user is stored to a persistent storage, or the token is introspected, the cache is cleared and a new call will be handled to the implementation.

This class represents a secure response from a Oauth2 fetch call.

A fetch is a simplified HTTP response from a protected resource.