@ThreadSafe public class DefaultJOSEProcessor<C extends SecurityContext> extends BaseJOSEProcessor<C> implements JOSEProcessor<Payload,C>
JOSEObject
s.
Must be supplied with a JWS key selector
to
determine the key candidate(s) for the signature verification. The exact key
selection procedure is application-specific and may involve key ID lookup, a
certificate check and / or other information supplied in the message
context
.
Similarly, the processor must be supplied with a JWE key selector
if JWE messages are expected to be processed.
See sections 6 of RFC 7515 (JWS) and RFC 7516 (JWE) for guidelines on key selection.
This processor comes with the default JWS verifier factory
and the default JWE decrypter factory
; they can construct verifiers / decrypters for all
standard JOSE algorithms implemented by the library.
Note that for security reasons this processor is hardwired to reject
unsecured (plain) JOSE objects. Override the process(PlainObject,
SecurityContext)
if you need to handle plain JOSE objects as well.
To process JSON Web Tokens (JWTs) use the
DefaultJWTProcessor
class.
Constructor and Description |
---|
DefaultJOSEProcessor() |
Modifier and Type | Method and Description |
---|---|
Payload |
process(JOSEObject joseObject,
C context)
Processes the specified JOSE object (unsecured, JWS or JWE).
|
Payload |
process(JWEObject jweObject,
C context)
Processes the specified JWE object by decrypting it.
|
Payload |
process(JWSObject jwsObject,
C context)
Processes the specified JWS object by verifying its signature.
|
Payload |
process(PlainObject plainObject,
C context)
Processes the specified unsecured (plain) JOSE object, typically by
checking its context.
|
Payload |
process(String compactJOSE,
C context)
Parses and processes the specified JOSE object (unsecured, JWS or
JWE).
|
getJWEDecrypterFactory, getJWEKeySelector, getJWSKeySelector, getJWSVerifierFactory, setJWEDecrypterFactory, setJWEKeySelector, setJWSKeySelector, setJWSVerifierFactory
public DefaultJOSEProcessor()
public Payload process(String compactJOSE, C context) throws ParseException, BadJOSEException, JOSEException
JOSEProcessor
process
in interface JOSEProcessor<Payload,C extends SecurityContext>
compactJOSE
- The JOSE object, compact-encoded to a
URL-safe string. Must not be null
.context
- Optional context of the JOSE object,
null
if not required.null
if no return value is necessary.ParseException
- If the string couldn't be parsed to a valid
JOSE object.BadJOSEException
- If the JOSE object is rejected.JOSEException
- If an internal processing exception is
encountered.public Payload process(JOSEObject joseObject, C context) throws BadJOSEException, JOSEException
JOSEProcessor
process
in interface JOSEProcessor<Payload,C extends SecurityContext>
joseObject
- The JOSE object. Must not be null
.context
- Optional context of the JOSE object, null
if not required.null
if no return value is necessary.BadJOSEException
- If the JOSE object is rejected.JOSEException
- If an internal processing exception is
encountered.public Payload process(PlainObject plainObject, C context) throws BadJOSEException
JOSEProcessor
process
in interface JOSEProcessor<Payload,C extends SecurityContext>
plainObject
- The unsecured (plain) JOSE object. Not
null
.context
- Optional context of the unsecured JOSE object,
null
if not required.null
if no return value is necessary.BadJOSEException
- If the unsecured (plain) JOSE object is
rejected.public Payload process(JWSObject jwsObject, C context) throws BadJOSEException, JOSEException
JOSEProcessor
process
in interface JOSEProcessor<Payload,C extends SecurityContext>
jwsObject
- The JWS object. Not null
.context
- Optional context of the JWS object, null
if
not required.null
if no return value is necessary.BadJOSEException
- If the JWS object is rejected, typically
due to a bad signature.JOSEException
- If an internal processing exception is
encountered.public Payload process(JWEObject jweObject, C context) throws BadJOSEException, JOSEException
JOSEProcessor
process
in interface JOSEProcessor<Payload,C extends SecurityContext>
jweObject
- The JWE object. Not null
.context
- Optional context of the JWE object, null
if
not required.null
if no return value is necessary.BadJOSEException
- If the JWE object is rejected, typically
due to failed decryption.JOSEException
- If an internal processing exception is
encountered.Copyright © 2015 Connect2id Ltd.. All Rights Reserved.