Package io.micronaut.security.token.jwt.signature.jwks

Class JwksSignatureUtils

java.lang.Object

io.micronaut.security.token.jwt.signature.jwks.JwksSignatureUtils

@Internal
public final class JwksSignatureUtils
extends Object

Utility class to verify signatures with a JWKSet.

Method Summary

Modifier and Type	Method	Description
static List<com.nimbusds.jose.jwk.JWK>	matches(com.nimbusds.jwt.SignedJWT jwt, @Nullable com.nimbusds.jose.jwk.JWKSet jwkSet, @Nullable com.nimbusds.jose.jwk.KeyType keyType)	Calculates a list of JWK matches for a JWT.
static String	supportedAlgorithmsMessage(com.nimbusds.jose.jwk.JWKSet jwkSet)
static String	supportedAlgorithmsMessage(List<com.nimbusds.jose.jwk.JWK> keys)
static boolean	supports(com.nimbusds.jose.JWSAlgorithm algorithm, com.nimbusds.jose.jwk.JWKSet jwkSet)	Whether this signature configuration supports this algorithm.
static boolean	supports(com.nimbusds.jose.JWSAlgorithm algorithm, List<com.nimbusds.jose.jwk.JWK> keys)	Whether this signature configuration supports this algorithm.
static boolean	verify(com.nimbusds.jwt.SignedJWT jwt, com.nimbusds.jose.jwk.JWKSet jwkSet, JwkValidator jwkValidator)	Verify a signed JWT.
static boolean	verify(JwkValidator jwkValidator, List<com.nimbusds.jose.jwk.JWK> matches, com.nimbusds.jwt.SignedJWT jwt)	returns true if any JWK match is able to verify the JWT signature.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

verify

public static boolean verify(com.nimbusds.jwt.SignedJWT jwt,
 com.nimbusds.jose.jwk.JWKSet jwkSet,
 JwkValidator jwkValidator)
                      throws com.nimbusds.jose.JOSEException

Verify a signed JWT.

Parameters:

jwkSet - JSON Web Key Set

jwt - the signed JWT

jwkValidator - JWK Validator

Returns:

whether the signed JWT is verified

Throws:

com.nimbusds.jose.JOSEException - exception when verifying the JWT

supports

public static boolean supports(com.nimbusds.jose.JWSAlgorithm algorithm,
 com.nimbusds.jose.jwk.JWKSet jwkSet)

Whether this signature configuration supports this algorithm.

Parameters:

jwkSet - JSON Web Key Set

algorithm - the signature algorithm

Returns:

whether this signature configuration supports this algorithm

supports

public static boolean supports(com.nimbusds.jose.JWSAlgorithm algorithm,
 List<com.nimbusds.jose.jwk.JWK> keys)

Whether this signature configuration supports this algorithm.

Parameters:

keys - JSON Web Keys

algorithm - the signature algorithm

Returns:

whether this signature configuration supports this algorithm

supportedAlgorithmsMessage

public static String supportedAlgorithmsMessage(com.nimbusds.jose.jwk.JWKSet jwkSet)

Parameters:

jwkSet - JSON Web Key Set

Returns:

A message indicating the supported algorithms.

supportedAlgorithmsMessage

public static String supportedAlgorithmsMessage(List<com.nimbusds.jose.jwk.JWK> keys)

Parameters:

keys - JSON Web Keys

Returns:

A message indicating the supported algorithms.

verify

public static boolean verify(JwkValidator jwkValidator,
 List<com.nimbusds.jose.jwk.JWK> matches,
 com.nimbusds.jwt.SignedJWT jwt)

returns true if any JWK match is able to verify the JWT signature.

Parameters:

jwkValidator - JWK Validator

matches - A List of JSON Web key matches.

jwt - A JWT to be verified.

Returns:

true if the JWT signature could be verified.

matches

public static List<com.nimbusds.jose.jwk.JWK> matches(com.nimbusds.jwt.SignedJWT jwt,
 @Nullable
 @Nullable com.nimbusds.jose.jwk.JWKSet jwkSet,
 @Nullable
 @Nullable com.nimbusds.jose.jwk.KeyType keyType)

Calculates a list of JWK matches for a JWT.

Parameters:

jwt - A Signed JWT

jwkSet - A JSON Web Key Set

keyType - Key Type

Returns:

a List of JSON Web Keys