JWK (Nimbus JOSE + JWT v4.23)

java.lang.Object
- com.nimbusds.jose.jwk.JWK

All Implemented Interfaces:

Serializable, net.minidev.json.JSONAware

Direct Known Subclasses:

ECKey, OctetSequenceKey, RSAKey
```
public abstract class JWK
extends Object
implements net.minidev.json.JSONAware, Serializable
```
The base abstract class for JSON Web Keys (JWKs). It serialises to a JSON object.
The following JSON object members are common to all JWK types:
- kty (required)
- use (optional)
- key_ops (optional)
- kid (optional)
Example JWK (of the Elliptic Curve type):
```
 {
   "kty" : "EC",
   "crv" : "P-256",
   "x"   : "MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4",
   "y"   : "4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM",
   "use" : "enc",
   "kid" : "1"
 }
 
```
Version:

2016-07-03

Author:

Vladimir Dzhuvinov, Justin Richer

See Also:

Serialized Form

Field Summary

Fields
Modifier and Type Field and Description

static String MIME_TYPE
The MIME type of JWK objects: application/jwk+json; charset=UTF-8

Fields
Modifier and Type	Field and Description
`static String`	`MIME_TYPE` The MIME type of JWK objects: `application/jwk+json; charset=UTF-8`

Constructor Summary

Constructors
Constructor and Description
`JWK(KeyType kty, KeyUse use, Set<KeyOperation> ops, Algorithm alg, String kid, URI x5u, Base64URL x5t, List<Base64> x5c)` Creates a new JSON Web Key (JWK).

Method Summary

All Methods Static Methods Instance Methods Abstract Methods Concrete Methods
Modifier and Type	Method and Description
`Base64URL`	`computeThumbprint()` Computes the SHA-256 thumbprint of this JWK.
`Base64URL`	`computeThumbprint(String hashAlg)` Computes the thumbprint of this JWK using the specified hash algorithm.
`Algorithm`	`getAlgorithm()` Gets the intended JOSE algorithm (`alg`) for this JWK.
`String`	`getKeyID()` Gets the ID (`kid`) of this JWK.
`Set<KeyOperation>`	`getKeyOperations()` Gets the operations (`key_ops`) for this JWK.
`KeyType`	`getKeyType()` Gets the type (`kty`) of this JWK.
`KeyUse`	`getKeyUse()` Gets the use (`use`) of this JWK.
`abstract LinkedHashMap<String,?>`	`getRequiredParams()` Returns the required JWK parameters.
`List<Base64>`	`getX509CertChain()` Gets the X.509 certificate chain (`x5c`) of this JWK.
`Base64URL`	`getX509CertThumbprint()` Gets the X.509 certificate thumbprint (`x5t`) of this JWK.
`URI`	`getX509CertURL()` Gets the X.509 certificate URL (`x5u`) of this JWK.
`abstract boolean`	`isPrivate()` Returns `true` if this JWK contains private or sensitive (non-public) parameters.
`static JWK`	`parse(net.minidev.json.JSONObject jsonObject)` Parses a JWK from the specified JSON object representation.
`static JWK`	`parse(String s)` Parses a JWK from the specified JSON object string representation.
`abstract int`	`size()` Returns the size of this JWK.
`net.minidev.json.JSONObject`	`toJSONObject()` Returns a JSON object representation of this JWK.
`String`	`toJSONString()` Returns the JSON object string representation of this JWK.
`abstract JWK`	`toPublicJWK()` Creates a copy of this JWK with all private or sensitive parameters removed.
`String`	`toString()`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

- Field Detail
  - MIME_TYPE
```
public static final String MIME_TYPE
```
    The MIME type of JWK objects: application/jwk+json; charset=UTF-8
    
    See Also:
    
    Constant Field Values
- Constructor Detail
  - JWK
```
public JWK(KeyType kty,
           KeyUse use,
           Set<KeyOperation> ops,
           Algorithm alg,
           String kid,
           URI x5u,
           Base64URL x5t,
           List<Base64> x5c)
```
    Creates a new JSON Web Key (JWK).
    
    Parameters:
    
    kty - The key type. Must not be null.
    
    use - The key use, null if not specified or if the key is intended for signing as well as encryption.
    
    ops - The key operations, null if not specified.
    
    alg - The intended JOSE algorithm for the key, null if not specified.
    
    kid - The key ID, null if not specified.
    
    x5u - The X.509 certificate URL, null if not specified.
    
    x5t - The X.509 certificate thumbprint, null if not specified.
    
    x5c - The X.509 certificate chain, null if not specified.
- Method Detail
  - getKeyType
```
public KeyType getKeyType()
```
    Gets the type (kty) of this JWK.
    
    Returns:
    
    The key type.
  - getKeyUse
```
public KeyUse getKeyUse()
```
    Gets the use (use) of this JWK.
    
    Returns:
    
    The key use, null if not specified or if the key is intended for signing as well as encryption.
  - getKeyOperations
```
public Set<KeyOperation> getKeyOperations()
```
    Gets the operations (key_ops) for this JWK.
    
