SignedThenEncryptedJwt (OpenAM Server Only 6.5.5 Documentation)

java.lang.Object
- org.forgerock.json.jose.jwe.EncryptedJwt
- - org.forgerock.json.jose.jwe.SignedThenEncryptedJwt

All Implemented Interfaces:

Jwt, Payload
```
public class SignedThenEncryptedJwt
extends EncryptedJwt
```
A nested signed-then-encrypted JWT.

Constructor Summary

Constructors
Constructor and Description
`SignedThenEncryptedJwt(EncryptedJwt encryptedJwt)` Constructs a fresh signed-then-encrypted JWT from an encrypted JWT.
`SignedThenEncryptedJwt(JweHeader header, SignedJwt payload, Key publicKey)` Constructs a fresh signed-then-encrypted JWT with the given signed JWT payload, JWE headers and encryption key.
`SignedThenEncryptedJwt(JweHeader header, String encodedHeader, byte[] encryptedContentEncryptionKey, byte[] initialisationVector, byte[] ciphertext, byte[] authenticationTag)` Reconstructs a signed-then-encrypted JWT from components parts of the encrypted JWT string.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`SignedThenEncryptedJwt`	`copy()` Create a copy of the current payload.
`boolean`	`decryptAndVerify(Key decryptionKey, SigningHandler signingHandler)` Decrypts the outer JWT and then verifies the signature on the inner JWT.
`JwtClaimsSet`	`getClaimsSet()` Gets the claims set object for the Jwt, which contains all of the claims (name value pairs) conveyed by the JWT.
`SignedJwt`	`getSignedJwt()` Get the signed JWT.
`boolean`	`verify(SigningHandler signingHandler)` Verifies that the signature is valid on the nested signed JWT.

Methods inherited from class org.forgerock.json.jose.jwe.EncryptedJwt
build, decrypt, decryptRawPayload, getHeader

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - SignedThenEncryptedJwt
```
public SignedThenEncryptedJwt(EncryptedJwt encryptedJwt)
```
    Constructs a fresh signed-then-encrypted JWT from an encrypted JWT. To use if you know that the encrypted JWT is actually containing a JWS.
    
    Parameters:
    
    encryptedJwt - the encrypted JWT.
  - SignedThenEncryptedJwt
```
public SignedThenEncryptedJwt(JweHeader header,
                              SignedJwt payload,
                              Key publicKey)
```
    Constructs a fresh signed-then-encrypted JWT with the given signed JWT payload, JWE headers and encryption key.
    
    Parameters:
    
    header - the JWE headers.
    
    payload - the signed JWT payload.
    
    publicKey - the encryption key.
  - SignedThenEncryptedJwt
```
public SignedThenEncryptedJwt(JweHeader header,
                              String encodedHeader,
                              byte[] encryptedContentEncryptionKey,
                              byte[] initialisationVector,
                              byte[] ciphertext,
                              byte[] authenticationTag)
```
    Reconstructs a signed-then-encrypted JWT from components parts of the encrypted JWT string.
    
    Parameters:
    
    header - the decoded headers.
    
    encodedHeader - the encoded headers.
    
    encryptedContentEncryptionKey - the encrypted content encryption key (CEK), or null if not used.
    
    initialisationVector - the initialisation vector (IV).
    
    ciphertext - the encrypted ciphertext payload.
    
    authenticationTag - the authentication MAC tag.
- Method Detail
  - verify
```
public boolean verify(SigningHandler signingHandler)
```
    Verifies that the signature is valid on the nested signed JWT.
    
    Parameters:
    
    signingHandler - the handler to use for verifying the signature.
    
    Returns:
    
    true if the signature is valid, otherwise false.
    
    Throws:
    
    JwsVerifyingException - if the outer JWT has not already been decrypted.
  - decryptAndVerify
```
public boolean decryptAndVerify(Key decryptionKey,
                                SigningHandler signingHandler)
```
    Decrypts the outer JWT and then verifies the signature on the inner JWT.
    
    Parameters:
    
    decryptionKey - the decryption key for the outer JWE.
    
    signingHandler - the signing handler for verifying the nested JWS.
    
    Returns:
    
    true if the nested signature is valid, otherwise false.
    
    Throws:
    
    JweDecryptionException - if the JWE cannot be decrypted.
  - getClaimsSet
```
public JwtClaimsSet getClaimsSet()
```
    Description copied from interface: Jwt
    
    Gets the claims set object for the Jwt, which contains all of the claims (name value pairs) conveyed by the JWT.
    
    Specified by:
    
    getClaimsSet in interface Jwt
    
    Overrides:
    
    getClaimsSet in class EncryptedJwt
    
    Returns:
    
    The JWTs Claims Set.
  - getSignedJwt
```
public SignedJwt getSignedJwt()
```
    Get the signed JWT. Note: you will need to call EncryptedJwt.decrypt(Key) first.
    
    Returns:
    
    the nested JWS.
  - copy
```
public SignedThenEncryptedJwt copy()
```
    Description copied from interface: Payload
    
    Create a copy of the current payload.
    
    Specified by:
    
    copy in interface Payload
    
    Overrides:
    
    copy in class EncryptedJwt
    
    Returns:
    
    a copy of the payload.

Class SignedThenEncryptedJwt

Constructor Summary

Method Summary

Methods inherited from class org.forgerock.json.jose.jwe.EncryptedJwt

Methods inherited from class java.lang.Object

Constructor Detail

SignedThenEncryptedJwt

SignedThenEncryptedJwt

SignedThenEncryptedJwt

Method Detail

verify

decryptAndVerify

getClaimsSet

getSignedJwt

copy