public interface JWSKeySelector<C extends SecurityContext>
verification
and further
processing.
The interface supports keys selection based on:
kid
,
x5t
).
SecurityContext
, if required and set by the
application (e.g. endpoint where the JWS object was received).
See JSON Web Signature (JWS), Appendix D. Notes on Key Selection for suggestions.
For a key selector for signed JWTs that also uses the claims set (e.g.
issuer (iss
) claim) see
JWTClaimsSetAwareJWSKeySelector
.
Possible key types:
SecretKey
for HMAC keys.
RSAPublicKey
public RSA keys.
ECPublicKey
public EC keys.
Modifier and Type | Method and Description |
---|---|
List<? extends Key> |
selectJWSKeys(JWSHeader header,
C context)
Selects key candidates for verifying a JWS object.
|
List<? extends Key> selectJWSKeys(JWSHeader header, C context) throws KeySourceException
header
- The header of the JWS object. Must not be
null
.context
- Optional context of the JWS object, null
if
not required.KeySourceException
- If a key sourcing exception is
encountered, e.g. on remote JWK
retrieval.Copyright © 2020 Connect2id Ltd.. All rights reserved.