Package org.forgerock.openig.handler

Class JwkSetHandler

java.lang.Object

org.forgerock.openig.handler.JwkSetHandler

All Implemented Interfaces:

Handler

public class JwkSetHandler
extends Object
implements Handler

Creates a JwkSetHandler to store the cryptographic keys.

 {
      "type": "JwkSetHandler",
      "config": {
          "secretsProvider"     :     Secrets Provider         [REQUIRED - The provider used to resolve
                                                                           the secret.]
          "purposes" [{                array of objects        [REQUIRED]
            "secretId"            :     expression               [REQUIRED - the secret ID.]
            "keyUsage"            :     expression<enum>         [REQUIRED - the key usage of the Secret ID.]
            "jwkAlgorithm"        :     expression               {OPTIONAL - the algorithm to include in the generated
                                                                             JWK. There is some validation
                                                                             to ensure that the algorithm is valid
                                                                             against the known possible values but it
                                                                             is not possible to know the actual
                                                                             algorithm used when the key was
                                                                             generated. See
                                                            https://datatracker.ietf.org/doc/html/rfc7517#section-4.4]
          }]
          "exposePrivateSecrets"  :     boolean                [OPTIONAL - If set to true, include the private and
                                                                           symmetric keys in the generated JWK. Be
                                                                           aware of the security considerations of
                                                                           enabling this setting. Defaults to false.]
      }
   }
 }
 
 

See Also:

• KeyUsage

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	JwkSetHandler.Heaplet	Creates and initializes a JwkSetHandler in a heap environment.

Method Summary

Modifier and Type	Method	Description
Promise<Response,NeverThrowsException>	handle(Context context, Request request)	Returns a Promise representing the asynchronous Response of the given request.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

handle

public Promise<Response,NeverThrowsException> handle(Context context,
 Request request)

Description copied from interface: Handler

Returns a Promise representing the asynchronous Response of the given request. If any (asynchronous) processing goes wrong, the promise still contains a Response (probably from the 4xx or 5xx status code family).

A handler that doesn't hand-off the processing to another downstream handler is responsible for creating the response.

The returned Promise contains the response returned from the server as-is. This is responsibility of the handler to produce the appropriate error response (404, 500, ...) in case of processing error.

Note: As of Promise 2.0 implementation, it is not permitted to throw any runtime exception here. Doing so produce unexpected behaviour (most likely a server-side hang of the processing thread).

Specified by:

handle in interface Handler

Parameters:

context - The request context.

request - The request.

Returns:

A Promise representing the response to be returned to the caller.