public class JWTVerificationkeyResolver extends Object implements org.jose4j.keys.resolvers.VerificationKeyResolver
JWTIssuerConfig
objects, which
may represent any valid configuration in Solr's security.json, i.e. static list of JWKs
or keys retrieved from HTTPs JWK endpoints.
This implementation maintains a map of issuers, each with its own list of JsonWebKey
,
and resolves correct key from correct issuer similar to HttpsJwksVerificationKeyResolver.
If issuer claim is not required, we will select the first IssuerConfig if there is exactly one such config.
If a key is not found, and issuer is backed by HTTPsJWKs, we attempt one cache refresh before failing.Constructor and Description |
---|
JWTVerificationkeyResolver(Collection<JWTIssuerConfig> issuerConfigs,
boolean requireIssuer)
Resolves key from a JWKs from one or more IssuerConfigs
|
Modifier and Type | Method and Description |
---|---|
Key |
resolveKey(org.jose4j.jws.JsonWebSignature jws,
List<org.jose4j.jwx.JsonWebStructure> nestingContext) |
public JWTVerificationkeyResolver(Collection<JWTIssuerConfig> issuerConfigs, boolean requireIssuer)
issuerConfigs
- Collection of configuration objects for the issuer(s)requireIssuer
- if true, will require 'iss' claim on jwspublic Key resolveKey(org.jose4j.jws.JsonWebSignature jws, List<org.jose4j.jwx.JsonWebStructure> nestingContext) throws org.jose4j.lang.UnresolvableKeyException
resolveKey
in interface org.jose4j.keys.resolvers.VerificationKeyResolver
org.jose4j.lang.UnresolvableKeyException
Copyright © 2000-2020 Apache Software Foundation. All Rights Reserved.