Source code

001package com.nimbusds.jwt.proc;
002
003
004import com.nimbusds.jose.crypto.factories.DefaultJWEDecrypterFactory;
005import com.nimbusds.jose.crypto.factories.DefaultJWSVerifierFactory;
006import com.nimbusds.jose.proc.JOSEProcessorConfiguration;
007import com.nimbusds.jose.proc.SecurityContext;
008
009
010/**
011 * JWT processor configuration.
012 *
013 * <p></P>Specifies the required components to process JWTs:
014 *
015 * <ul>
016 *     <li>To verify signed JWTs:
017 *         <ul>
018 *             <li>Key selector to determine key candidate(s) for JWS
019 *                 verification based on the JWS header and application-
020 *                 specific context information.
021 *             <li>Factory to construct a JWS verifier for a given key
022 *                 candidate and JWS header information. A
023 *                 {@link DefaultJWSVerifierFactory default factory}
024 *                 implementation is provided.
025 *         </ul>
026 *     <li>To decrypt encrypted JWTs:
027 *         <ul>
028 *             <li>Key selector to determine key candidate(s) for JWE
029 *                 decryption based on the JWS header and application-specific
030 *                 context information.
031 *             <li>Factory to construct a JWE decrypter for a given key
032 *                 candidate and JWE header information. A
033 *                 {@link DefaultJWEDecrypterFactory default factory}
034 *                 implementation is provided.
035 *         </ul>
036 *      <li>Optional JWT claims verifier. Intended to perform various
037 *          application-specific JWT claims checks, such as token expiration
038 *          and issuer acceptance, after successful JWS verification / JWE
039 *          decryption.
040 * </ul>
041 *
042 * @author Vladimir Dzhuvinov
043 * @version 2015-08-22
044 */
045public interface JWTProcessorConfiguration<C extends SecurityContext> extends JOSEProcessorConfiguration<C> {
046
047
048        /**
049         * Gets the optional JWT claims verifier. Intended to perform various
050         * application-specific JWT claims checks, such as token expiration and
051         * issuer acceptance, after successful JWS verification / JWE decryption.
052         *
053         * @return The JWT claims verifier, {@code null} if not specified.
054         */
055        JWTClaimsVerifier getJWTClaimsVerifier();
056
057
058        /**
059         * Sets the optional JWT claims verifier. Intended to perform various
060         * application-specific JWT claims checks, such as token expiration and
061         * issuer acceptance, after successful JWS verification / JWE
062         * decryption.
063         *
064         * @param claimsVerifier The JWT claims verifier, {@code null} if not
065         *                       specified.
066         */
067        void setJWTClaimsVerifier(final JWTClaimsVerifier claimsVerifier);
068}