| Package | Description |
|---|---|
| org.forgerock.json.jose.builders |
Classes and interfaces for builder to build JWTs using a fluent API.
|
| org.forgerock.json.jose.jwe |
Classes and interfaces for JWT encryption and JWEs.
|
| org.forgerock.json.jose.jws |
Classes and interfaces for JWT signing and JWS'.
|
| org.forgerock.json.jose.jws.handlers |
Signing Handler classes for each possible signing algorithm.
|
| org.forgerock.json.jose.tokenhandler |
JWT implementation(s) of
TokenHandler. |
| Modifier and Type | Method and Description |
|---|---|
SignedJwtBuilderImpl |
JwtBuilderFactory.jws(SigningHandler signingHandler)
Creates a builder for building a signed JWT into a base64url UTF-8 encoded JWT string.
|
SignedEncryptedJwtBuilder |
EncryptedJwtBuilder.sign(SigningHandler signingHandler,
JwsAlgorithm jwsAlgorithm)
Deprecated.
|
EncryptedThenSignedJwtBuilder |
EncryptedJwtBuilder.signedWith(SigningHandler signingHandler,
JwsAlgorithm jwsAlgorithm)
Returns an
EncryptedThenSignedJwtBuilder that will build a signed JWT with this builder's encrypted JWT
as its payload. |
| Constructor and Description |
|---|
EncryptedThenSignedJwtBuilder(EncryptedJwtBuilder encryptedJwtBuilder,
SigningHandler signingHandler,
JwsAlgorithm jwsAlgorithm)
Constructs a new SignedEncryptedJwtBuilder that will use the given EncryptedJwtBuilder, to build the nested
Encrypted JWT, and the private key and JwsAlgorithm to sign the outer JWT.
|
SignedEncryptedJwtBuilder(EncryptedJwtBuilder encryptedJwtBuilder,
SigningHandler signingHandler,
JwsAlgorithm jwsAlgorithm)
Deprecated.
Constructs a new SignedEncryptedJwtBuilder that will use the given EncryptedJwtBuilder, to build the nested
Encrypted JWT, and the private key and JwsAlgorithm to sign the outer JWT.
|
SignedJwtBuilderImpl(SigningHandler signingHandler)
Constructs a new SignedJwtBuilderImpl that will use the given private key to sign the JWT.
|
| Modifier and Type | Method and Description |
|---|---|
boolean |
SignedThenEncryptedJwt.decryptAndVerify(Key decryptionKey,
SigningHandler signingHandler)
Decrypts the outer JWT and then verifies the signature on the inner JWT.
|
boolean |
SignedThenEncryptedJwt.verify(SigningHandler signingHandler)
Verifies that the signature is valid on the nested signed JWT.
|
| Modifier and Type | Method and Description |
|---|---|
SigningHandler |
SigningManager.newEcdsaSigningHandler(ECPrivateKey key)
Constructs a new handler for signing ES256 signatures.
|
SigningHandler |
SigningManager.newEcdsaSigningHandler(PrivateKey key)
Constructs a new handler for signing ES256 signatures.
|
SigningHandler |
SigningManager.newEcdsaVerificationHandler(ECPublicKey key)
Constructs a new handler for verifying ES256 signatures.
|
SigningHandler |
SigningManager.newEdDsaSigningHandler(byte[] privateKey)
Constructs a new handler for signing EdDSA signatures.
|
SigningHandler |
SigningManager.newEdDsaVerificationHandler(byte[] publicKey)
Constructs a new handler for verifying EdDSA signatures.
|
SigningHandler |
SigningManager.newHmacSigningHandler(byte[] sharedSecret)
Constructs a new HmacSigningHandler.
|
SigningHandler |
SigningManager.newHmacSigningHandler(SecretKey secretKey)
Constructs a new HmacSigningHandler.
|
SigningHandler |
SigningManager.newNopSigningHandler()
Constructs an implementation of the SigningHandler which does not perform
any signing or verifying.
|
SigningHandler |
SigningManager.newRsaSigningHandler(Key key)
Constructs a new RSASigningHandler, with a SignatureUtil instance to
delegate the signing and verifying calls to.
|
SigningHandler |
SigningManager.newSigningHandler(JWK jwk)
Returns the signing handler from the given JSON Web Key (JWK) which will be used to sign the JWT.
|
SigningHandler |
SigningManager.newSigningHandler(Key key)
Returns the signing handler from the given Key which will be used to verify the JWT.
|
SigningHandler |
SigningManager.newVerificationHandler(JWK jwk)
Returns the signing handler from the given JSON Web Key (JWK) which will be used to verify the JWT.
|
SigningHandler |
SigningManager.newVerificationHandler(Key key)
Returns the signing handler from the given Key which will be used to verify the JWT.
|
| Modifier and Type | Method and Description |
|---|---|
boolean |
SignedJwt.verify(SigningHandler signingHandler)
Verifies that the JWS signature is valid for the contents of its payload.
|
| Constructor and Description |
|---|
EncryptedThenSignedJwt(JwsHeader header,
EncryptedJwt nestedJwe,
SigningHandler signingHandler)
Constructs a fresh, new SignedEncryptedJwt from the given JwsHeader and nested Encrypted JWT.
|
SignedEncryptedJwt(JwsHeader header,
EncryptedJwt nestedJwe,
SigningHandler signingHandler)
Deprecated.
Constructs a fresh, new SignedEncryptedJwt from the given JwsHeader and nested Encrypted JWT.
|
SignedJwt(JwsHeader header,
JwtClaimsSet claimsSet,
SigningHandler signingHandler)
Constructs a fresh, new SignedJwt from the given JwsHeader and JwtClaimsSet.
|
SignedJwt(JwsHeader header,
Payload nestedPayload,
SigningHandler signingHandler)
Constructs a fresh, new SignedJwt from the given JwsHeader and nested Encrypted JWT.
|
| Modifier and Type | Class and Description |
|---|---|
class |
ECDSASigningHandler
Elliptic Curve Digital Signature Algorithm (ECDSA) signing and verification.
|
class |
EdDSASigningHandler
Signing handler for Edwards Curve DSA (EdDSA) as defined in RFC
8037.
|
class |
HmacSigningHandler
An implementation of the SigningHandler which can sign and verify using algorithms from the HMAC family.
|
class |
NOPSigningHandler
An implementation of the SigningHandler which does not perform any signing or verifying.
|
class |
RSASigningHandler
An implementation of the SigningHandler which can sign and verify using algorithms from the RSA family.
|
| Constructor and Description |
|---|
JwtTokenHandler(JweAlgorithm jweAlgorithm,
EncryptionMethod jweMethod,
KeyPair jweKeyPair,
JwsAlgorithm jwsAlgorithm,
SigningHandler jwsHandler)
Constructs a new JWT token handler that never expires.
|
JwtTokenHandler(JweAlgorithm jweAlgorithm,
EncryptionMethod jweMethod,
KeyPair jweKeyPair,
JwsAlgorithm jwsAlgorithm,
SigningHandler jwsHandler,
Optional<Long> tokenLifeTimeInSeconds,
int tokenStatePaddingLength)
Constructs a new JWT token handler.
|
Copyright 2010-2022 ForgeRock AS.