Class JwksStore
java.lang.Object
org.forgerock.json.jose.jwk.store.JwksStore
Store JWKs into a jwkSet from a JWKs_URI and refresh the jwkSet when necessary.
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionDeprecated.UsefindJwkAsync(String)
instead.Deprecated.UsefindJwkAsync(String)
instead.findJwkAsync
(String kid) Search asynchronously for a JWK that matches the kid.findJwkAsync
(Predicate<JWK> predicate) Return the JWK matching the keyID with the algorithm and keyUse.findJwkAsync
(Algorithm algorithm, String keyUse) Search asynchronously for a JWK that matches the algorithm and the key usage.Get the cache time before reloading the cache in case of cache miss.Get the cache timeout.The JWKs URI.Returns the last successfully loaded JWK Set together with the time at which it was last fetched.Returns the latest non expired successfully loaded JWK Set.static Promise<JwksStore,
FailedToLoadJWKException> newJwksStore
(Duration cacheTimeout, Duration cacheMissCacheTime, URL jwkUrl, JWKSetParser jwkSetParser, Clock clock) Create a new JWKs store asynchronously.void
Deprecated.UsereloadJwksAsync()
instead.Communicates with the configured server, attempting to download the latest JWKs for use.void
setCacheMissCacheTime
(Duration cacheMissCacheTime) Update the cache time before reloading the cache in case of cache miss.void
setCacheTimeout
(Duration cacheTimeout) Update the cache timeout.void
Deprecated.UsesetJwkUrlAsync(URL)
instead.setJwkUrlAsync
(URL jwkUrl) Update the JWKs URI.toString()
-
Constructor Details
-
JwksStore
@Deprecated public JwksStore(Duration cacheTimeout, Duration cacheMissCacheTime, URL jwkUrl, JWKSetParser jwkSetParser, Clock clock) throws FailedToLoadJWKException Deprecated.It is recommended to usenewJwksStore(Duration, Duration, URL, JWKSetParser, Clock)
.Create a new JWKs store.- Parameters:
cacheTimeout
- a cache timeout to avoid reloading the cache all the time when doing encryptioncacheMissCacheTime
- the cache time before reloading the cache in case of a cache miss. This avoids polling the client application too often.jwkUrl
- the jwk url of the JWKs hosted by the client applicationjwkSetParser
- the jwks set parserclock
- the clock to use for determining when to reload the jwk set.- Throws:
FailedToLoadJWKException
- if the jwks can't be reloaded.
-
-
Method Details
-
newJwksStore
public static Promise<JwksStore,FailedToLoadJWKException> newJwksStore(Duration cacheTimeout, Duration cacheMissCacheTime, URL jwkUrl, JWKSetParser jwkSetParser, Clock clock) Create a new JWKs store asynchronously. TheJwksStore
may not be properly initialized when the promise is completed, as we ignore the exception and return the store anyway.- Parameters:
cacheTimeout
- a cache timeout to avoid reloading the cache all the time when doing encryptioncacheMissCacheTime
- the cache time before reloading the cache in case of a cache miss. This avoids polling the client application too often.jwkUrl
- the jwk url of the JWKs hosted by the client applicationjwkSetParser
- the jwks set parserclock
- the clock to use for determining when to reload the jwk set.- Returns:
- a
Promise
of aJwksStore
.
-
reloadJwksAsync
Communicates with the configured server, attempting to download the latest JWKs for use.- Returns:
- a
Promise
of a FailedToLoadJWKException if an exception occurs.
-
reloadJwks
Deprecated.UsereloadJwksAsync()
instead.Communicates with the configured server, attempting to download the latest JWKs for use.- Throws:
FailedToLoadJWKException
- if there were issues parsing the supplied URL
-
findJwk
Deprecated.UsefindJwkAsync(String)
instead.Search for a JWK that matches the algorithm and the key usage.- Parameters:
algorithm
- the algorithm neededkeyUse
- the key usage. If null, only the algorithm will be used as a search criteria.- Returns:
- A jwk that matches the search criteria. If no JWK found for the key usage, then it searches for a JWK without key usage defined. If still no JWK found, then returns null.
- Throws:
FailedToLoadJWKException
- if the jwks can't be reloaded.
-
findJwkAsync
Search asynchronously for a JWK that matches the algorithm and the key usage. -
findJwk
Deprecated.UsefindJwkAsync(String)
instead.Search for a JWK that matches the kid.- Parameters:
kid
- Key ID- Returns:
- A jwk that matches the kid. If no JWK found, returns null
- Throws:
FailedToLoadJWKException
- if the jwks can't be reloaded.
-
findJwkAsync
Search asynchronously for a JWK that matches the kid. -
findJwkAsync
Return the JWK matching the keyID with the algorithm and keyUse.- Parameters:
predicate
- function test the JWK against.- Returns:
- the JWK matching the predicate.
-
getLastLoadedJwkSet
Returns the last successfully loaded JWK Set together with the time at which it was last fetched.- Returns:
- the current JWK Set and the instant it was loaded.
-
getLatestJwkSet
Returns the latest non expired successfully loaded JWK Set.- Returns:
- the latest non expired successfully loaded JWK Set.
-
getCacheTimeout
Get the cache timeout.- Returns:
- the cache timeout.
-
getCacheMissCacheTime
Get the cache time before reloading the cache in case of cache miss.- Returns:
- the cache miss cache time.
-
getJwkUrl
The JWKs URI.- Returns:
- the jwk uri.
-
setCacheTimeout
Update the cache timeout.- Parameters:
cacheTimeout
- the cache timeout.
-
setCacheMissCacheTime
Update the cache time before reloading the cache in case of cache miss.- Parameters:
cacheMissCacheTime
- the cache miss cache time.
-
setJwkUrl
Deprecated.UsesetJwkUrlAsync(URL)
instead.Update the JWKs URI.- Parameters:
jwkUrl
- the jwks uri.- Throws:
FailedToLoadJWKException
- if unable to set the URL.
-
setJwkUrlAsync
Update the JWKs URI.- Parameters:
jwkUrl
- the jwks uri.- Returns:
- a
Promise
encapsulating any potential exception.
-
toString
-
newJwksStore(Duration, Duration, URL, JWKSetParser, Clock)
.