Module io.inverno.mod.security.jose

Package io.inverno.mod.security.jose.jwk

Interface JWKKeyResolver

public interface JWKKeyResolver

A JWK key resolver is used within a JWKBuilder to resolve keys (symmetric, private or public keys) from key ids, X.509 SHA1 or X.509 SHA256 thumbprints typically specified in JOSE headers.

A typical implementation would rely on a Java KeyStore to securely resolve keys.

Since:

1.5

Author:

Jeremy Kuhn

Method Summary

Modifier and Type	Method	Description
Mono<X509Certificate>	resolveCertificateFromKeyId(String kid)	Resolves a certificate (public key) from a key id.
Mono<X509Certificate>	resolveCertificateFromX509CertificateSHA1Thumbprint(String x5t)	Resolves a certificate (public key) from an X.509 SHA1 thumbprint.
Mono<X509Certificate>	resolveCertificateFromX509CertificateSHA256Thumbprint(String x5t_S256)	Resolves a certificate (public key) from an X.509 SHA256 thumbprint.
Mono<? extends Key>	resolveKeyFromKeyId(String kid)	Resolves a key (symmetric or private) from a key id.
Mono<? extends Key>	resolveKeyFromX509CertificateSHA1Thumbprint(String x5t)	Resolves a key (symmetric or private) from an X.509 SHA1 thumbprint.
Mono<? extends Key>	resolveKeyFromX509CertificateSHA256Thumbprint(String x5t_S256)	Resolves a key (symmetric or private) from an X.509 SHA256 thumbprint.

Method Details

resolveKeyFromKeyId

Mono<? extends Key> resolveKeyFromKeyId(String kid)
                                 throws JWKResolveException

Resolves a key (symmetric or private) from a key id.

Parameters:

kid - a key id

Returns:

a single key publisher or an empty publisher

Throws:

JWKResolveException - if there was an error resolving the key

resolveKeyFromX509CertificateSHA1Thumbprint

Mono<? extends Key> resolveKeyFromX509CertificateSHA1Thumbprint(String x5t)
                                                         throws JWKResolveException

Resolves a key (symmetric or private) from an X.509 SHA1 thumbprint.

Parameters:

x5t - an X.509 SHA1 thumbprint

Returns:

a single key publisher or an empty publisher

Throws:

JWKResolveException - if there was an error resolving the key

resolveKeyFromX509CertificateSHA256Thumbprint

Mono<? extends Key> resolveKeyFromX509CertificateSHA256Thumbprint(String x5t_S256)
                                                           throws JWKResolveException

Resolves a key (symmetric or private) from an X.509 SHA256 thumbprint.

Parameters:

x5t_S256 - an X.509 SHA256 thumbprint

Returns:

a single key publisher or an empty publisher

Throws:

JWKResolveException - if there was an error resolving the key

resolveCertificateFromKeyId

Mono<X509Certificate> resolveCertificateFromKeyId(String kid)
                                           throws JWKResolveException

Resolves a certificate (public key) from a key id.

Parameters:

kid - a key id

Returns:

a single X.509 certificate publisher or an empty publisher

Throws:

JWKResolveException - if there was an error resolving the certificate

resolveCertificateFromX509CertificateSHA1Thumbprint

Mono<X509Certificate> resolveCertificateFromX509CertificateSHA1Thumbprint(String x5t)
                                                                   throws JWKResolveException

Resolves a certificate (public key) from an X.509 SHA1 thumbprint.

Parameters:

x5t - an X.509 SHA1 thumbprint

Returns:

a single X.509 certificate publisher or an empty publisher

Throws:

JWKResolveException - if there was an error resolving the certificate

resolveCertificateFromX509CertificateSHA256Thumbprint

Mono<X509Certificate> resolveCertificateFromX509CertificateSHA256Thumbprint(String x5t_S256)
                                                                     throws JWKResolveException

Resolves a certificate (public key) from an X.509 SHA256 thumbprint.

Parameters:

x5t_S256 - an X.509 SHA256 thumbprint

Returns:

a single X.509 certificate publisher or an empty publisher

Throws:

JWKResolveException - if there was an error resolving the certificate