Package org.apache.solr.security.jwt
Class JWTVerificationkeyResolver
java.lang.Object
org.apache.solr.security.jwt.JWTVerificationkeyResolver
- All Implemented Interfaces:
org.jose4j.keys.resolvers.VerificationKeyResolver
public class JWTVerificationkeyResolver
extends Object
implements org.jose4j.keys.resolvers.VerificationKeyResolver
Resolves jws signature verification keys from a set of
JWTIssuerConfig objects, which may
represent any valid configuration in Solr's security.json, i.e. static list of JWKs or keys
retrieved from HTTPs JWK endpoints.
This implementation maintains a map of issuers, each with its own list of JsonWebKey,
and resolves correct key from correct issuer similar to HttpsJwksVerificationKeyResolver. If
issuer claim is not required, we will select the first IssuerConfig if there is exactly one such
config.
If a key is not found, and issuer is backed by HTTPsJWKs, we attempt one cache refresh before failing.
-
Constructor Summary
ConstructorsConstructorDescriptionJWTVerificationkeyResolver(Collection<JWTIssuerConfig> issuerConfigs, boolean requireIssuer) Resolves key from a JWKs from one or more IssuerConfigs -
Method Summary
Modifier and TypeMethodDescriptionresolveKey(org.jose4j.jws.JsonWebSignature jws, List<org.jose4j.jwx.JsonWebStructure> nestingContext)
-
Constructor Details
-
JWTVerificationkeyResolver
Resolves key from a JWKs from one or more IssuerConfigs- Parameters:
issuerConfigs- Collection of configuration objects for the issuer(s)requireIssuer- if true, will require 'iss' claim on jws
-
-
Method Details
-
resolveKey
public Key resolveKey(org.jose4j.jws.JsonWebSignature jws, List<org.jose4j.jwx.JsonWebStructure> nestingContext) throws org.jose4j.lang.UnresolvableKeyException - Specified by:
resolveKeyin interfaceorg.jose4j.keys.resolvers.VerificationKeyResolver- Throws:
org.jose4j.lang.UnresolvableKeyException
-