001/* 002 * nimbus-jose-jwt 003 * 004 * Copyright 2012-2016, Connect2id Ltd. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.jwt.proc; 019 020 021import com.nimbusds.jose.crypto.factories.DefaultJWEDecrypterFactory; 022import com.nimbusds.jose.crypto.factories.DefaultJWSVerifierFactory; 023import com.nimbusds.jose.proc.JOSEProcessorConfiguration; 024import com.nimbusds.jose.proc.SecurityContext; 025 026 027/** 028 * JWT processor configuration. 029 * 030 * <p>Specifies the required components to process JWTs: 031 * 032 * <ul> 033 * <li>To verify signed JWTs: 034 * <ul> 035 * <li>Key selector to determine key candidate(s) for JWS 036 * verification based on the JWS header and application- 037 * specific context information. 038 * <li>Factory to construct a JWS verifier for a given key 039 * candidate and JWS header information. A 040 * {@link DefaultJWSVerifierFactory default factory} 041 * implementation is provided. 042 * </ul> 043 * <li>To decrypt encrypted JWTs: 044 * <ul> 045 * <li>Key selector to determine key candidate(s) for JWE 046 * decryption based on the JWS header and application-specific 047 * context information. 048 * <li>Factory to construct a JWE decrypter for a given key 049 * candidate and JWE header information. A 050 * {@link DefaultJWEDecrypterFactory default factory} 051 * implementation is provided. 052 * </ul> 053 * <li>Optional JWT claims set verifier. Ensures that the claims set of a 054 * JWT complies with an application's requirements. 055 * </ul> 056 * 057 * @author Vladimir Dzhuvinov 058 * @version 2016-07-25 059 */ 060public interface JWTProcessorConfiguration<C extends SecurityContext> extends JOSEProcessorConfiguration<C> { 061 062 063 /** 064 * Gets the optional JWT claims set verifier. Ensures that the claims 065 * set of a JWT complies with an application's requirements. 066 * 067 * @return The JWT claims set verifier, {@code null} if not specified. 068 */ 069 JWTClaimsSetVerifier<C> getJWTClaimsSetVerifier(); 070 071 072 /** 073 * Sets the optional JWT claims set verifier. Ensures that the claims 074 * set of a JWT complies with an application's requirements. 075 * 076 * @param claimsVerifier The JWT claims set verifier, {@code null} if 077 * not specified. 078 */ 079 void setJWTClaimsSetVerifier(final JWTClaimsSetVerifier<C> claimsVerifier); 080 081 082 /** 083 * Use {@link #getJWTClaimsVerifier()} instead. 084 * 085 * @return The JWT claims set verifier, {@code null} if not specified. 086 */ 087 @Deprecated 088 JWTClaimsVerifier getJWTClaimsVerifier(); 089 090 091 /** 092 * Use {@link #setJWTClaimsSetVerifier} instead. 093 * 094 * @param claimsVerifier The JWT claims set verifier, {@code null} if 095 * not specified. 096 */ 097 @Deprecated 098 void setJWTClaimsVerifier(final JWTClaimsVerifier claimsVerifier); 099}