Class SecretsJwtTokenHandler.Builder
java.lang.Object
org.forgerock.json.jose.tokenhandler.SecretsJwtTokenHandler.Builder
- Enclosing class:
- SecretsJwtTokenHandler
Builder pattern object for configuring a
SecretsJwtTokenHandler.-
Method Summary
Modifier and TypeMethodDescriptionbuild()Builds theSecretsJwtTokenHandlerbased on the configuration specified.Specifies the clock to use for checking if tokens have expired.decryptionPurpose(Purpose<? extends CryptoKey> decryptionKeyPurpose) Specifies thePurposeused to retrieve decryption keys from the secrets provider.encryptionMethod(EncryptionMethod encryptionMethod) Specifies the JWE content encryption method to use when encrypting tokens produced by this token handler.encryptionPurpose(Purpose<? extends CryptoKey> encryptionKeyPurpose) Specifies thePurposeused to retrieve encryption keys from the secrets provider.jweAlgorithm(JweAlgorithm algorithm) Specifies the JWE key management algorithm to use when encrypting tokens produced by this token handler.jwsAlgorithm(JwsAlgorithm algorithm) Specifies the JWS signature algorithm to use to sign tokens produced by this token handler.secretsProvider(SecretsProvider secretsProvider) Configures theSecretsProviderfrom which to retrieve signing and encryption keys.signingPurpose(Purpose<SigningKey> signingKeyPurpose) Specifies thePurposeused to retrieve signing keys from the secrets provider.tokenLifetimeInSeconds(long tokenLifetimeSeconds) Specifies the maximum lifetime (in seconds) of the tokens produced by this token handler.tokenLifetimeInSeconds(Optional<Long> tokenLifeTimeInSeconds) Specifies the maximum lifetime (in seconds) of the tokens produced by this token handler.verificationPurpose(Purpose<VerificationKey> verificationKeyPurpose) Specifies thePurposeused to retrieve verification keys from the secrets provider.
-
Method Details
-
jweAlgorithm
Specifies the JWE key management algorithm to use when encrypting tokens produced by this token handler. Defaults toJweAlgorithm.RSA_OAEP_256.- Parameters:
algorithm- the algorithm to use.- Returns:
- this builder.
-
encryptionMethod
Specifies the JWE content encryption method to use when encrypting tokens produced by this token handler. Defaults toEncryptionMethod.A128CBC_HS256.- Parameters:
encryptionMethod- the encryption method to use.- Returns:
- this builder.
-
jwsAlgorithm
Specifies the JWS signature algorithm to use to sign tokens produced by this token handler. Defaults toJwsAlgorithm.HS256.- Parameters:
algorithm- the JWS signature algorithm.- Returns:
- this builder.
-
tokenLifetimeInSeconds
Specifies the maximum lifetime (in seconds) of the tokens produced by this token handler.- Parameters:
tokenLifetimeSeconds- the lifetime in seconds. Must be greater than zero.- Returns:
- this builder.
-
tokenLifetimeInSeconds
Specifies the maximum lifetime (in seconds) of the tokens produced by this token handler.- Parameters:
tokenLifeTimeInSeconds- the lifetime in seconds. If present, must be greater than zero.- Returns:
- this builder.
-
secretsProvider
Configures theSecretsProviderfrom which to retrieve signing and encryption keys.- Parameters:
secretsProvider- the secrets provider.- Returns:
- this builder.
-
signingPurpose
Specifies thePurposeused to retrieve signing keys from the secrets provider.- Parameters:
signingKeyPurpose- the signing purpose.- Returns:
- this builder.
-
verificationPurpose
public SecretsJwtTokenHandler.Builder verificationPurpose(Purpose<VerificationKey> verificationKeyPurpose) Specifies thePurposeused to retrieve verification keys from the secrets provider.- Parameters:
verificationKeyPurpose- the verification purpose.- Returns:
- this builder.
-
encryptionPurpose
public SecretsJwtTokenHandler.Builder encryptionPurpose(Purpose<? extends CryptoKey> encryptionKeyPurpose) Specifies thePurposeused to retrieve encryption keys from the secrets provider. This will typically be aDataEncryptionKey,KeyEncryptionKey, orKeyAgreementKey, depending on JWE algorithm being used.- Parameters:
encryptionKeyPurpose- the encryption purpose.- Returns:
- this builder.
-
decryptionPurpose
public SecretsJwtTokenHandler.Builder decryptionPurpose(Purpose<? extends CryptoKey> decryptionKeyPurpose) Specifies thePurposeused to retrieve decryption keys from the secrets provider. This will typically be aDataDecryptionKey,KeyDecryptionKey, orKeyAgreementKey, depending on JWE algorithm being used.- Parameters:
decryptionKeyPurpose- the decryption purpose.- Returns:
- this builder.
-
clock
Specifies the clock to use for checking if tokens have expired.- Parameters:
clock- the clock to use for checking token expiry.- Returns:
- this builder.
-
build
Builds theSecretsJwtTokenHandlerbased on the configuration specified.- Returns:
- the configured token handler.
- Throws:
IllegalArgumentException- if any of the specified configuration values are invalid.NullPointerException- if a required value has not been specified and has no default.
-