Detailed Description
Built-in convenience implementation of JwtSignatureVerifierKeyProvider with support for loading JWKS from a URL and optional persistent storage.
Public Member Functions | |
| DefaultJwtSignatureVerifierKeyProvider (final JwksPersistentStore persistentStore) | |
| Constructor with persistent store support. | |
| void | initFromUrl (final String url) |
| Loads JSON Web Key Set from the given URL. | |
| PublicKey | provideDefault () |
| Provides the default signature verification key. | |
| PublicKey | provide (final String keyId) |
| Provides a signature verification key by key id. | |
| void | withDefaultKey (final String keyId, final PublicKey defaulKey) |
| Stores a key by id and sets it as the default key. | |
| void | addKey (final String keyId, final PublicKey key) |
| Stores a key by id. | |
| void | removeKey (final String keyId) |
| Removes a key by id. | |
| int | countKeys () |
| Returns the count of keys currently held by this instance. | |
| Map< String, PublicKey > | allKeys () |
| Returns an unmodifiable view into all current keys. | |
| boolean | supportsJwksUrlLoad () |
| Returns flag that tells if this key provider supports loading token signing keys from a JWKS endpoint. | |
| void | loadJwks (final URI jwksUrl) |
| Request this key provider to load token signing keys from a JWKS endpoint. | |
| boolean | supportsPersistentStorage () |
| Returns flag that tells if this key provider supports persistent storage of keys. | |
| void | setPersistentStore (final JwksPersistentStore persistentStore) |
| Sets the persistent store to use for caching keys. | |
| Optional< JwksPersistentStore > | getPersistentStore () |
| Gets the currently configured persistent store. | |
| int | loadFromPersistentStore () |
| Loads keys from the persistent store into the in-memory cache. | |
Protected Member Functions | |
| int | saveToPersistentStore () |
| void | persistKeyToStore (final String keyId, final PublicKey key) |
| Protected helper method to persist a single key to the store. | |
| void | removeKeyFromStore (final String keyId) |
| Protected helper method to remove a key from the persistent store. | |
Constructor & Destructor Documentation
◆ DefaultJwtSignatureVerifierKeyProvider()
| tenduke.sdk.core.service.impl.DefaultJwtSignatureVerifierKeyProvider.DefaultJwtSignatureVerifierKeyProvider | ( | final JwksPersistentStore | persistentStore | ) |
Constructor with persistent store support.
- Parameters
-
persistentStore The persistent store to use for caching keys. Can be null to disable persistent caching.
Member Function Documentation
◆ addKey()
| void tenduke.sdk.core.service.impl.DefaultJwtSignatureVerifierKeyProvider.addKey | ( | final String | keyId, |
| final PublicKey | key ) |
Stores a key by id.
- Parameters
-
keyId Identifier of the key to store. key The key to store.
Implements tenduke.sdk.core.service.JwtSignatureVerifierKeyProvider.
◆ allKeys()
| Map< String, PublicKey > tenduke.sdk.core.service.impl.DefaultJwtSignatureVerifierKeyProvider.allKeys | ( | ) |
Returns an unmodifiable view into all current keys.
Return value maps key id to each public key.
- Returns
- Map with key id's and public keys.
◆ countKeys()
| int tenduke.sdk.core.service.impl.DefaultJwtSignatureVerifierKeyProvider.countKeys | ( | ) |
Returns the count of keys currently held by this instance.
- Returns
- Current key count.
Implements tenduke.sdk.core.service.JwtSignatureVerifierKeyProvider.
◆ getPersistentStore()
| Optional< JwksPersistentStore > tenduke.sdk.core.service.impl.DefaultJwtSignatureVerifierKeyProvider.getPersistentStore | ( | ) |
Gets the currently configured persistent store.
- Returns
- Optional containing the persistent store if configured, empty otherwise.
Implements tenduke.sdk.core.service.JwtSignatureVerifierKeyProvider.
◆ initFromUrl()
| void tenduke.sdk.core.service.impl.DefaultJwtSignatureVerifierKeyProvider.initFromUrl | ( | final String | url | ) |
Loads JSON Web Key Set from the given URL.
The keys are stored in this instance into a map by key id. If the current default key is null then the first key in the JWKS response is set as the current default key.
If persistent storage is configured, newly discovered keys are automatically persisted after successful loading.
