Source code

001package com.nimbusds.jwt.proc;
002
003
004import java.text.ParseException;
005
006import com.nimbusds.jose.JOSEException;
007import com.nimbusds.jose.proc.BadJOSEException;
008import com.nimbusds.jose.proc.SecurityContext;
009import com.nimbusds.jwt.*;
010
011
012/**
013 * Interface for parsing and processing {@link com.nimbusds.jwt.PlainJWT
014 * unsecured} (plain), {@link com.nimbusds.jwt.SignedJWT signed} and
015 * {@link com.nimbusds.jwt.EncryptedJWT encrypted} JSON Web Tokens (JWTs).
016 *
017 * @author Vladimir Dzhuvinov
018 * @version 2015-08-20
019 */
020public interface JWTProcessor<C extends SecurityContext> {
021
022
023        /**
024         * Parses and processes the specified JWT (unsecured, signed or
025         * encrypted).
026         *
027         * @param jwtString The JWT, compact-encoded to a URL-safe string. Must
028         *                  not be {@code null}.
029         * @param context   Optional context of the JOSE object, {@code null}
030         *                  if not required.
031         *
032         * @return The JWT claims set on success.
033         *
034         * @throws ParseException   If the string couldn't be parsed to a valid
035         *                          JWT.
036         * @throws BadJOSEException If the JWT is rejected.
037         * @throws JOSEException    If an internal processing exception is
038         *                          encountered.
039         */
040        JWTClaimsSet process(final String jwtString, final C context)
041                throws ParseException, BadJOSEException, JOSEException;
042
043
044        /**
045         * Processes the specified JWT (unsecured, signed or encrypted).
046         *
047         * @param jwt     The JWT. Must not be {@code null}.
048         * @param context Optional context of the JOSE object, {@code null} if
049         *                not required.
050         *
051         * @return The JWT claims set on success.
052         *
053         * @throws BadJOSEException If the JWT is rejected.
054         * @throws JOSEException    If an internal processing exception is
055         *                          encountered.
056         */
057        JWTClaimsSet process(final JWT jwt, final C context)
058                throws BadJOSEException, JOSEException;
059
060
061        /**
062         * Processes the specified unsecured (plain) JWT, typically by checking
063         * its context.
064         *
065         * @param plainJWT The unsecured (plain) JWT. Not {@code null}.
066         * @param context  Optional context of the unsecured JWT, {@code null}
067         *                 if not required.
068         *
069         * @return The JWT claims set on success.
070         *
071         * @throws BadJOSEException If the unsecured (plain) JWT is rejected,
072         *                          after examining the context or due to the
073         *                          payload not being a JSON object.
074         * @throws JOSEException    If an internal processing exception is
075         *                          encountered.
076         */
077        JWTClaimsSet process(final PlainJWT plainJWT, final C context)
078                throws BadJOSEException, JOSEException;
079
080
081        /**
082         * Processes the specified signed JWT by verifying its signature. The
083         * key candidate(s) are selected by examining the JWS header and / or
084         * the message context.
085         *
086         * @param signedJWT The signed JWT. Not {@code null}.
087         * @param context   Optional context of the signed JWT, {@code null} if
088         *                  not required.
089         *
090         * @return The JWT claims set on success.
091         *
092         * @throws BadJOSEException If the signed JWT is rejected, typically
093         *                          due to a bad signature or the payload not
094         *                          being a JSON object.
095         * @throws JOSEException    If an internal processing exception is
096         *                          encountered.
097         */
098        JWTClaimsSet process(final SignedJWT signedJWT, final C context)
099                throws BadJOSEException, JOSEException;
100
101
102        /**
103         * Processes the specified encrypted JWT by decrypting it. The key
104         * candidate(s) are selected by examining the JWS header and / or the
105         * message context.
106         *
107         * @param encryptedJWT The encrypted JWT. Not {@code null}.
108         * @param context      Optional context of the encrypted JWT,
109         *                     {@code null} if not required.
110         *
111         * @return The JWT claims set on success.
112         *
113         * @throws BadJOSEException If the encrypted JWT is rejected, typically
114         *                          due to failed decryption or the payload not
115         *                          being a JSON object.
116         * @throws JOSEException    If an internal processing exception is
117         *                          encountered.
118         */
119        JWTClaimsSet process(final EncryptedJWT encryptedJWT, final C context)
120                throws BadJOSEException, JOSEException;
121}