JwksSignature (micronaut 1.1.0 API)

java.lang.Object
- io.micronaut.security.token.jwt.signature.jwks.JwksSignature

All Implemented Interfaces:

SignatureConfiguration
```
@EachBean(value=JwksSignatureConfiguration.class)
public class JwksSignature
extends Object
implements SignatureConfiguration
```
Signature configuration which enables verification of remote JSON Web Key Set. A bean of this class is created for each JwksSignatureConfiguration.

Since:

1.1.0

Author:

Sergio del Amo

Field Summary

Fields
Modifier and Type Field and Description

static int DEFAULT_REFRESH_JWKS_ATTEMPTS

Fields
Modifier and Type	Field and Description
`static int`	`DEFAULT_REFRESH_JWKS_ATTEMPTS`

Constructor Summary

Constructors
Constructor and Description

JwksSignature(JwksSignatureConfiguration jwksSignatureConfiguration, JwkValidator jwkValidator)

Constructors
Constructor and Description
`JwksSignature(JwksSignatureConfiguration jwksSignatureConfiguration, JwkValidator jwkValidator)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`int`	`getRefreshJwksAttempts()` Returns the number of attempts to refresh the cached JWKS.
`protected com.nimbusds.jose.jwk.JWKSet`	`loadJwkSet(String url)` Instantiates a JWKSet for a give url.
`protected List<com.nimbusds.jose.jwk.JWK>`	`matches(com.nimbusds.jwt.SignedJWT jwt, com.nimbusds.jose.jwk.JWKSet jwkSet, int refreshKeysAttempts)` Calculates a list of JWK matches for a JWT.
`String`	`supportedAlgorithmsMessage()`
`boolean`	`supports(com.nimbusds.jose.JWSAlgorithm algorithm)` Whether this signature configuration supports this algorithm.
`protected boolean`	`verify(List<com.nimbusds.jose.jwk.JWK> matches, com.nimbusds.jwt.SignedJWT jwt)` returns true if any JWK match is able to verify the JWT signature.
`boolean`	`verify(com.nimbusds.jwt.SignedJWT jwt)` Verify a signed JWT.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - DEFAULT_REFRESH_JWKS_ATTEMPTS
```
public static final int DEFAULT_REFRESH_JWKS_ATTEMPTS
```
    See Also:
    
    Constant Field Values
- Constructor Detail
  - JwksSignature
```
public JwksSignature(JwksSignatureConfiguration jwksSignatureConfiguration,
                     JwkValidator jwkValidator)
```
    Parameters:
    
    jwksSignatureConfiguration - JSON Web Key Set configuration.
    
    jwkValidator - JWK Validator to be used.
- Method Detail
  - supportedAlgorithmsMessage
```
public String supportedAlgorithmsMessage()
```
    Specified by:
    
    supportedAlgorithmsMessage in interface SignatureConfiguration
    
    Returns:
    
    A message indicating the supported algorithms.
  - supports
```
public boolean supports(com.nimbusds.jose.JWSAlgorithm algorithm)
```
    Whether this signature configuration supports this algorithm.
    
    Specified by:
    
    supports in interface SignatureConfiguration
    
    Parameters:
    
    algorithm - the signature algorithm
    
    Returns:
    
    whether this signature configuration supports this algorithm
  - verify
```
public boolean verify(com.nimbusds.jwt.SignedJWT jwt)
               throws com.nimbusds.jose.JOSEException
```
    Verify a signed JWT.
    
    Specified by:
    
    verify in interface SignatureConfiguration
    
    Parameters:
    
    jwt - the signed JWT
    
    Returns:
    
    whether the signed JWT is verified
    
    Throws:
    
    com.nimbusds.jose.JOSEException - exception when verifying the JWT
  - loadJwkSet
```
protected com.nimbusds.jose.jwk.JWKSet loadJwkSet(String url)
```
    Instantiates a JWKSet for a give url.
    
    Parameters:
    
    url - JSON Web Key Set Url.
    
    Returns:
    
    a JWKSet or null if there was an error.
  - matches
```
protected List<com.nimbusds.jose.jwk.JWK> matches(com.nimbusds.jwt.SignedJWT jwt,
                                                  @Nullable
                                                  com.nimbusds.jose.jwk.JWKSet jwkSet,
                                                  int refreshKeysAttempts)
```
    Calculates a list of JWK matches for a JWT. Since the JWTSet is cached it attempts to refresh it (by calling its self recursive) if the is > 0.
    
    Parameters:
    
    jwt - A Signed JWT
    
    jwkSet - A JSON Web Key Set
    
    refreshKeysAttempts - Number of times to attempt refreshing the JWK Set
    
    Returns:
    
    a List of JSON Web Keys
  - verify
```
protected boolean verify(List<com.nimbusds.jose.jwk.JWK> matches,
                         com.nimbusds.jwt.SignedJWT jwt)
```
    returns true if any JWK match is able to verify the JWT signature.
    
    Parameters:
    
    matches - A List of JSON Web key matches.
    
    jwt - A JWT to be verified.
    
    Returns:
    
    true if the JWT signature could be verified.
  - getRefreshJwksAttempts
```
public int getRefreshJwksAttempts()
```
    Returns the number of attempts to refresh the cached JWKS.
    
    Returns:
    
    Number of attempts to refresh the cached JWKS.

Class JwksSignature

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

DEFAULT_REFRESH_JWKS_ATTEMPTS

Constructor Detail

JwksSignature

Method Detail

supportedAlgorithmsMessage

supports

verify

loadJwkSet

matches

verify

getRefreshJwksAttempts