Class TrustChainResolver
- java.lang.Object
-
- com.nimbusds.openid.connect.sdk.federation.trust.TrustChainResolver
-
public class TrustChainResolver extends Object
Trust chain resolver.Related specifications:
- OpenID Connect Federation 1.0, section 7.
-
-
Constructor Summary
Constructors Constructor Description TrustChainResolver(EntityID trustAnchor)Creates a new trust chain resolver with a single trust anchor, withno trust chain constraints.TrustChainResolver(EntityID trustAnchor, com.nimbusds.jose.jwk.JWKSet trustAnchorJWKSet)Creates a new trust chain resolver with a single trust anchor, withno trust chain constraints.TrustChainResolver(Map<EntityID,com.nimbusds.jose.jwk.JWKSet> trustAnchors, int httpConnectTimeoutMs, int httpReadTimeoutMs)Creates a new trust chain resolver with multiple trust anchors, withno trust chain constraints.TrustChainResolver(Map<EntityID,com.nimbusds.jose.jwk.JWKSet> trustAnchors, TrustChainConstraints constraints, EntityStatementRetriever statementRetriever)Creates new trust chain resolver.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description TrustChainConstraintsgetConstraints()Returns the configured trust chain constraints.EntityStatementRetrievergetEntityStatementRetriever()Returns the configured entity statement retriever.Map<EntityID,com.nimbusds.jose.jwk.JWKSet>getTrustAnchors()Returns the configured trust anchors.TrustChainSetresolveTrustChains(EntityID target)Resolves the trust chains for the specified target.
-
-
-
Constructor Detail
-
TrustChainResolver
public TrustChainResolver(EntityID trustAnchor)
Creates a new trust chain resolver with a single trust anchor, withno trust chain constraints.- Parameters:
trustAnchor- The trust anchor. Must not benull.
-
TrustChainResolver
public TrustChainResolver(EntityID trustAnchor, com.nimbusds.jose.jwk.JWKSet trustAnchorJWKSet)
Creates a new trust chain resolver with a single trust anchor, withno trust chain constraints.- Parameters:
trustAnchor- The trust anchor. Must not benull.trustAnchorJWKSet- The trust anchor public JWK set,nullif not available.
-
TrustChainResolver
public TrustChainResolver(Map<EntityID,com.nimbusds.jose.jwk.JWKSet> trustAnchors, int httpConnectTimeoutMs, int httpReadTimeoutMs)
Creates a new trust chain resolver with multiple trust anchors, withno trust chain constraints.- Parameters:
trustAnchors- The trust anchors with their public JWK sets (if available). Must contain at least one anchor.httpConnectTimeoutMs- The HTTP connect timeout in milliseconds, zero means timeout determined by the underlying HTTP client.httpReadTimeoutMs- The HTTP read timeout in milliseconds, zero means timout determined by the underlying HTTP client.
-
TrustChainResolver
public TrustChainResolver(Map<EntityID,com.nimbusds.jose.jwk.JWKSet> trustAnchors, TrustChainConstraints constraints, EntityStatementRetriever statementRetriever)
Creates new trust chain resolver.- Parameters:
trustAnchors- The trust anchors with their public JWK sets. Must contain at least one anchor.statementRetriever- The entity statement retriever to use. Must not benull.
-
-
Method Detail
-
getTrustAnchors
public Map<EntityID,com.nimbusds.jose.jwk.JWKSet> getTrustAnchors()
Returns the configured trust anchors.- Returns:
- The trust anchors with their public JWK sets (if available). Contains at least one anchor.
-
getEntityStatementRetriever
public EntityStatementRetriever getEntityStatementRetriever()
Returns the configured entity statement retriever.- Returns:
- The entity statement retriever.
-
getConstraints
public TrustChainConstraints getConstraints()
Returns the configured trust chain constraints.- Returns:
- The constraints.
-
resolveTrustChains
public TrustChainSet resolveTrustChains(EntityID target) throws ResolveException
Resolves the trust chains for the specified target.- Parameters:
target- The target. Must not benull.- Returns:
- The resolved trust chains, containing at least one valid and verified chain.
- Throws:
ResolveException- If no trust chain could be resolved.
-
-