    Returns:
    
    The key operations, null if not specified.
  - getAlgorithm
```
public Algorithm getAlgorithm()
```
    Gets the intended JOSE algorithm (alg) for this JWK.
    
    Returns:
    
    The intended JOSE algorithm, null if not specified.
  - getKeyID
```
public String getKeyID()
```
    Gets the ID (kid) of this JWK. The key ID can be used to match a specific key. This can be used, for instance, to choose a key within a JWKSet during key rollover. The key ID may also correspond to a JWS/JWE kid header parameter value.
    
    Returns:
    
    The key ID, null if not specified.
  - getX509CertURL
```
public URI getX509CertURL()
```
    Gets the X.509 certificate URL (x5u) of this JWK.
    
    Returns:
    
    The X.509 certificate URL, null if not specified.
  - getX509CertThumbprint
```
public Base64URL getX509CertThumbprint()
```
    Gets the X.509 certificate thumbprint (x5t) of this JWK.
    
    Returns:
    
    The X.509 certificate thumbprint, null if not specified.
  - getX509CertChain
```
public List<Base64> getX509CertChain()
```
    Gets the X.509 certificate chain (x5c) of this JWK.
    
    Returns:
    
    The X.509 certificate chain as a unmodifiable list, null if not specified.
  - getRequiredParams
```
public abstract LinkedHashMap<String,?> getRequiredParams()
```
    Returns the required JWK parameters. Intended as input for JWK thumbprint computation. See RFC 7638 for more information.
    
    Returns:
    
    The required JWK parameters, sorted alphanumerically by key name and ready for JSON serialisation.
  - computeThumbprint
```
public Base64URL computeThumbprint()
                            throws JOSEException
```
    Computes the SHA-256 thumbprint of this JWK. See RFC 7638 for more information.
    
    Returns:
    
    The SHA-256 thumbprint.
    
    Throws:
    
    JOSEException - If the SHA-256 hash algorithm is not supported.
  - computeThumbprint
```
public Base64URL computeThumbprint(String hashAlg)
                            throws JOSEException
```
    Computes the thumbprint of this JWK using the specified hash algorithm. See RFC 7638 for more information.
    
    Parameters:
    
    hashAlg - The hash algorithm. Must not be null.
    
    Returns:
    
    The SHA-256 thumbprint.
    
    Throws:
    
    JOSEException - If the hash algorithm is not supported.
  - isPrivate
```
public abstract boolean isPrivate()
```
    Returns true if this JWK contains private or sensitive (non-public) parameters.
    
    Returns:
    
    true if this JWK contains private parameters, else false.
  - toPublicJWK
```
public abstract JWK toPublicJWK()
```
    Creates a copy of this JWK with all private or sensitive parameters removed.
    
    Returns:
    
    The newly created public JWK, or null if none can be created.
  - size
```
public abstract int size()
```
    Returns the size of this JWK.
    
    Returns:
    
    The JWK size, in bits.
  - toJSONObject
```
public net.minidev.json.JSONObject toJSONObject()
```
    Returns a JSON object representation of this JWK. This method is intended to be called from extending classes.
    Example:
```
 {
   "kty" : "RSA",
   "use" : "sig",
   "kid" : "fd28e025-8d24-48bc-a51a-e2ffc8bc274b"
 }
 
```
    Returns:
    
    The JSON object representation.
  - toJSONString
```
public String toJSONString()
```
    Returns the JSON object string representation of this JWK.
    
    Specified by:
    
    toJSONString in interface net.minidev.json.JSONAware
    
    Returns:
    
    The JSON object string representation.
  - toString
```
public String toString()
```
    Overrides:
    
    toString in class Object
    
    See Also:
    
    toJSONString()
  - parse
```
public static JWK parse(String s)
                 throws ParseException
```
    Parses a JWK from the specified JSON object string representation. The JWK must be an ECKey, an RSAKey, or a OctetSequenceKey.
    
    Parameters:
    
    s - The JSON object string to parse. Must not be null.
    
    Returns:
    
    The JWK.
    
    Throws:
    
    ParseException - If the string couldn't be parsed to a supported JWK.
  - parse
```
public static JWK parse(net.minidev.json.JSONObject jsonObject)
                 throws ParseException
```
    Parses a JWK from the specified JSON object representation. The JWK must be an ECKey, an RSAKey, or a OctetSequenceKey.
    
    Parameters:
    
    jsonObject - The JSON object to parse. Must not be null.
    
    Returns:
    
    The JWK.
    
    Throws:
    
    ParseException - If the JSON object couldn't be parsed to a supported JWK.

Class JWK

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

MIME_TYPE

Constructor Detail

JWK

Method Detail

getKeyType

getKeyUse

getKeyOperations

getAlgorithm

getKeyID

getX509CertURL

getX509CertThumbprint

getX509CertChain

getRequiredParams

computeThumbprint

computeThumbprint

isPrivate

toPublicJWK

size

toJSONObject

toJSONString

toString

parse

parse