Package com.nimbusds.jose.proc
Class JWSVerificationKeySelector<C extends SecurityContext>
- java.lang.Object
-
- com.nimbusds.jose.proc.JWSVerificationKeySelector<C>
-
- All Implemented Interfaces:
JWSKeySelector<C>
@ThreadSafe public class JWSVerificationKeySelector<C extends SecurityContext> extends Object implements JWSKeySelector<C>
Key selector for verifying JWS objects, where the key candidates are retrieved from aJSON Web Key (JWK) source
.- Version:
- 2020-06-02
- Author:
- Vladimir Dzhuvinov, Marco Vermeulen
-
-
Constructor Summary
Constructors Constructor Description JWSVerificationKeySelector(JWSAlgorithm jwsAlg, JWKSource<C> jwkSource)
Creates a new JWS verification key selector.JWSVerificationKeySelector(Set<JWSAlgorithm> jwsAlgs, JWKSource<C> jwkSource)
Creates a new JWS verification key selector.
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description protected JWKMatcher
createJWKMatcher(JWSHeader jwsHeader)
Creates a JWK matcher for the expected JWS algorithm and the specified JWS header.JWSAlgorithm
getExpectedJWSAlgorithm()
Deprecated.UseisAllowed(JWSAlgorithm)
insteadJWKSource<C>
getJWKSource()
Returns the JWK source.boolean
isAllowed(JWSAlgorithm jwsAlg)
Checks if a JWS algorithm is allowed for key selection.List<Key>
selectJWSKeys(JWSHeader jwsHeader, C context)
Selects key candidates for verifying a JWS object.
-
-
-
Constructor Detail
-
JWSVerificationKeySelector
public JWSVerificationKeySelector(JWSAlgorithm jwsAlg, JWKSource<C> jwkSource)
Creates a new JWS verification key selector.- Parameters:
jwsAlg
- The allowed JWS algorithm for the objects to be verified. Must not benull
.jwkSource
- The JWK source. Must not benull
.
-
JWSVerificationKeySelector
public JWSVerificationKeySelector(Set<JWSAlgorithm> jwsAlgs, JWKSource<C> jwkSource)
Creates a new JWS verification key selector.- Parameters:
jwsAlgs
- The allowed JWS algorithms for the objects to be verified. Must not be empty ornull
.jwkSource
- The JWK source. Must not benull
.
-
-
Method Detail
-
isAllowed
public boolean isAllowed(JWSAlgorithm jwsAlg)
Checks if a JWS algorithm is allowed for key selection.- Parameters:
jwsAlg
- The JWS algorithm to check.- Returns:
true
if allowed, elsefalse
.
-
getExpectedJWSAlgorithm
@Deprecated public JWSAlgorithm getExpectedJWSAlgorithm()
Deprecated.UseisAllowed(JWSAlgorithm)
insteadReturns the expected JWS algorithm.- Returns:
- The expected JWS algorithm.
-
createJWKMatcher
protected JWKMatcher createJWKMatcher(JWSHeader jwsHeader)
Creates a JWK matcher for the expected JWS algorithm and the specified JWS header.- Parameters:
jwsHeader
- The JWS header. Must not benull
.- Returns:
- The JWK matcher,
null
if none could be created.
-
selectJWSKeys
public List<Key> selectJWSKeys(JWSHeader jwsHeader, C context) throws KeySourceException
Description copied from interface:JWSKeySelector
Selects key candidates for verifying a JWS object.- Specified by:
selectJWSKeys
in interfaceJWSKeySelector<C extends SecurityContext>
- Parameters:
jwsHeader
- The header of the JWS object. Must not benull
.context
- Optional context of the JWS object,null
if not required.- Returns:
- The key candidates in trial order, empty list if none.
- Throws:
KeySourceException
- If a key sourcing exception is encountered, e.g. on remote JWK retrieval.
-
getJWKSource
public JWKSource<C> getJWKSource()
Returns the JWK source.- Returns:
- The JWK source.
-
-