Package com.nimbusds.openid.connect.sdk.federation.api

Class ResolveStatement

  • @Immutable
public final class ResolveStatement
extends Object
    Resolve statement.

    Related specifications:

    • OpenID Connect Federation 1.0, section 7.2.2.

    • Field Detail

      • JOSE_OBJECT_TYPE

        public static final com.nimbusds.jose.JOSEObjectType JOSE_OBJECT_TYPE
        The resolve statement JOSE object type (resolve-response+jwt).

      • CONTENT_TYPE

        public static final com.nimbusds.common.contenttype.ContentType CONTENT_TYPE
        The resolve response content type (application/resolve-response+jwt).

    • Method Detail

      • getSignedStatement

        public com.nimbusds.jwt.SignedJWT getSignedStatement()
        Returns the signed statement.
        Returns:
        The signed statement as signed JWT.

      • verifySignature

        public com.nimbusds.jose.util.Base64URL verifySignature​(com.nimbusds.jose.jwk.JWKSet jwkSet)
                                                 throws com.nimbusds.jose.proc.BadJOSEException,
                                                        com.nimbusds.jose.JOSEException
        Verifies the signature and checks the statement type, issue and expiration times.
        Parameters:
        jwkSet - The JWK set to use for the signature verification. Must not be null.
        Returns:
        The SHA-256 thumbprint of the key used to successfully verify the signature.
        Throws:
        com.nimbusds.jose.proc.BadJOSEException - If the signature is invalid or the statement is expired or before the issue time.
        com.nimbusds.jose.JOSEException - On an internal JOSE exception.

      • sign

        public static ResolveStatement sign​(ResolveClaimsSet claimsSet,
                                    com.nimbusds.jose.jwk.JWK signingJWK)
                             throws com.nimbusds.jose.JOSEException
        Signs the specified resolve claims set.
        Parameters:
        claimsSet - The claims set. Must not be null.
        signingJWK - The private signing JWK. Must be contained in the entity JWK set and not null.
        Returns:
        The signed resolve statement.
        Throws:
        com.nimbusds.jose.JOSEException - On a internal signing exception.

      • sign

        public static ResolveStatement sign​(ResolveClaimsSet claimsSet,
                                    com.nimbusds.jose.jwk.JWK signingJWK,
                                    com.nimbusds.jose.JWSAlgorithm jwsAlg)
                             throws com.nimbusds.jose.JOSEException
        Signs the specified resolve claims set.
        Parameters:
        claimsSet - The claims set. Must not be null.
        signingJWK - The private signing JWK. Must be contained in the entity JWK set and not null.
        jwsAlg - The signing algorithm. Must be supported by the JWK and not null.
        Returns:
        The signed resolve statement.
        Throws:
        com.nimbusds.jose.JOSEException - On an internal signing exception.

      • parse

        public static ResolveStatement parse​(com.nimbusds.jwt.SignedJWT signedStmt)
                              throws ParseException
        Parses a resolve statement.
        Parameters:
        signedStmt - The signed statement as a signed JWT. Must not be null.
        Returns:
        The resolve statement.
        Throws:
        ParseException - If parsing failed.

      • parse

        public static ResolveStatement parse​(String signedStmtString)
                              throws ParseException
        Parses a resolve statement.
        Parameters:
        signedStmtString - The signed statement as a signed JWT string. Must not be null.
        Returns:
        The resolve statement.
        Throws:
        ParseException - If parsing failed.