Package org.apache.solr.security.jwt
Class JWTVerificationkeyResolver
- java.lang.Object
-
- org.apache.solr.security.jwt.JWTVerificationkeyResolver
-
- All Implemented Interfaces:
org.jose4j.keys.resolvers.VerificationKeyResolver
public class JWTVerificationkeyResolver extends Object implements org.jose4j.keys.resolvers.VerificationKeyResolver
Resolves jws signature verification keys from a set ofJWTIssuerConfigobjects, which may represent any valid configuration in Solr's security.json, i.e. static list of JWKs or keys retrieved from HTTPs JWK endpoints.This implementation maintains a map of issuers, each with its own list of
JsonWebKey, and resolves correct key from correct issuer similar to HttpsJwksVerificationKeyResolver. If issuer claim is not required, we will select the first IssuerConfig if there is exactly one such config.If a key is not found, and issuer is backed by HTTPsJWKs, we attempt one cache refresh before failing.
-
-
Constructor Summary
Constructors Constructor Description JWTVerificationkeyResolver(Collection<JWTIssuerConfig> issuerConfigs, boolean requireIssuer)Resolves key from a JWKs from one or more IssuerConfigs
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description KeyresolveKey(org.jose4j.jws.JsonWebSignature jws, List<org.jose4j.jwx.JsonWebStructure> nestingContext)
-
-
-
Constructor Detail
-
JWTVerificationkeyResolver
public JWTVerificationkeyResolver(Collection<JWTIssuerConfig> issuerConfigs, boolean requireIssuer)
Resolves key from a JWKs from one or more IssuerConfigs- Parameters:
issuerConfigs- Collection of configuration objects for the issuer(s)requireIssuer- if true, will require 'iss' claim on jws
-
-
Method Detail
-
resolveKey
public Key resolveKey(org.jose4j.jws.JsonWebSignature jws, List<org.jose4j.jwx.JsonWebStructure> nestingContext) throws org.jose4j.lang.UnresolvableKeyException
- Specified by:
resolveKeyin interfaceorg.jose4j.keys.resolvers.VerificationKeyResolver- Throws:
org.jose4j.lang.UnresolvableKeyException
-
-