Package com.nimbusds.openid.connect.sdk.federation.api

Class ResolveStatement

java.lang.Object
com.nimbusds.openid.connect.sdk.federation.api.ResolveStatement
@Immutable public final class ResolveStatement extends Object
Resolve statement.

Related specifications:

  • OpenID Connect Federation 1.0, section 7.2.2.

  • Field Details

    • JOSE_OBJECT_TYPE

      public static final com.nimbusds.jose.JOSEObjectType JOSE_OBJECT_TYPE
      The resolve statement JOSE object type (resolve-response+jwt).

    • CONTENT_TYPE

      public static final com.nimbusds.common.contenttype.ContentType CONTENT_TYPE
      The resolve response content type (application/resolve-response+jwt).

  • Method Details

    • getSignedStatement

      public com.nimbusds.jwt.SignedJWT getSignedStatement()
      Returns the signed statement.
      Returns:
      The signed statement as signed JWT.

    • getClaimsSet

      public ResolveClaimsSet getClaimsSet()
      Returns the statement claims.
      Returns:
      The statement claims.

    • verifySignature

      public com.nimbusds.jose.util.Base64URL verifySignature(com.nimbusds.jose.jwk.JWKSet jwkSet) throws com.nimbusds.jose.proc.BadJOSEException, com.nimbusds.jose.JOSEException
      Verifies the signature and checks the statement type, issue and expiration times.
      Parameters:
      jwkSet - The JWK set to use for the signature verification. Must not be null.
      Returns:
      The SHA-256 thumbprint of the key used to successfully verify the signature.
      Throws:
      com.nimbusds.jose.proc.BadJOSEException - If the signature is invalid or the statement is expired or before the issue time.
      com.nimbusds.jose.JOSEException - On an internal JOSE exception.

    • sign

      public static ResolveStatement sign(ResolveClaimsSet claimsSet, com.nimbusds.jose.jwk.JWK signingJWK) throws com.nimbusds.jose.JOSEException
      Signs the specified resolve claims set.
      Parameters:
      claimsSet - The claims set. Must not be null.
      signingJWK - The private signing JWK. Must be contained in the entity JWK set and not null.
      Returns:
      The signed resolve statement.
      Throws:
      com.nimbusds.jose.JOSEException - On a internal signing exception.

    • sign

      public static ResolveStatement sign(ResolveClaimsSet claimsSet, com.nimbusds.jose.jwk.JWK signingJWK, com.nimbusds.jose.JWSAlgorithm jwsAlg) throws com.nimbusds.jose.JOSEException
      Signs the specified resolve claims set.
      Parameters:
      claimsSet - The claims set. Must not be null.
      signingJWK - The private signing JWK. Must be contained in the entity JWK set and not null.
      jwsAlg - The signing algorithm. Must be supported by the JWK and not null.
      Returns:
      The signed resolve statement.
      Throws:
      com.nimbusds.jose.JOSEException - On an internal signing exception.

    • parse

      public static ResolveStatement parse(com.nimbusds.jwt.SignedJWT signedStmt) throws ParseException
      Parses a resolve statement.
      Parameters:
      signedStmt - The signed statement as a signed JWT. Must not be null.
      Returns:
      The resolve statement.
      Throws:
      ParseException - If parsing failed.

    • parse

      public static ResolveStatement parse(String signedStmtString) throws ParseException
      Parses a resolve statement.
      Parameters:
      signedStmtString - The signed statement as a signed JWT string. Must not be null.
      Returns:
      The resolve statement.
      Throws:
      ParseException - If parsing failed.