Package com.nimbusds.jose.jwk
Class OctetSequenceKey.Builder
- java.lang.Object
-
- com.nimbusds.jose.jwk.OctetSequenceKey.Builder
-
- Enclosing class:
- OctetSequenceKey
public static class OctetSequenceKey.Builder extends Object
Builder for constructing octet sequence JWKs.Example usage:
OctetSequenceKey key = new OctetSequenceKey.Builder(k) .algorithm(JWSAlgorithm.HS512) .keyID("123") .build();
-
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description OctetSequenceKey.Builderalgorithm(Algorithm alg)Sets the intended JOSE algorithm (alg) for the JWK.OctetSequenceKeybuild()Builds a new octet sequence JWK.OctetSequenceKey.BuilderkeyID(String kid)Sets the ID (kid) of the JWK.OctetSequenceKey.BuilderkeyIDFromThumbprint()Sets the ID (kid) of the JWK to its SHA-256 JWK thumbprint (RFC 7638).OctetSequenceKey.BuilderkeyIDFromThumbprint(String hashAlg)Sets the ID (kid) of the JWK to its JWK thumbprint (RFC 7638).OctetSequenceKey.BuilderkeyOperations(Set<KeyOperation> ops)Sets the operations (key_ops) of the JWK (for a non-public key).OctetSequenceKey.BuilderkeyStore(KeyStore keyStore)Sets the underlying key store.OctetSequenceKey.BuilderkeyUse(KeyUse use)Sets the use (use) of the JWK.OctetSequenceKey.Builderx509CertChain(List<Base64> x5c)Sets the X.509 certificate chain (x5c) of the JWK.OctetSequenceKey.Builderx509CertSHA256Thumbprint(Base64URL x5t256)Sets the X.509 certificate SHA-256 thumbprint (x5t#S256) of the JWK.OctetSequenceKey.Builderx509CertThumbprint(Base64URL x5t)Deprecated.OctetSequenceKey.Builderx509CertURL(URI x5u)Sets the X.509 certificate URL (x5u) of the JWK.
-
-
-
Constructor Detail
-
Builder
public Builder(Base64URL k)
Creates a new octet sequence JWK builder.- Parameters:
k- The key value. It is represented as the Base64URL encoding of value's big endian representation. Must not benull.
-
Builder
public Builder(byte[] key)
Creates a new octet sequence JWK builder.- Parameters:
key- The key value. Must not be empty byte array ornull.
-
-
Method Detail
-
keyUse
public OctetSequenceKey.Builder keyUse(KeyUse use)
Sets the use (use) of the JWK.- Parameters:
use- The key use,nullif not specified or if the key is intended for signing as well as encryption.- Returns:
- This builder.
-
keyOperations
public OctetSequenceKey.Builder keyOperations(Set<KeyOperation> ops)
Sets the operations (key_ops) of the JWK (for a non-public key).- Parameters:
ops- The key operations,nullif not specified.- Returns:
- This builder.
-
algorithm
public OctetSequenceKey.Builder algorithm(Algorithm alg)
Sets the intended JOSE algorithm (alg) for the JWK.- Parameters:
alg- The intended JOSE algorithm,nullif not specified.- Returns:
- This builder.
-
keyID
public OctetSequenceKey.Builder keyID(String kid)
Sets the ID (kid) of the JWK. The key ID can be used to match a specific key. This can be used, for instance, to choose a key within aJWKSetduring key rollover. The key ID may also correspond to a JWS/JWEkidheader parameter value.- Parameters:
kid- The key ID,nullif not specified.- Returns:
- This builder.
-
keyIDFromThumbprint
public OctetSequenceKey.Builder keyIDFromThumbprint() throws JOSEException
Sets the ID (kid) of the JWK to its SHA-256 JWK thumbprint (RFC 7638). The key ID can be used to match a specific key. This can be used, for instance, to choose a key within aJWKSetduring key rollover. The key ID may also correspond to a JWS/JWEkidheader parameter value.- Returns:
- This builder.
- Throws:
JOSEException- If the SHA-256 hash algorithm is not supported.
-
keyIDFromThumbprint
public OctetSequenceKey.Builder keyIDFromThumbprint(String hashAlg) throws JOSEException
Sets the ID (kid) of the JWK to its JWK thumbprint (RFC 7638). The key ID can be used to match a specific key. This can be used, for instance, to choose a key within aJWKSetduring key rollover. The key ID may also correspond to a JWS/JWEkidheader parameter value.- Parameters:
hashAlg- The hash algorithm for the JWK thumbprint computation. Must not benull.- Returns:
- This builder.
- Throws:
JOSEException- If the hash algorithm is not supported.
-
x509CertURL
public OctetSequenceKey.Builder x509CertURL(URI x5u)
Sets the X.509 certificate URL (x5u) of the JWK.- Parameters:
x5u- The X.509 certificate URL,nullif not specified.- Returns:
- This builder.
-
x509CertThumbprint
@Deprecated public OctetSequenceKey.Builder x509CertThumbprint(Base64URL x5t)
Deprecated.Sets the X.509 certificate SHA-1 thumbprint (x5t) of the JWK.- Parameters:
x5t- The X.509 certificate SHA-1 thumbprint,nullif not specified.- Returns:
- This builder.
-
x509CertSHA256Thumbprint
public OctetSequenceKey.Builder x509CertSHA256Thumbprint(Base64URL x5t256)
Sets the X.509 certificate SHA-256 thumbprint (x5t#S256) of the JWK.- Parameters:
x5t256- The X.509 certificate SHA-256 thumbprint,nullif not specified.- Returns:
- This builder.
-
x509CertChain
public OctetSequenceKey.Builder x509CertChain(List<Base64> x5c)
Sets the X.509 certificate chain (x5c) of the JWK.- Parameters:
x5c- The X.509 certificate chain as a unmodifiable list,nullif not specified.- Returns:
- This builder.
-
keyStore
public OctetSequenceKey.Builder keyStore(KeyStore keyStore)
Sets the underlying key store.- Parameters:
keyStore- Reference to the underlying key store,nullif none.- Returns:
- This builder.
-
build
public OctetSequenceKey build()
Builds a new octet sequence JWK.- Returns:
- The octet sequence JWK.
- Throws:
IllegalStateException- If the JWK parameters were inconsistently specified.
-
-