Source code

001/*
002 * nimbus-jose-jwt
003 *
004 * Copyright 2012-2016, Connect2id Ltd.
005 *
006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use
007 * this file except in compliance with the License. You may obtain a copy of the
008 * License at
009 *
010 *    http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software distributed
013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the
015 * specific language governing permissions and limitations under the License.
016 */
017
018package com.nimbusds.jwt.proc;
019
020
021import com.nimbusds.jose.crypto.factories.DefaultJWEDecrypterFactory;
022import com.nimbusds.jose.crypto.factories.DefaultJWSVerifierFactory;
023import com.nimbusds.jose.proc.JOSEProcessorConfiguration;
024import com.nimbusds.jose.proc.SecurityContext;
025
026
027/**
028 * JWT processor configuration.
029 *
030 * <p>Specifies the required components to process JWTs:
031 *
032 * <ul>
033 *     <li>To verify signed JWTs:
034 *         <ul>
035 *             <li>Key selector to determine key candidate(s) for JWS
036 *                 verification based on the JWS header and application-
037 *                 specific context information.
038 *             <li>Factory to construct a JWS verifier for a given key
039 *                 candidate and JWS header information. A
040 *                 {@link DefaultJWSVerifierFactory default factory}
041 *                 implementation is provided.
042 *         </ul>
043 *     <li>To decrypt encrypted JWTs:
044 *         <ul>
045 *             <li>Key selector to determine key candidate(s) for JWE
046 *                 decryption based on the JWS header and application-specific
047 *                 context information.
048 *             <li>Factory to construct a JWE decrypter for a given key
049 *                 candidate and JWE header information. A
050 *                 {@link DefaultJWEDecrypterFactory default factory}
051 *                 implementation is provided.
052 *         </ul>
053 *      <li>Optional JWT claims set verifier. Ensures that the claims set of a
054 *          JWT complies with an application's requirements.
055 * </ul>
056 *
057 * @author Vladimir Dzhuvinov
058 * @version 2016-07-25
059 */
060public interface JWTProcessorConfiguration<C extends SecurityContext> extends JOSEProcessorConfiguration<C> {
061
062
063        /**
064         * Gets the optional JWT claims set verifier. Ensures that the claims
065         * set of a JWT complies with an application's requirements.
066         *
067         * @return The JWT claims set verifier, {@code null} if not specified.
068         */
069        JWTClaimsSetVerifier<C> getJWTClaimsSetVerifier();
070
071
072        /**
073         * Sets the optional JWT claims set verifier. Ensures that the claims
074         * set of a JWT complies with an application's requirements.
075         *
076         * @param claimsVerifier The JWT claims set verifier, {@code null} if
077         *                       not specified.
078         */
079        void setJWTClaimsSetVerifier(final JWTClaimsSetVerifier<C> claimsVerifier);
080
081
082        /**
083         * Use {@link #getJWTClaimsVerifier()} instead.
084         *
085         * @return The JWT claims set verifier, {@code null} if not specified.
086         */
087        @Deprecated
088        JWTClaimsVerifier getJWTClaimsVerifier();
089
090
091        /**
092         * Use {@link #setJWTClaimsSetVerifier} instead.
093         *
094         * @param claimsVerifier The JWT claims set verifier, {@code null} if
095         *                       not specified.
096         */
097        @Deprecated
098        void setJWTClaimsVerifier(final JWTClaimsVerifier claimsVerifier);
099}