001package com.nimbusds.jose.mint; 002 003 004import com.nimbusds.jose.JOSEException; 005import com.nimbusds.jose.JWSHeader; 006import com.nimbusds.jose.JWSObject; 007import com.nimbusds.jose.Payload; 008import com.nimbusds.jose.proc.SecurityContext; 009import com.nimbusds.jwt.JWTClaimsSet; 010 011/** 012 * Interface for minting {@link JWSObject JSON Web Signature (JWS) objects} and 013 * {@link com.nimbusds.jwt.SignedJWT signed JSON Web Tokens} (JWTs). 014 * 015 * An optional context parameter is available to facilitate passing of 016 * additional data between the caller and the underlying JWS minter (in 017 * both directions). 018 * 019 * @author Josh Cummings 020 * @version 2021-01-14 021 */ 022public interface JWSMinter<C extends SecurityContext> { 023 024 025 /** 026 * Creates a new JSON Web Signature (JWS) object using the provided 027 * {@link JWSHeader} and {@link Payload}. To create a signed JSON Web 028 * Token (JWT) use the {@link JWTClaimsSet#toPayload()} method to 029 * obtain a {@link Payload} representation of the JWT claims. 030 * 031 * Derives the signing key from the {@link JWSHeader} as well as any 032 * application-specific {@link SecurityContext context}. 033 * 034 * Once the key is discovered, adds any headers related to the 035 * discovered signing key, including {@code kid}, {@code x5u}, 036 * {@code x5c}, and {@code x5t#256}. 037 * 038 * All other headers and claims remain as-is. This method expects the 039 * caller to add the {@code typ}, {@code alg}, and any other needed 040 * headers. 041 * 042 * @param header The {@link JWSHeader} to use, less any 043 * key-identifying headers, which this method will 044 * derive. 045 * @param payload The {@link Payload}. 046 * @param context A {@link SecurityContext}, {@code null} if not 047 * specified. 048 * 049 * @return The signed JWS object. 050 * 051 * @throws JOSEException If the instance is improperly configured, if 052 * no appropriate JWK could be found, or if signing failed. 053 */ 054 JWSObject mint(final JWSHeader header, final Payload payload, final C context) 055 throws JOSEException; 056}