Package org.forgerock.json.jose.tokenhandler

Class SecretsJwtTokenHandler

java.lang.Object

org.forgerock.json.jose.tokenhandler.SecretsJwtTokenHandler

All Implemented Interfaces:

TokenHandler

public final class SecretsJwtTokenHandler
extends Object
implements TokenHandler

Token handler for creating tokens using a JWT as the store.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static final class	SecretsJwtTokenHandler.Builder	Builder pattern object for configuring a SecretsJwtTokenHandler.

Constructor Summary

Constructors

Constructor	Description
SecretsJwtTokenHandler(JweAlgorithm jweAlgorithm, EncryptionMethod jweMethod, JwsAlgorithm jwsAlgorithm, Optional<Long> tokenLifeTimeInSeconds, KeyPair jweKeyPair, SigningManager manager, Purpose<SigningKey> signingKeyPurpose, Purpose<VerificationKey> verificationKeyPurpose, Clock clock)	Deprecated. Use builder() instead.

Method Summary

Modifier and Type	Method	Description
static SecretsJwtTokenHandler.Builder	builder()	Creates a new SecretsJwtTokenHandler.Builder object to configure a SecretsJwtTokenHandler instance.
String	generate(JsonValue state)	Generates a new token using the state.
void	validate(String snapshotToken)	Validates the passed token.
JsonValue	validateAndExtractState(String snapshotToken)	Validates and parses the token, extracting any encapsulated state.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

SecretsJwtTokenHandler

@Deprecated
public SecretsJwtTokenHandler(JweAlgorithm jweAlgorithm,
 EncryptionMethod jweMethod,
 JwsAlgorithm jwsAlgorithm,
 Optional<Long> tokenLifeTimeInSeconds,
 KeyPair jweKeyPair,
 SigningManager manager,
 Purpose<SigningKey> signingKeyPurpose,
 Purpose<VerificationKey> verificationKeyPurpose,
 Clock clock)

Deprecated.

Use builder() instead.

Constructs a new JWT token handler.

Parameters:

jweAlgorithm - the JWE algorithm use to construct the key pair

jweMethod - the encryption method to use

jwsAlgorithm - the JWS algorithm to use

tokenLifeTimeInSeconds - token life time in seconds

jweKeyPair - key pair for the purpose of encryption

manager - manager used to obtain secrets

signingKeyPurpose - purpose of the signing secret

verificationKeyPurpose - purpose of the signature verification secret

clock - clock to handle expiration timeouts

Method Details

builder

public static SecretsJwtTokenHandler.Builder builder()

Creates a new SecretsJwtTokenHandler.Builder object to configure a SecretsJwtTokenHandler instance.

Returns:

a fresh builder instance.

generate

public String generate(JsonValue state)
                throws TokenHandlerException

Description copied from interface: TokenHandler

Generates a new token using the state.

Specified by:

generate in interface TokenHandler

Parameters:

state - the state

Returns:

token

Throws:

TokenHandlerException - on failure to generate token

validate

public void validate(String snapshotToken)
              throws TokenHandlerException

Description copied from interface: TokenHandler

Validates the passed token.

Specified by:

validate in interface TokenHandler

Parameters:

snapshotToken - the token to be validated

Throws:

InvalidTokenException - on invalid token

ExpiredTokenException - on expired token

TokenHandlerException - on other failure to validate token

validateAndExtractState

public JsonValue validateAndExtractState(String snapshotToken)
                                  throws TokenHandlerException

Description copied from interface: TokenHandler

Validates and parses the token, extracting any encapsulated state.

Specified by:

validateAndExtractState in interface TokenHandler

Parameters:

snapshotToken - the token to be validated and parsed

Returns:

the state

Throws:

InvalidTokenException - on invalid token

ExpiredTokenException - on expired token

TokenHandlerException - on other failure to validate or extract token