Class OctetSequenceJwsReconstruction

java.lang.Object
org.forgerock.openig.fapi.jwt.OctetSequenceJwsReconstruction

public class OctetSequenceJwsReconstruction extends Object
A service that provides a method for reconstructing a JWS string containing an octet-sequence payload back into its respective OctetSequenceSignedJwt.

This expands on the COMMONS JwtReconstruction class on which it is based in that it supports non-JSON payloads through the use of COMMONS Payload, which is already supported by e.g. the SignedJwt class. Note that this implementation does not support building these other JWT types.

N.B. This class is introduced for OpenBanking OPENIG-9436, but is expected to be temporary until COMMONS can be retrofitted to support octet-sequence JWS and JWE payloads (COMMONS-1558). There are a number of constraints that make that not immediately straightforward.

  • Constructor Details

    • OctetSequenceJwsReconstruction

      public OctetSequenceJwsReconstruction()
      Default constructor.
  • Method Details

    • recognizedHeaders

      public OctetSequenceJwsReconstruction recognizedHeaders(String... headers)
      Configures additional application-specific header values that are understood and processed by the application. Any non-standard critical headers that are not in this list will cause processing to fail.
      Parameters:
      headers - the set of headers to add to the recognized set.
      Returns:
      the updated JwtReconstruction object.
    • reconstructJwt

      public OctetSequenceSignedJwt reconstructJwt(String jwtString)
      Reconstructs the given encoded octet-sequence JWS string into a JWS object of the specified type. The jwtString is expected to contain an octet-sequence UTF-8 payload.
      Parameters:
      jwtString - The JWT string.
      Returns:
      The reconstructed JWT object.
      Throws:
      InvalidJwtException - If the jwt does not consist of the correct number of parts or is malformed.
      JwtReconstructionException - If the jwt does not consist of the correct number of parts.
      UnrecognizedCriticalHeaderException - If the JWT contains critical headers ("crit") that are not recognized by the application.