Source code

001package com.nimbusds.jose.mint;
002
003
004import com.nimbusds.jose.JOSEException;
005import com.nimbusds.jose.JWSHeader;
006import com.nimbusds.jose.JWSObject;
007import com.nimbusds.jose.Payload;
008import com.nimbusds.jose.proc.SecurityContext;
009import com.nimbusds.jwt.JWTClaimsSet;
010
011/**
012 * Interface for minting {@link JWSObject JSON Web Signature (JWS) objects} and
013 * {@link com.nimbusds.jwt.SignedJWT signed JSON Web Tokens} (JWTs).
014 *
015 * An optional context parameter is available to facilitate passing of
016 * additional data between the caller and the underlying JWS minter (in
017 * both directions).
018 *
019 * @author Josh Cummings
020 * @version 2021-01-14
021 */
022public interface JWSMinter<C extends SecurityContext> {
023        
024        
025        /**
026         * Creates a new JSON Web Signature (JWS) object using the provided
027         * {@link JWSHeader} and {@link Payload}. To create a signed JSON Web
028         * Token (JWT) use the {@link JWTClaimsSet#toPayload()} method to
029         * obtain a {@link Payload} representation of the JWT claims.
030         *
031         * Derives the signing key from the {@link JWSHeader} as well as any
032         * application-specific {@link SecurityContext context}.
033         *
034         * Once the key is discovered, adds any headers related to the
035         * discovered signing key, including {@code kid}, {@code x5u},
036         * {@code x5c}, and {@code x5t#256}.
037         *
038         * All other headers and claims remain as-is. This method expects the
039         * caller to add the {@code typ}, {@code alg}, and any other needed
040         * headers.
041         *
042         * @param header  The {@link JWSHeader} to use, less any
043         *                key-identifying headers, which this method will
044         *                derive.
045         * @param payload The {@link Payload}.
046         * @param context A {@link SecurityContext}, {@code null} if not
047         *                specified.
048         *
049         * @return The signed JWS object.
050         *
051         * @throws JOSEException If the instance is improperly configured, if
052         * no appropriate JWK could be found, or if signing failed.
053         */
054        JWSObject mint(final JWSHeader header, final Payload payload, final C context)
055                throws JOSEException;
056}