Package org.wildfly.security.auth.realm.token.validator

Class JwkManager

java.lang.Object

org.wildfly.security.auth.realm.token.validator.JwkManager

class JwkManager
extends Object

Object for caching RSA JSON Web Keys for signature validation

Author:

Martin Mazanek

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
private static class	JwkManager.CacheEntry

Field Summary

Fields

Modifier and Type	Field	Description
private int	connectionTimeout
private HostnameVerifier	hostnameVerifier
private Map<URL,JwkManager.CacheEntry>	keys
private int	minTimeBetweenRequests
private int	readTimeout
private SSLContext	sslContext
private long	updateTimeout

Constructor Summary

Constructors

Constructor	Description
JwkManager(SSLContext sslContext, HostnameVerifier hostnameVerifier, long updateTimeout, int connectionTimeout, int readTimeout, int minTimeBetweenRequests)

Method Summary

Modifier and Type	Method	Description
private Map<String,RSAPublicKey>	checkRemote(String kid, URL url)
private static Map<String,RSAPublicKey>	getJwksFromUrl(URL url, SSLContext sslContext, HostnameVerifier hostnameVerifier, int connectionTimeout, int readTimeout)
PublicKey	getPublicKey(String kid, URL url)	Thread-safe method for receiving remote public key

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

keys

private final Map<URL,JwkManager.CacheEntry> keys

sslContext

private final SSLContext sslContext

hostnameVerifier

private final HostnameVerifier hostnameVerifier

updateTimeout

private final long updateTimeout

minTimeBetweenRequests

private final int minTimeBetweenRequests

connectionTimeout

private final int connectionTimeout

readTimeout

private final int readTimeout

Constructor Detail

JwkManager

JwkManager(SSLContext sslContext,
           HostnameVerifier hostnameVerifier,
           long updateTimeout,
           int connectionTimeout,
           int readTimeout,
           int minTimeBetweenRequests)

Method Detail

getPublicKey

public PublicKey getPublicKey(String kid,
                              URL url)

Thread-safe method for receiving remote public key

Parameters:

kid - key id

url - remote jkws url

Returns:

signature verification public key if found, null otherwise

checkRemote

private Map<String,RSAPublicKey> checkRemote(String kid,
                                                   URL url)

getJwksFromUrl

private static Map<String,RSAPublicKey> getJwksFromUrl(URL url,
                                                             SSLContext sslContext,
                                                             HostnameVerifier hostnameVerifier,
                                                             int connectionTimeout,
                                                             int readTimeout)