Interface JwtCryptographyHandler
-
- All Known Implementing Classes:
AuthenticatedEncryptionCryptographyHandler
,FallbackJwtCryptographyHandler
,KeyStoreJwtCryptographyHandler
,SecretsProviderJwtCryptographyHandler
public interface JwtCryptographyHandler
An abstraction of the cryptographic operations that the JWT session modules will need to do to create a read JWTs.
-
-
Method Summary
All Methods Instance Methods Abstract Methods Default Methods Deprecated Methods Modifier and Type Method Description default String
buildJwt(JwtBuilderFactory jwtBuilderFactory, JwtClaimsSet claimsSet)
Builds a JWT with the given claims set.default Promise<String,NoSuchSecretException>
buildJwtAsync(JwtBuilderFactory jwtBuilderFactory, JwtClaimsSet claimsSet)
Builds a JWT with the given claims set.default void
decrypt(EncryptedThenSignedJwt jwt)
Deprecated.UsedecryptAndVerify(JwtBuilderFactory, String)
instead.default Jwt
decryptAndVerify(JwtBuilderFactory jwtBuilderFactory, String jwt)
Decrypts and verifies that the JWT is authentic in a single step.void
initialize(Map<String,Object> options)
Initialise the handler.default EncryptedJwtBuilder
jwe(JwtBuilderFactory jwtbuilder)
Deprecated.UsebuildJwt(JwtBuilderFactory, JwtClaimsSet)
instead.default EncryptedThenSignedJwtBuilder
sign(EncryptedJwtBuilder jwtbuilder)
Deprecated.UsebuildJwt(JwtBuilderFactory, JwtClaimsSet)
instead.default boolean
verify(EncryptedThenSignedJwt jwt)
Deprecated.UsedecryptAndVerify(JwtBuilderFactory, String)
instead.
-
-
-
Method Detail
-
initialize
void initialize(Map<String,Object> options) throws AuthenticationException
Initialise the handler.- Parameters:
options
- The options to be used.- Throws:
AuthenticationException
- If the options are invalid.
-
verify
@Deprecated default boolean verify(EncryptedThenSignedJwt jwt)
Deprecated.UsedecryptAndVerify(JwtBuilderFactory, String)
instead.Verify the JWT.- Parameters:
jwt
- The JWT.- Returns:
- true if the JWT is valid.
-
decrypt
@Deprecated default void decrypt(EncryptedThenSignedJwt jwt)
Deprecated.UsedecryptAndVerify(JwtBuilderFactory, String)
instead.Decrypt the JWT.- Parameters:
jwt
- The JWT.
-
jwe
@Deprecated default EncryptedJwtBuilder jwe(JwtBuilderFactory jwtbuilder)
Deprecated.UsebuildJwt(JwtBuilderFactory, JwtClaimsSet)
instead.Apply encryption to the JWT.- Parameters:
jwtbuilder
- The JWT builder.- Returns:
- The JWT builder after applying encryption.
-
sign
@Deprecated default EncryptedThenSignedJwtBuilder sign(EncryptedJwtBuilder jwtbuilder)
Deprecated.UsebuildJwt(JwtBuilderFactory, JwtClaimsSet)
instead.Sign the JWT.- Parameters:
jwtbuilder
- The JWT builder.- Returns:
- The JWT builder after signing.
-
buildJwt
default String buildJwt(JwtBuilderFactory jwtBuilderFactory, JwtClaimsSet claimsSet)
Builds a JWT with the given claims set. The resulting JWT will be both encrypted and authenticated, either through direct authenticated encryption or a combination of encryption and signing.- Parameters:
jwtBuilderFactory
- the JWT builder factory.claimsSet
- the claims to add to the JWT.- Returns:
- the JWT in Compact Serialization form.
- Throws:
KeystoreManagerException
- if no keys are available to produce the JWT.
-
buildJwtAsync
default Promise<String,NoSuchSecretException> buildJwtAsync(JwtBuilderFactory jwtBuilderFactory, JwtClaimsSet claimsSet)
Builds a JWT with the given claims set. The resulting JWT will be both encrypted and authenticated, either through direct authenticated encryption or a combination of encryption and signing. The resulting JWT will be wrapped in aPromise
.- Parameters:
jwtBuilderFactory
- the JWT builder factory.claimsSet
- the claims to add to the JWT.- Returns:
- the JWT in Compact Serialization form as a
Promise
, or aNoSuchSecretException
exception promise if the secret can not be found.
-
decryptAndVerify
default Jwt decryptAndVerify(JwtBuilderFactory jwtBuilderFactory, String jwt)
Decrypts and verifies that the JWT is authentic in a single step.- Parameters:
jwtBuilderFactory
- The JWT builder factory.jwt
- the JWT to decrypt and verify.- Returns:
- the decrypted and verified JWT.
- Throws:
JwtRuntimeException
- if decryption or verification fails.
-
-