Module io.inverno.mod.security.jose

Package io.inverno.mod.security.jose.jwe

Interface JsonJWEBuilder<A,B extends JWEHeaderConfigurator<B>,C extends JsonJWEBuilder<A,B,C>>

Type Parameters:

A - the payload type

B - the JWE JOSE header configurator type

C - the JSON JWE builder type

All Superinterfaces:

JsonJOSEObjectBuilder<A,JsonJWE<A,JsonJWE.BuiltRecipient<A>>,B,C>

public interface JsonJWEBuilder<A,B extends JWEHeaderConfigurator<B>,C extends JsonJWEBuilder<A,B,C>>
extends JsonJOSEObjectBuilder<A,JsonJWE<A,JsonJWE.BuiltRecipient<A>>,B,C>

A JSON JWE builder is used to build JSON Web Encryption objects that can be serialized to the JSON representation as defined by RFC7516 Section 7.2.

Since:

1.5

Author:

Jeremy Kuhn

Method Summary

Modifier and Type	Method	Description
C	additionalAuthenticationData(String aad)	Specifies the additional authentication data to use when encrypting the payload.
default C	recipient(Consumer<B> headerConfigurer)	Specifies a recipient to add to the resulting JSON JWE object.
C	recipient(Consumer<B> headerConfigurer, Publisher<? extends JWK> keys)	Specifies a recipient to add to the resulting JSON JWE object using the specified keys.
C	secureRandom(SecureRandom secureRandom)	Specifies the secure random to use when encrypting the payload.

Methods inherited from interface io.inverno.mod.security.jose.JsonJOSEObjectBuilder

build, build, build, headers, payload

Method Details

additionalAuthenticationData

C additionalAuthenticationData(String aad)

Specifies the additional authentication data to use when encrypting the payload.

Parameters:

aad - additional authentication data

Returns:

this builder

secureRandom

C secureRandom(SecureRandom secureRandom)

Specifies the secure random to use when encrypting the payload.

Parameters:

secureRandom - a secure random

Returns:

this builder

recipient

default C recipient(Consumer<B> headerConfigurer)

Specifies a recipient to add to the resulting JSON JWE object.

The builder will try to resolve the JWK to use to encrypt the content encryption key based on the JWE JOSE header resulting from the merge of the protected, unprotected and recipient specific headers. It will fail if it wasn't able to find a suitable key.

Parameters:

headerConfigurer - the recipient specific JWE JOSE header configurer

Returns:

this builder

recipient

C recipient(Consumer<B> headerConfigurer,
 Publisher<? extends JWK> keys)

Specifies a recipient to add to the resulting JSON JWE object using the specified keys.

The builder will use the specified keys to encrypt the content encryption key, the first succeeding key will be retained and remaining keys will be ignored. It will fail if no suitable key have been specified or if they are not consistent with the JWE JOSE header resulting from the merge of the protected, unprotected and recipient specific headers.

Parameters:

headerConfigurer - the recipient specific JWE JOSE header

keys - the keys to consider to encrypt the recipient content encryption key

Returns:

this builder