Class JwkSetHandler

java.lang.Object
org.forgerock.openig.handler.JwkSetHandler
All Implemented Interfaces:
Handler

public class JwkSetHandler extends Object implements Handler
Creates a JwkSetHandler to store the cryptographic keys.
 {
      "type": "JwkSetHandler",
      "config": {
          "secretsProvider"     :     Secrets Provider         [REQUIRED - The provider used to resolve
                                                                           the secret.]
          "purposes" [{                array of objects        [REQUIRED]
            "secretId"            :     expression               [REQUIRED - the secret ID.]
            "keyUsage"            :     expression<enum>         [REQUIRED - the key usage of the Secret ID.]
            "jwkAlgorithm"        :     expression               {OPTIONAL - the algorithm to include in the generated
                                                                             JWK. There is some validation
                                                                             to ensure that the algorithm is valid
                                                                             against the known possible values but it
                                                                             is not possible to know the actual
                                                                             algorithm used when the key was
                                                                             generated. See
                                                            https://datatracker.ietf.org/doc/html/rfc7517#section-4.4]
          }]
          "exposePrivateSecrets"  :     boolean                [OPTIONAL - If set to true, include the private and
                                                                           symmetric keys in the generated JWK. Be
                                                                           aware of the security considerations of
                                                                           enabling this setting. Defaults to false.]
      }
   }
 }
 
 
See Also:
  • Method Details

    • handle

      public Promise<Response,NeverThrowsException> handle(Context context, Request request)
      Description copied from interface: Handler
      Returns a Promise representing the asynchronous Response of the given request. If any (asynchronous) processing goes wrong, the promise still contains a Response (probably from the 4xx or 5xx status code family).

      A handler that doesn't hand-off the processing to another downstream handler is responsible for creating the response.

      The returned Promise contains the response returned from the server as-is. This is responsibility of the handler to produce the appropriate error response (404, 500, ...) in case of processing error.

      Note: As of Promise 2.0 implementation, it is not permitted to throw any runtime exception here. Doing so produce unexpected behaviour (most likely a server-side hang of the processing thread).

      Specified by:
      handle in interface Handler
      Parameters:
      context - The request context.
      request - The request.
      Returns:
      A Promise representing the response to be returned to the caller.