001/* 002 * nimbus-jose-jwt 003 * 004 * Copyright 2012-2016, Connect2id Ltd. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.jwt.proc; 019 020 021import com.nimbusds.jose.crypto.factories.DefaultJWEDecrypterFactory; 022import com.nimbusds.jose.crypto.factories.DefaultJWSVerifierFactory; 023import com.nimbusds.jose.proc.JOSEProcessorConfiguration; 024import com.nimbusds.jose.proc.SecurityContext; 025 026 027/** 028 * JWT processor configuration. 029 * 030 * <p>Specifies the required components to process JWTs: 031 * 032 * <ul> 033 * <li>To verify signed JWTs: 034 * <ul> 035 * <li>Key selector to determine key candidate(s) for JWS 036 * verification based on the JWS header and application- 037 * specific context information. 038 * <li>Factory to construct a JWS verifier for a given key 039 * candidate and JWS header information. A 040 * {@link DefaultJWSVerifierFactory default factory} 041 * implementation is provided. 042 * </ul> 043 * <li>To decrypt encrypted JWTs: 044 * <ul> 045 * <li>Key selector to determine key candidate(s) for JWE 046 * decryption based on the JWS header and application-specific 047 * context information. 048 * <li>Factory to construct a JWE decrypter for a given key 049 * candidate and JWE header information. A 050 * {@link DefaultJWEDecrypterFactory default factory} 051 * implementation is provided. 052 * </ul> 053 * <li>Optional JWT claims set verifier. Ensures that the claims set of a 054 * JWT complies with an application's requirements. 055 * </ul> 056 * 057 * @author Vladimir Dzhuvinov 058 * @version 2019-06-16 059 */ 060public interface JWTProcessorConfiguration<C extends SecurityContext> extends JOSEProcessorConfiguration<C> { 061 062 063 /** 064 * Gets the JWT claims set aware JWS key selector. 065 * 066 * @return The JWT claims set aware JWS key selector, {@code null} if 067 * not specified. 068 */ 069 JWTClaimsSetAwareJWSKeySelector<C> getJWTClaimsSetAwareJWSKeySelector(); 070 071 072 /** 073 * Sets the JWT claims set aware JWS key selector. 074 * 075 * @param jwsKeySelector The JWT claims set aware JWS key selector, 076 * {@code null} if not specified. 077 */ 078 void setJWTClaimsSetAwareJWSKeySelector(final JWTClaimsSetAwareJWSKeySelector<C> jwsKeySelector); 079 080 081 /** 082 * Gets the optional JWT claims set verifier. Ensures that the claims 083 * set of a JWT complies with an application's requirements. 084 * 085 * @return The JWT claims set verifier, {@code null} if not specified. 086 */ 087 JWTClaimsSetVerifier<C> getJWTClaimsSetVerifier(); 088 089 090 /** 091 * Sets the optional JWT claims set verifier. Ensures that the claims 092 * set of a JWT complies with an application's requirements. 093 * 094 * @param claimsVerifier The JWT claims set verifier, {@code null} if 095 * not specified. 096 */ 097 void setJWTClaimsSetVerifier(final JWTClaimsSetVerifier<C> claimsVerifier); 098 099 100 /** 101 * Use {@link #getJWTClaimsSetVerifier()} instead. 102 * 103 * @return The JWT claims set verifier, {@code null} if not specified. 104 */ 105 @Deprecated 106 JWTClaimsVerifier getJWTClaimsVerifier(); 107 108 109 /** 110 * Use {@link #setJWTClaimsSetVerifier} instead. 111 * 112 * @param claimsVerifier The JWT claims set verifier, {@code null} if 113 * not specified. 114 */ 115 @Deprecated 116 void setJWTClaimsVerifier(final JWTClaimsVerifier claimsVerifier); 117}