@EachBean(value=JwksSignatureConfiguration.class) public class JwksSignature extends java.lang.Object implements SignatureConfiguration
JwksSignatureConfiguration
.Modifier and Type | Field and Description |
---|---|
static int |
DEFAULT_REFRESH_JWKS_ATTEMPTS |
Constructor and Description |
---|
JwksSignature(JwksSignatureConfiguration jwksSignatureConfiguration,
JwkValidator jwkValidator) |
JwksSignature(java.lang.String url,
com.nimbusds.jose.jwk.KeyType keyType,
JwkValidator jwkValidator) |
Modifier and Type | Method and Description |
---|---|
com.nimbusds.jose.jwk.JWKSet |
getJwkSet() |
JwkValidator |
getJwkValidator() |
com.nimbusds.jose.jwk.KeyType |
getKeyType() |
int |
getRefreshJwksAttempts()
Returns the number of attempts to refresh the cached JWKS.
|
java.lang.String |
getUrl() |
protected com.nimbusds.jose.jwk.JWKSet |
loadJwkSet(java.lang.String url)
Instantiates a JWKSet for a give url.
|
protected java.util.List<com.nimbusds.jose.jwk.JWK> |
matches(com.nimbusds.jwt.SignedJWT jwt,
com.nimbusds.jose.jwk.JWKSet jwkSet,
int refreshKeysAttempts)
Calculates a list of JWK matches for a JWT.
|
java.lang.String |
supportedAlgorithmsMessage() |
boolean |
supports(com.nimbusds.jose.JWSAlgorithm algorithm)
Whether this signature configuration supports this algorithm.
|
protected boolean |
verify(java.util.List<com.nimbusds.jose.jwk.JWK> matches,
com.nimbusds.jwt.SignedJWT jwt)
returns true if any JWK match is able to verify the JWT signature.
|
boolean |
verify(com.nimbusds.jwt.SignedJWT jwt)
Verify a signed JWT.
|
public static final int DEFAULT_REFRESH_JWKS_ATTEMPTS
@Inject public JwksSignature(JwksSignatureConfiguration jwksSignatureConfiguration, JwkValidator jwkValidator)
jwksSignatureConfiguration
- JSON Web Key Set configuration.jwkValidator
- JWK Validator to be used.@Inject public JwksSignature(java.lang.String url, @Nullable com.nimbusds.jose.jwk.KeyType keyType, JwkValidator jwkValidator)
url
- The JWK urlkeyType
- The JWK key typejwkValidator
- JWK Validator to be used.public java.lang.String supportedAlgorithmsMessage()
supportedAlgorithmsMessage
in interface SignatureConfiguration
public boolean supports(com.nimbusds.jose.JWSAlgorithm algorithm)
supports
in interface SignatureConfiguration
algorithm
- the signature algorithmpublic boolean verify(com.nimbusds.jwt.SignedJWT jwt) throws com.nimbusds.jose.JOSEException
verify
in interface SignatureConfiguration
jwt
- the signed JWTcom.nimbusds.jose.JOSEException
- exception when verifying the JWTprotected com.nimbusds.jose.jwk.JWKSet loadJwkSet(java.lang.String url)
url
- JSON Web Key Set Url.protected java.util.List<com.nimbusds.jose.jwk.JWK> matches(com.nimbusds.jwt.SignedJWT jwt, @Nullable com.nimbusds.jose.jwk.JWKSet jwkSet, int refreshKeysAttempts)
refreshKeysAttempts
is > 0.jwt
- A Signed JWTjwkSet
- A JSON Web Key SetrefreshKeysAttempts
- Number of times to attempt refreshing the JWK Setprotected boolean verify(java.util.List<com.nimbusds.jose.jwk.JWK> matches, com.nimbusds.jwt.SignedJWT jwt)
matches
- A List of JSON Web key matches.jwt
- A JWT to be verified.public int getRefreshJwksAttempts()
public JwkValidator getJwkValidator()
public com.nimbusds.jose.jwk.JWKSet getJwkSet()
public com.nimbusds.jose.jwk.KeyType getKeyType()
public java.lang.String getUrl()