Package org.forgerock.json.jose.jwk.store

Class JwksStoreService

java.lang.Object
org.forgerock.json.jose.jwk.store.JwksStoreService
public class JwksStoreService extends Object
Manage the jwks store, to avoid having more than one jwks store for the same JWKs_URI unnecessary.

  • Field Details

    • JWKS_STORE_DEFAULT_CACHE_TIMEOUT

      public static final Duration JWKS_STORE_DEFAULT_CACHE_TIMEOUT
      The default cache timeout.

    • JWKS_STORE_DEFAULT_CACHE_MISS_CACHE_TIME

      public static final Duration JWKS_STORE_DEFAULT_CACHE_MISS_CACHE_TIME
      The default cache time before reload the cache in case of cache miss.

    • JWKS_STORE_DEFAULT_CACHE_TIMEOUT_MS

      @Deprecated(since="27.0.0", forRemoval=true) public static final Duration JWKS_STORE_DEFAULT_CACHE_TIMEOUT_MS
      Deprecated, for removal: This API element is subject to removal in a future version.
      Use JWKS_STORE_DEFAULT_CACHE_TIMEOUT instead.
      The default cache timeout in ms.

    • JWKS_STORE_DEFAULT_CACHE_MISS_CACHE_TIME_MS

      @Deprecated(since="27.0.0", forRemoval=true) public static final Duration JWKS_STORE_DEFAULT_CACHE_MISS_CACHE_TIME_MS
      Deprecated, for removal: This API element is subject to removal in a future version.
      Use JWKS_STORE_DEFAULT_CACHE_MISS_CACHE_TIME instead.
      The default cache time before reload the cache in case of cache miss ms.

  • Constructor Details

    • JwksStoreService

      @Deprecated public JwksStoreService()
      Deprecated.
      Prefer using the constructor JwksStoreService(Client client) in which you provide your own instance of Client. This one does instantiate a specific instance of AsyncHttpClient but does not allow any custom filter processing, nor does it close it properly.
      Default constructor.

    • JwksStoreService

      @Deprecated public JwksStoreService(int readTimeout, int connTimeout)
      Deprecated.
      Prefer using the constructor JwksStoreService(Client client) where timeouts are in control of the client application
      Constructor with read and connection timeout. It's used for the connection to the JWKs_URI.
      Parameters:
      readTimeout - the read timeout
      connTimeout - the connection timeout

    • JwksStoreService

      public JwksStoreService(Client client)
      Constructor with a HTTP client, that will be used to connect to the JWKS_URI.
      Parameters:
      client - the HTTP client

  • Method Details

    • getJwksStore

      public JwksStore getJwksStore(String uid)
      Returns the appropriate JWKs store.
      Parameters:
      uid - Reference to the jwks store. Note that the uid check is case insensitive
      Returns:
      a JWKs Store for the corresponding UID. If doesn't exist, returns null

    • configureJwksStore

      @Deprecated public JwksStore configureJwksStore(String uid, Duration cacheTimeout, Duration cacheMissCacheTime, URL jwkUrl) throws FailedToLoadJWKException
      Deprecated.
      Use configureJwksStore(String, org.forgerock.util.time.Duration, org.forgerock.util.time.Duration, URL, Clock) with an explicit clock.
      Configure a JWKs store.
      Parameters:
      uid - the unique identifier for this store
      cacheTimeout - a cache timeout to avoid reloading the cache all the time when doing encryption
      cacheMissCacheTime - the cache time before reload the cache in case of cache miss.
      jwkUrl - the jwk url hosted by the client application
      Returns:
      the JWKs store corresponding
      Throws:
      FailedToLoadJWKException - if the jwks can't be reloaded.

    • configureJwksStore

      @Deprecated public JwksStore configureJwksStore(String uid, Duration cacheTimeout, Duration cacheMissCacheTime, URL jwkUrl, Clock clock) throws FailedToLoadJWKException
      Deprecated.
      use configureJwksStoreAsync(String, Duration, Duration, URL, Clock) instead.
      Configure a JWKs store.
      Parameters:
      uid - the unique identifier for this store
      cacheTimeout - a cache timeout to avoid reloading the cache all the time when doing encryption
      cacheMissCacheTime - the cache time before reload the cache in case of cache miss.
      jwkUrl - the jwk url hosted by the client application
      clock - clock to use for measuring timeouts.
      Returns:
      the JWKs store corresponding
      Throws:
      FailedToLoadJWKException - if the jwks can't be reloaded.

    • configureJwksStoreAsync

      @Deprecated(since="27.0.0", forRemoval=true) public Promise<JwksStore,FailedToLoadJWKException> configureJwksStoreAsync(String uid, Duration cacheTimeout, Duration cacheMissCacheTime, URL jwkUrl, Clock clock)
      Deprecated, for removal: This API element is subject to removal in a future version.
      use configureJwksStoreAsync(String, Duration, Duration, URL, Clock) instead.
      Configure a JWKs store.
      Parameters:
      uid - the unique identifier for this store
      cacheTimeout - a cache timeout to avoid reloading the cache all the time when doing encryption
      cacheMissCacheTime - the cache time before reload the cache in case of cache miss.
      jwkUrl - the jwk url hosted by the client application
      clock - clock to use for measuring timeouts.
      Returns:
      the JWKs store corresponding

    • configureJwksStoreAsync

      public Promise<JwksStore,FailedToLoadJWKException> configureJwksStoreAsync(String uid, Duration cacheTimeout, Duration cacheMissCacheTime, URL jwkUrl, Clock clock)
      Configure a JWKs store.
      Parameters:
      uid - the unique identifier for this store
      cacheTimeout - a cache timeout to avoid reloading the cache all the time when doing encryption
      cacheMissCacheTime - the cache time before reload the cache in case of cache miss.
      jwkUrl - the jwk url hosted by the client application
      clock - clock to use for measuring timeouts.
      Returns:
      the JWKs store corresponding

    • removeJwksStore

      public void removeJwksStore(String uid)
      Remove the corresponding jwks store if it exists.
      Parameters:
      uid - the uid. Note that the uid check isn't case-sensitive