@ThreadSafe public class RemoteJWKSet<C extends SecurityContext> extends Object implements JWKSource<C>
Modifier and Type | Field and Description |
---|---|
static int |
DEFAULT_HTTP_CONNECT_TIMEOUT
The default HTTP connect timeout for JWK set retrieval, in
milliseconds.
|
static int |
DEFAULT_HTTP_READ_TIMEOUT
The default HTTP read timeout for JWK set retrieval, in
milliseconds.
|
static int |
DEFAULT_HTTP_SIZE_LIMIT
The default HTTP entity size limit for JWK set retrieval, in bytes.
|
Constructor and Description |
---|
RemoteJWKSet(URL jwkSetURL)
Creates a new remote JWK set using the
default HTTP resource retriever . |
RemoteJWKSet(URL jwkSetURL,
RestrictedResourceRetriever resourceRetriever)
Creates a new remote JWK set.
|
Modifier and Type | Method and Description |
---|---|
List<JWK> |
get(JWKSelector jwkSelector,
C context)
Retrieves a list of JWKs matching the specified selector.
|
protected static String |
getFirstSpecifiedKeyID(JWKMatcher jwkMatcher)
Returns the first specified key ID (kid) for a JWK matcher.
|
JWKSet |
getJWKSet()
Returns the cached JWK set.
|
URL |
getJWKSetURL()
Returns the JWK set URL.
|
RestrictedResourceRetriever |
getResourceRetriever()
Returns the HTTP resource retriever.
|
public static final int DEFAULT_HTTP_CONNECT_TIMEOUT
public static final int DEFAULT_HTTP_READ_TIMEOUT
public static final int DEFAULT_HTTP_SIZE_LIMIT
public RemoteJWKSet(URL jwkSetURL)
default HTTP resource retriever
.
Starts an asynchronous thread to fetch the JWK set from the
specified URL. The JWK set is cached if successfully retrieved.jwkSetURL
- The JWK set URL. Must not be null
.public RemoteJWKSet(URL jwkSetURL, RestrictedResourceRetriever resourceRetriever)
jwkSetURL
- The JWK set URL. Must not be null
.resourceRetriever
- The HTTP resource retriever to use,
null
to use the
default
one
.public URL getJWKSetURL()
public RestrictedResourceRetriever getResourceRetriever()
public JWKSet getJWKSet()
null
if none.protected static String getFirstSpecifiedKeyID(JWKMatcher jwkMatcher)
jwkMatcher
- The JWK matcher. Must not be null
.null
if none.public List<JWK> get(JWKSelector jwkSelector, C context)
get
in interface JWKSource<C extends SecurityContext>
jwkSelector
- A JWK selector. Must not be null
.context
- Optional context, null
if not required.Copyright © 2016 Connect2id Ltd.. All rights reserved.