Package com.nimbusds.jose.proc
Class JWSVerificationKeySelector<C extends SecurityContext>
java.lang.Object
com.nimbusds.jose.proc.JWSVerificationKeySelector<C>
- All Implemented Interfaces:
JWSKeySelector<C>
@ThreadSafe
public class JWSVerificationKeySelector<C extends SecurityContext>
extends Object
implements JWSKeySelector<C>
Key selector for verifying JWS objects, where the key candidates are
retrieved from a
JSON Web Key (JWK) source
.- Version:
- 2024-04-20
- Author:
- Vladimir Dzhuvinov, Marco Vermeulen
-
Constructor Summary
ConstructorsConstructorDescriptionJWSVerificationKeySelector
(JWSAlgorithm jwsAlg, JWKSource<C> jwkSource) Creates a new JWS verification key selector.JWSVerificationKeySelector
(Set<JWSAlgorithm> jwsAlgs, JWKSource<C> jwkSource) Creates a new JWS verification key selector. -
Method Summary
Modifier and TypeMethodDescriptionprotected JWKMatcher
createJWKMatcher
(JWSHeader jwsHeader) Creates a JWK matcher for the expected JWS algorithm and the specified JWS header.Deprecated.Returns the JWK source.boolean
isAllowed
(JWSAlgorithm jwsAlg) Checks if a JWS algorithm is allowed for key selection.selectJWSKeys
(JWSHeader jwsHeader, C context) Selects key candidates for verifying a JWS object.
-
Constructor Details
-
JWSVerificationKeySelector
Creates a new JWS verification key selector.- Parameters:
jwsAlg
- The allowed JWS algorithm for the objects to be verified. Must not benull
.jwkSource
- The JWK source. Must not benull
.
-
JWSVerificationKeySelector
Creates a new JWS verification key selector.- Parameters:
jwsAlgs
- The allowed JWS algorithms for the objects to be verified. Must not be empty ornull
.jwkSource
- The JWK source. Must not benull
.
-
-
Method Details
-
isAllowed
Checks if a JWS algorithm is allowed for key selection.- Parameters:
jwsAlg
- The JWS algorithm to check.- Returns:
true
if allowed, elsefalse
.
-
getExpectedJWSAlgorithm
Deprecated.UseisAllowed(JWSAlgorithm)
insteadReturns the expected JWS algorithm.- Returns:
- The expected JWS algorithm.
-
createJWKMatcher
Creates a JWK matcher for the expected JWS algorithm and the specified JWS header.- Parameters:
jwsHeader
- The JWS header. Must not benull
.- Returns:
- The JWK matcher,
null
if none could be created.
-
selectJWSKeys
Description copied from interface:JWSKeySelector
Selects key candidates for verifying a JWS object.- Specified by:
selectJWSKeys
in interfaceJWSKeySelector<C extends SecurityContext>
- Parameters:
jwsHeader
- The header of the JWS object. Must not benull
.context
- Optional context,null
if not required.- Returns:
- The key candidates in trial order, empty list if none.
- Throws:
KeySourceException
- If a key sourcing exception is encountered, e.g. on remote JWK retrieval.
-
getJWKSource
Returns the JWK source.- Returns:
- The JWK source.
-
isAllowed(JWSAlgorithm)
instead