Package com.nimbusds.openid.connect.sdk.federation.utils

Class JWTUtils

java.lang.Object
com.nimbusds.openid.connect.sdk.federation.utils.JWTUtils
public class JWTUtils extends Object
Federation JWT utilities.

  • Method Summary

    Modifier and Type
    Method
    Description
    static com.nimbusds.jwt.JWTClaimsSet
    parseSignedJWTClaimsSet(com.nimbusds.jwt.SignedJWT jwt)
    Parses the claims of the specified signed JWT.
    static com.nimbusds.jose.JWSAlgorithm
    resolveSigningAlgorithm(com.nimbusds.jose.jwk.JWK jwk)
    Resolves the signing JWS algorithm for the specified JWK.
    static com.nimbusds.jwt.SignedJWT
    sign(com.nimbusds.jose.jwk.JWK signingJWK, com.nimbusds.jose.JWSAlgorithm alg, com.nimbusds.jose.JOSEObjectType type, com.nimbusds.jwt.JWTClaimsSet claimsSet)
    Signs the specified JWT claims set.
    static com.nimbusds.jose.util.Base64URL
    verifySignature(com.nimbusds.jwt.SignedJWT jwt, com.nimbusds.jose.JOSEObjectType type, com.nimbusds.jwt.proc.JWTClaimsSetVerifier<?> claimsVerifier, com.nimbusds.jose.jwk.JWKSet jwkSet)
    Verifies the signature of the specified JWT.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Method Details

    • resolveSigningAlgorithm

      public static com.nimbusds.jose.JWSAlgorithm resolveSigningAlgorithm(com.nimbusds.jose.jwk.JWK jwk) throws com.nimbusds.jose.JOSEException
      Resolves the signing JWS algorithm for the specified JWK.
      Parameters:
      jwk - The JWK. Must not be null.
      Returns:
      The JWS algorithm.
      Throws:
      com.nimbusds.jose.JOSEException - If the resolution failed.

    • sign

      public static com.nimbusds.jwt.SignedJWT sign(com.nimbusds.jose.jwk.JWK signingJWK, com.nimbusds.jose.JWSAlgorithm alg, com.nimbusds.jose.JOSEObjectType type, com.nimbusds.jwt.JWTClaimsSet claimsSet) throws com.nimbusds.jose.JOSEException
      Signs the specified JWT claims set.
      Parameters:
      signingJWK - The signing JWK. Must not be null.
      alg - The JWS algorithm. Must not be null.
      type - The JOSE object type, null if not specified,
      claimsSet - The JWT claims set.
      Returns:
      The signed JWT.
      Throws:
      com.nimbusds.jose.JOSEException - If signing failed.

    • verifySignature

      public static com.nimbusds.jose.util.Base64URL verifySignature(com.nimbusds.jwt.SignedJWT jwt, com.nimbusds.jose.JOSEObjectType type, com.nimbusds.jwt.proc.JWTClaimsSetVerifier<?> claimsVerifier, com.nimbusds.jose.jwk.JWKSet jwkSet) throws com.nimbusds.jose.proc.BadJOSEException, com.nimbusds.jose.JOSEException
      Verifies the signature of the specified JWT.
      Parameters:
      jwt - The signed JWT. Must not be null.
      type - The expected JOSE object type. Must not be null.
      claimsVerifier - The JWT claims verifier. Must not be null.
      jwkSet - The public JWK set. Must not be null.
      Returns:
      The thumbprint of the JWK used to successfully verify the signature.
      Throws:
      com.nimbusds.jose.proc.BadJOSEException - If the JWT is invalid.
      com.nimbusds.jose.JOSEException - If the signature verification failed.

    • parseSignedJWTClaimsSet

      public static com.nimbusds.jwt.JWTClaimsSet parseSignedJWTClaimsSet(com.nimbusds.jwt.SignedJWT jwt) throws ParseException
      Parses the claims of the specified signed JWT.
      Parameters:
      jwt - The signed JWT. Must not be null.
      Returns:
      The JWT claims set.
      Throws:
      ParseException - If parsing failed.