Package io.micronaut.security.token.jwt.signature.jwks

Class JwksSignature

java.lang.Object
io.micronaut.security.token.jwt.signature.jwks.JwksSignature
All Implemented Interfaces:
JwksCache, SignatureConfiguration
@Deprecated(since="4.8.0", forRemoval=true) public class JwksSignature extends Object implements JwksCache, SignatureConfiguration
Deprecated, for removal: This API element is subject to removal in a future version.
Not used. ReactiveJwksSignature used instead.
Signature configuration which enables verification of remote JSON Web Key Set. A bean of this class is created for each JwksSignatureConfiguration.
Since:
1.1.0
Author:
Sergio del Amo

  • Constructor Summary

    Constructors
    Constructor
    Description
    JwksSignature(JwksSignatureConfiguration jwksSignatureConfiguration, JwkValidator jwkValidator, JwkSetFetcher<com.nimbusds.jose.jwk.JWKSet> jwkSetFetcher)
    Deprecated, for removal: This API element is subject to removal in a future version.
     

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    clear()
    Deprecated, for removal: This API element is subject to removal in a future version.
    Clears the JWK Set cache.
    @NonNull Optional<List<String>>
    getKeyIds()
    Deprecated, for removal: This API element is subject to removal in a future version.
     
    boolean
    isExpired()
    Deprecated, for removal: This API element is subject to removal in a future version.
     
    boolean
    isPresent()
    Deprecated, for removal: This API element is subject to removal in a future version.
     
    protected @Nullable com.nimbusds.jose.jwk.JWKSet
    loadJwkSet(@Nullable String providerName, String url)
    Deprecated, for removal: This API element is subject to removal in a future version.
    Instantiates a JWKSet for a given url.
    protected @Nullable com.nimbusds.jose.jwk.JWKSet
    loadJwkSet(String url)
    Deprecated, for removal: This API element is subject to removal in a future version.
    Use loadJwkSet(String, String) instead.
    protected List<com.nimbusds.jose.jwk.JWK>
    matches(com.nimbusds.jwt.SignedJWT jwt, @Nullable com.nimbusds.jose.jwk.JWKSet jwkSet)
    Deprecated.
    Use JwksSignatureUtils.matches(SignedJWT, JWKSet, KeyType) instead.
    String
    supportedAlgorithmsMessage()
    Deprecated, for removal: This API element is subject to removal in a future version.
     
    boolean
    supports(com.nimbusds.jose.JWSAlgorithm algorithm)
    Deprecated, for removal: This API element is subject to removal in a future version.
    Whether this signature configuration supports this algorithm.
    boolean
    verify(com.nimbusds.jwt.SignedJWT jwt)
    Deprecated, for removal: This API element is subject to removal in a future version.
    Verify a signed JWT.
    protected boolean
    verify(List<com.nimbusds.jose.jwk.JWK> matches, com.nimbusds.jwt.SignedJWT jwt)
    Deprecated, for removal: This API element is subject to removal in a future version.
    returns true if any JWK match is able to verify the JWT signature.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • JwksSignature

      public JwksSignature(JwksSignatureConfiguration jwksSignatureConfiguration, JwkValidator jwkValidator, JwkSetFetcher<com.nimbusds.jose.jwk.JWKSet> jwkSetFetcher)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Parameters:
      jwksSignatureConfiguration - JSON Web Key Set configuration.
      jwkValidator - JWK Validator to be used.
      jwkSetFetcher - Json Web Key Set fetcher

  • Method Details

    • isExpired

      public boolean isExpired()
      Deprecated, for removal: This API element is subject to removal in a future version.
      Specified by:
      isExpired in interface JwksCache
      Returns:
      Whether the cache is expired or empty optional if JWKS still not cached

    • clear

      public void clear()
      Deprecated, for removal: This API element is subject to removal in a future version.
      Description copied from interface: JwksCache
      Clears the JWK Set cache.
      Specified by:
      clear in interface JwksCache

    • isPresent

      public boolean isPresent()
      Deprecated, for removal: This API element is subject to removal in a future version.
      Specified by:
      isPresent in interface JwksCache
      Returns:
      Whether the cache has been populated.

    • getKeyIds

      @NonNull public @NonNull Optional<List<String>> getKeyIds()
      Deprecated, for removal: This API element is subject to removal in a future version.
      Specified by:
      getKeyIds in interface JwksCache

    • supportedAlgorithmsMessage

      public String supportedAlgorithmsMessage()
      Deprecated, for removal: This API element is subject to removal in a future version.
      Specified by:
      supportedAlgorithmsMessage in interface SignatureConfiguration
      Returns:
      A message indicating the supported algorithms.

    • supports

      public boolean supports(com.nimbusds.jose.JWSAlgorithm algorithm)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Whether this signature configuration supports this algorithm.
      Specified by:
      supports in interface SignatureConfiguration
      Parameters:
      algorithm - the signature algorithm
      Returns:
      whether this signature configuration supports this algorithm

    • verify

      public boolean verify(com.nimbusds.jwt.SignedJWT jwt) throws com.nimbusds.jose.JOSEException
      Deprecated, for removal: This API element is subject to removal in a future version.
      Verify a signed JWT.
      Specified by:
      verify in interface SignatureConfiguration
      Parameters:
      jwt - the signed JWT
      Returns:
      whether the signed JWT is verified
      Throws:
      com.nimbusds.jose.JOSEException - exception when verifying the JWT

    • loadJwkSet

      @Nullable @Deprecated(forRemoval=true, since="4.5.0") protected @Nullable com.nimbusds.jose.jwk.JWKSet loadJwkSet(String url)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Use loadJwkSet(String, String) instead.
      Instantiates a JWKSet for a given url.
      Parameters:
      url - JSON Web Key Set Url.
      Returns:
      a JWKSet or null if there was an error.

    • loadJwkSet

      @Nullable protected @Nullable com.nimbusds.jose.jwk.JWKSet loadJwkSet(@Nullable @Nullable String providerName, String url)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Instantiates a JWKSet for a given url.
      Parameters:
      providerName - The name of the JWKS configuration.
      url - JSON Web Key Set Url.
      Returns:
      a JWKSet or null if there was an error.

    • matches

      @Deprecated protected List<com.nimbusds.jose.jwk.JWK> matches(com.nimbusds.jwt.SignedJWT jwt, @Nullable @Nullable com.nimbusds.jose.jwk.JWKSet jwkSet)
      Deprecated.
      Use JwksSignatureUtils.matches(SignedJWT, JWKSet, KeyType) instead.
      Calculates a list of JWK matches for a JWT.
      Parameters:
      jwt - A Signed JWT
      jwkSet - A JSON Web Key Set
      Returns:
      a List of JSON Web Keys

    • verify

      protected boolean verify(List<com.nimbusds.jose.jwk.JWK> matches, com.nimbusds.jwt.SignedJWT jwt)
      Deprecated, for removal: This API element is subject to removal in a future version.
      returns true if any JWK match is able to verify the JWT signature.
      Parameters:
      matches - A List of JSON Web key matches.
      jwt - A JWT to be verified.
      Returns:
      true if the JWT signature could be verified.