001package com.nimbusds.jwt.proc; 002 003 004import com.nimbusds.jose.crypto.factories.DefaultJWEDecrypterFactory; 005import com.nimbusds.jose.crypto.factories.DefaultJWSVerifierFactory; 006import com.nimbusds.jose.proc.JOSEProcessorConfiguration; 007import com.nimbusds.jose.proc.SecurityContext; 008 009 010/** 011 * JWT processor configuration. 012 * 013 * <p></P>Specifies the required components to process JWTs: 014 * 015 * <ul> 016 * <li>To verify signed JWTs: 017 * <ul> 018 * <li>Key selector to determine key candidate(s) for JWS 019 * verification based on the JWS header and application- 020 * specific context information. 021 * <li>Factory to construct a JWS verifier for a given key 022 * candidate and JWS header information. A 023 * {@link DefaultJWSVerifierFactory default factory} 024 * implementation is provided. 025 * </ul> 026 * <li>To decrypt encrypted JWTs: 027 * <ul> 028 * <li>Key selector to determine key candidate(s) for JWE 029 * decryption based on the JWS header and application-specific 030 * context information. 031 * <li>Factory to construct a JWE decrypter for a given key 032 * candidate and JWE header information. A 033 * {@link DefaultJWEDecrypterFactory default factory} 034 * implementation is provided. 035 * </ul> 036 * <li>Optional JWT claims verifier. Intended to perform various 037 * application-specific JWT claims checks, such as token expiration 038 * and issuer acceptance, after successful JWS verification / JWE 039 * decryption. 040 * </ul> 041 * 042 * @author Vladimir Dzhuvinov 043 * @version 2015-08-22 044 */ 045public interface JWTProcessorConfiguration<C extends SecurityContext> extends JOSEProcessorConfiguration<C> { 046 047 048 /** 049 * Gets the optional JWT claims verifier. Intended to perform various 050 * application-specific JWT claims checks, such as token expiration and 051 * issuer acceptance, after successful JWS verification / JWE decryption. 052 * 053 * @return The JWT claims verifier, {@code null} if not specified. 054 */ 055 JWTClaimsVerifier getJWTClaimsVerifier(); 056 057 058 /** 059 * Sets the optional JWT claims verifier. Intended to perform various 060 * application-specific JWT claims checks, such as token expiration and 061 * issuer acceptance, after successful JWS verification / JWE 062 * decryption. 063 * 064 * @param claimsVerifier The JWT claims verifier, {@code null} if not 065 * specified. 066 */ 067 void setJWTClaimsVerifier(final JWTClaimsVerifier claimsVerifier); 068}