@EachBean(value=JwksSignatureConfiguration.class) public class JwksSignature extends Object implements SignatureConfiguration
JwksSignatureConfiguration
.Modifier and Type | Field and Description |
---|---|
static int |
DEFAULT_REFRESH_JWKS_ATTEMPTS |
Constructor and Description |
---|
JwksSignature(JwksSignatureConfiguration jwksSignatureConfiguration,
JwkValidator jwkValidator) |
Modifier and Type | Method and Description |
---|---|
int |
getRefreshJwksAttempts()
Returns the number of attempts to refresh the cached JWKS.
|
protected com.nimbusds.jose.jwk.JWKSet |
loadJwkSet(String url)
Instantiates a JWKSet for a give url.
|
protected List<com.nimbusds.jose.jwk.JWK> |
matches(com.nimbusds.jwt.SignedJWT jwt,
com.nimbusds.jose.jwk.JWKSet jwkSet,
int refreshKeysAttempts)
Calculates a list of JWK matches for a JWT.
|
String |
supportedAlgorithmsMessage() |
boolean |
supports(com.nimbusds.jose.JWSAlgorithm algorithm)
Whether this signature configuration supports this algorithm.
|
protected boolean |
verify(List<com.nimbusds.jose.jwk.JWK> matches,
com.nimbusds.jwt.SignedJWT jwt)
returns true if any JWK match is able to verify the JWT signature.
|
boolean |
verify(com.nimbusds.jwt.SignedJWT jwt)
Verify a signed JWT.
|
public static final int DEFAULT_REFRESH_JWKS_ATTEMPTS
public JwksSignature(JwksSignatureConfiguration jwksSignatureConfiguration, JwkValidator jwkValidator)
jwksSignatureConfiguration
- JSON Web Key Set configuration.jwkValidator
- JWK Validator to be used.public String supportedAlgorithmsMessage()
supportedAlgorithmsMessage
in interface SignatureConfiguration
public boolean supports(com.nimbusds.jose.JWSAlgorithm algorithm)
supports
in interface SignatureConfiguration
algorithm
- the signature algorithmpublic boolean verify(com.nimbusds.jwt.SignedJWT jwt) throws com.nimbusds.jose.JOSEException
verify
in interface SignatureConfiguration
jwt
- the signed JWTcom.nimbusds.jose.JOSEException
- exception when verifying the JWTprotected com.nimbusds.jose.jwk.JWKSet loadJwkSet(String url)
url
- JSON Web Key Set Url.protected List<com.nimbusds.jose.jwk.JWK> matches(com.nimbusds.jwt.SignedJWT jwt, @Nullable com.nimbusds.jose.jwk.JWKSet jwkSet, int refreshKeysAttempts)
jwt
- A Signed JWTjwkSet
- A JSON Web Key SetrefreshKeysAttempts
- Number of times to attempt refreshing the JWK Setprotected boolean verify(List<com.nimbusds.jose.jwk.JWK> matches, com.nimbusds.jwt.SignedJWT jwt)
matches
- A List of JSON Web key matches.jwt
- A JWT to be verified.public int getRefreshJwksAttempts()