Package com.auth0.utils.tokens

Interface PublicKeyProvider

public interface PublicKeyProvider

The interface to obtain a public key. This is used to configure signature verification for tokens signed with the RS256 asymmetric signing algorithm. Developers should provide an implementation of this interface when verifying a RS256 ID token.

The following example demonstrates using the JwkProviderBuilder from the jwks-rsa-java library to fetch the public key.

 JwkProvider provider = new JwkProviderBuilder("https://your-domain.auth0.com").build();
 SignatureVerifier sigVerifier = SignatureVerifier.forRS256(new PublicKeyProvider() {
     @Override
     public RSAPublicKey getPublicKeyById(String keyId) throws PublicKeyProviderException {
         try {
             return (RSAPublicKey) provider.get(keyId).getPublicKey();
         } catch (JwkException jwke) {
             throw new PublicKeyProviderException("Error obtaining public key", jwke);
         }
     }
 }
 

Method Summary

Modifier and Type	Method	Description
RSAPublicKey	getPublicKeyById(String keyId)	Get a RSAPublicKey given the key ID.

Method Details

getPublicKeyById

RSAPublicKey getPublicKeyById(String keyId)
                       throws PublicKeyProviderException

Get a RSAPublicKey given the key ID.

Parameters:

keyId - the key ID for which to retrieve the key.

Returns:

the RSAPublicKey for the given key ID.

Throws:

PublicKeyProviderException - if the public key cannot be retrieved.