@EachBean(value=JwksSignatureConfiguration.class) public class JwksSignature extends java.lang.Object implements JwksCache, SignatureConfiguration
JwksSignatureConfiguration
.Modifier and Type | Field and Description |
---|---|
static int |
DEFAULT_REFRESH_JWKS_ATTEMPTS
Deprecated.
|
Constructor and Description |
---|
JwksSignature(JwksSignatureConfiguration jwksSignatureConfiguration,
JwkValidator jwkValidator)
Deprecated.
|
JwksSignature(JwksSignatureConfiguration jwksSignatureConfiguration,
JwkValidator jwkValidator,
JwkSetFetcher<com.nimbusds.jose.jwk.JWKSet> jwkSetFetcher) |
JwksSignature(java.lang.String url,
com.nimbusds.jose.jwk.KeyType keyType,
JwkValidator jwkValidator)
Deprecated.
|
Modifier and Type | Method and Description |
---|---|
void |
clear()
Clears the JWK Set cache.
|
com.nimbusds.jose.jwk.JWKSet |
getJwkSet()
Deprecated.
|
JwkValidator |
getJwkValidator()
Deprecated.
|
java.util.Optional<java.util.List<java.lang.String>> |
getKeyIds() |
com.nimbusds.jose.jwk.KeyType |
getKeyType()
Deprecated.
|
int |
getRefreshJwksAttempts()
Deprecated.
|
java.lang.String |
getUrl()
Deprecated.
|
boolean |
isExpired() |
boolean |
isPresent() |
protected com.nimbusds.jose.jwk.JWKSet |
loadJwkSet(java.lang.String url)
Instantiates a JWKSet for a given url.
|
protected java.util.List<com.nimbusds.jose.jwk.JWK> |
matches(com.nimbusds.jwt.SignedJWT jwt,
com.nimbusds.jose.jwk.JWKSet jwkSet)
Calculates a list of JWK matches for a JWT.
|
protected java.util.List<com.nimbusds.jose.jwk.JWK> |
matches(com.nimbusds.jwt.SignedJWT jwt,
com.nimbusds.jose.jwk.JWKSet jwkSet,
int refreshKeysAttempts)
Deprecated.
Use
matches(SignedJWT, JWKSet) instead |
java.lang.String |
supportedAlgorithmsMessage() |
boolean |
supports(com.nimbusds.jose.JWSAlgorithm algorithm)
Whether this signature configuration supports this algorithm.
|
protected boolean |
verify(java.util.List<com.nimbusds.jose.jwk.JWK> matches,
com.nimbusds.jwt.SignedJWT jwt)
returns true if any JWK match is able to verify the JWT signature.
|
boolean |
verify(com.nimbusds.jwt.SignedJWT jwt)
Verify a signed JWT.
|
@Deprecated public static final int DEFAULT_REFRESH_JWKS_ATTEMPTS
@Inject public JwksSignature(JwksSignatureConfiguration jwksSignatureConfiguration, JwkValidator jwkValidator, JwkSetFetcher<com.nimbusds.jose.jwk.JWKSet> jwkSetFetcher)
jwksSignatureConfiguration
- JSON Web Key Set configuration.jwkValidator
- JWK Validator to be used.jwkSetFetcher
- Json Web Key Set fetcher@Deprecated public JwksSignature(JwksSignatureConfiguration jwksSignatureConfiguration, JwkValidator jwkValidator)
JwksSignature(JwksSignatureConfiguration, JwkValidator, JwkSetFetcher)
instead.jwksSignatureConfiguration
- JSON Web Key Set configuration.jwkValidator
- JWK Validator to be used.@Deprecated public JwksSignature(java.lang.String url, @Nullable com.nimbusds.jose.jwk.KeyType keyType, JwkValidator jwkValidator)
JwksSignature(JwksSignatureConfiguration, JwkValidator, JwkSetFetcher)
instead.url
- The JWK urlkeyType
- The JWK key typejwkValidator
- JWK Validator to be used.public boolean isExpired()
public void clear()
JwksCache
public boolean isPresent()
@NonNull public java.util.Optional<java.util.List<java.lang.String>> getKeyIds()
public java.lang.String supportedAlgorithmsMessage()
supportedAlgorithmsMessage
in interface SignatureConfiguration
public boolean supports(com.nimbusds.jose.JWSAlgorithm algorithm)
supports
in interface SignatureConfiguration
algorithm
- the signature algorithmpublic boolean verify(com.nimbusds.jwt.SignedJWT jwt) throws com.nimbusds.jose.JOSEException
verify
in interface SignatureConfiguration
jwt
- the signed JWTcom.nimbusds.jose.JOSEException
- exception when verifying the JWT@Nullable protected com.nimbusds.jose.jwk.JWKSet loadJwkSet(java.lang.String url)
url
- JSON Web Key Set Url.@Deprecated protected java.util.List<com.nimbusds.jose.jwk.JWK> matches(com.nimbusds.jwt.SignedJWT jwt, @Nullable com.nimbusds.jose.jwk.JWKSet jwkSet, int refreshKeysAttempts)
matches(SignedJWT, JWKSet)
insteadjwt
- A Signed JWTjwkSet
- A JSON Web Key SetrefreshKeysAttempts
- Number of times to attempt refreshing the JWK Setprotected java.util.List<com.nimbusds.jose.jwk.JWK> matches(com.nimbusds.jwt.SignedJWT jwt, @Nullable com.nimbusds.jose.jwk.JWKSet jwkSet)
jwt
- A Signed JWTjwkSet
- A JSON Web Key Setprotected boolean verify(java.util.List<com.nimbusds.jose.jwk.JWK> matches, com.nimbusds.jwt.SignedJWT jwt)
matches
- A List of JSON Web key matches.jwt
- A JWT to be verified.@Deprecated public int getRefreshJwksAttempts()
@Deprecated public JwkValidator getJwkValidator()
@Deprecated public com.nimbusds.jose.jwk.JWKSet getJwkSet()
@Deprecated public com.nimbusds.jose.jwk.KeyType getKeyType()
@Deprecated public java.lang.String getUrl()