- Parameters
-
url The URL where the JWKS is available at.
◆ loadFromPersistentStore()
| int tenduke.sdk.core.service.impl.DefaultJwtSignatureVerifierKeyProvider.loadFromPersistentStore | ( | ) |
Loads keys from the persistent store into the in-memory cache.
This method should be called during initialization to restore previously persisted keys.
- Returns
- The number of keys loaded from persistent storage.
Implements tenduke.sdk.core.service.JwtSignatureVerifierKeyProvider.
◆ loadJwks()
| void tenduke.sdk.core.service.impl.DefaultJwtSignatureVerifierKeyProvider.loadJwks | ( | final URI | jwksUrl | ) |
Request this key provider to load token signing keys from a JWKS endpoint.
NOTE: use supportsJwksUrlLoad() first to check that loading keys is supported.
- Parameters
-
jwksUrl The JWKS endpoint to load public keys from.
Implements tenduke.sdk.core.service.JwtSignatureVerifierKeyProvider.
◆ persistKeyToStore()
|
protected |
Protected helper method to persist a single key to the store.
This is called automatically when keys are added or updated.
- Parameters
-
keyId The key identifier key The public key to persist
◆ provide()
| PublicKey tenduke.sdk.core.service.impl.DefaultJwtSignatureVerifierKeyProvider.provide | ( | final String | keyId | ) |
Provides a signature verification key by key id.
- Parameters
-
keyId The key id to lookup key with.
- Returns
- verification key, or null if not found by key id.
Implements tenduke.sdk.core.service.JwtSignatureVerifierKeyProvider.
◆ provideDefault()
| PublicKey tenduke.sdk.core.service.impl.DefaultJwtSignatureVerifierKeyProvider.provideDefault | ( | ) |
Provides the default signature verification key.
- Returns
- default signature verification key, must not be null.
Implements tenduke.sdk.core.service.JwtSignatureVerifierKeyProvider.
◆ removeKey()
| void tenduke.sdk.core.service.impl.DefaultJwtSignatureVerifierKeyProvider.removeKey | ( | final String | keyId | ) |
Removes a key by id.
- Parameters
-
keyId Identifier of the key to store.
Implements tenduke.sdk.core.service.JwtSignatureVerifierKeyProvider.
◆ removeKeyFromStore()
|
protected |
Protected helper method to remove a key from the persistent store.
This is called automatically when keys are removed.
- Parameters
-
keyId The key identifier to remove
◆ setPersistentStore()
| void tenduke.sdk.core.service.impl.DefaultJwtSignatureVerifierKeyProvider.setPersistentStore | ( | final JwksPersistentStore | persistentStore | ) |
Sets the persistent store to use for caching keys.
This method allows injection of a persistent storage implementation that will be used to persist keys across application restarts.
- Parameters
-
persistentStore The persistent store implementation to use.
Implements tenduke.sdk.core.service.JwtSignatureVerifierKeyProvider.
◆ supportsJwksUrlLoad()
| boolean tenduke.sdk.core.service.impl.DefaultJwtSignatureVerifierKeyProvider.supportsJwksUrlLoad | ( | ) |
Returns flag that tells if this key provider supports loading token signing keys from a JWKS endpoint.
- Returns
- true if loading keys from JWKS endpoint is supported, false otherwise.
Implements tenduke.sdk.core.service.JwtSignatureVerifierKeyProvider.
◆ supportsPersistentStorage()
| boolean tenduke.sdk.core.service.impl.DefaultJwtSignatureVerifierKeyProvider.supportsPersistentStorage | ( | ) |
Returns flag that tells if this key provider supports persistent storage of keys.
- Returns
- true if persistent storage is supported, false otherwise.
Implements tenduke.sdk.core.service.JwtSignatureVerifierKeyProvider.
◆ withDefaultKey()
| void tenduke.sdk.core.service.impl.DefaultJwtSignatureVerifierKeyProvider.withDefaultKey | ( | final String | keyId, |
| final PublicKey | key ) |
Stores a key by id and sets it as the default key.
- Parameters
-
keyId Identifier of the key to store. key The key to store.
Implements tenduke.sdk.core.service.JwtSignatureVerifierKeyProvider.
The documentation for this class was generated from the following file:
- service-impl/src/main/java/tenduke/sdk/core/service/impl/DefaultJwtSignatureVerifierKeyProvider.java
