Module io.inverno.mod.security.jose
Package io.inverno.mod.security.jose.internal

Class AbstractJOSEObjectBuilder<A,B extends JOSEHeader,C extends JOSEObject<A,B>,D extends JOSEHeaderConfigurator<D>,E extends AbstractJOSEObjectBuilder<A,B,C,D,E>>

java.lang.Object
io.inverno.mod.security.jose.internal.AbstractJOSEObjectBuilder<A,B,C,D,E>
Type Parameters:
A - the payload type
B - the JOSE header type
C - the JOSE object type
D - the JOSE header configurator type
E - the JOSE object builder type
All Implemented Interfaces:
JOSEObjectBuilder<A,B,C,D,E>
Direct Known Subclasses:
GenericJWEBuilder, GenericJWSBuilder
public abstract class AbstractJOSEObjectBuilder<A,B extends JOSEHeader,C extends JOSEObject<A,B>,D extends JOSEHeaderConfigurator<D>,E extends AbstractJOSEObjectBuilder<A,B,C,D,E>> extends Object implements JOSEObjectBuilder<A,B,C,D,E>

Base JOSE object builder implementation.

Since:
1.5
Author:
Jeremy Kuhn
See Also:

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    protected final io.inverno.mod.security.jose.internal.converter.DataConversionService
    dataConversionService
    The data conversion service.
    protected final JWKService
    jwkService
    The JWK service.
    protected final org.reactivestreams.Publisher<? extends JWK>
    keys
    The keys to consider to secure JOSE objects.
    protected final com.fasterxml.jackson.databind.ObjectMapper
    mapper
    The object mapper.
    protected A
    payload
    The payload.
    protected final Type
    type
    The payload type.

  • Constructor Summary

    Constructors
    Constructor
    Description
    AbstractJOSEObjectBuilder(com.fasterxml.jackson.databind.ObjectMapper mapper, io.inverno.mod.security.jose.internal.converter.DataConversionService dataConversionService, JWKService jwkService, Type type, org.reactivestreams.Publisher<? extends JWK> keys)
    Creates a JOSE object builder.

  • Method Summary

    Modifier and Type
    Method
    Description
    protected void
    checkHeader(B header)
    Verifies that the JOSE header is valid.
    protected void
    checkPayload()
    Verifies that the payload is valid.
    protected reactor.core.publisher.Flux<? extends JWK>
    getKeys(JOSEHeader header)
    Returns the keys to consider to secure JOSE objects.
    protected Function<A,reactor.core.publisher.Mono<String>>
    getPayloadEncoder(Function<A,reactor.core.publisher.Mono<String>> overridingPayloadEncoder, String overridingContentType, JOSEHeader header)
    Returns the payload encoder to use to serialize the payload.
    protected Set<String>
    getProcessedParameters()
    Returns the set of parameters processed by the builder.
    E
    payload(A payload)
    Specifies the JOSE object payload.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    Methods inherited from interface io.inverno.mod.security.jose.JOSEObjectBuilder

    build, build, build, header

  • Field Details

    • mapper

      protected final com.fasterxml.jackson.databind.ObjectMapper mapper
      The object mapper.

    • dataConversionService

      protected final io.inverno.mod.security.jose.internal.converter.DataConversionService dataConversionService
      The data conversion service.

    • jwkService

      protected final JWKService jwkService
      The JWK service.

    • type

      protected final Type type
      The payload type.

    • keys

      protected final org.reactivestreams.Publisher<? extends JWK> keys
      The keys to consider to secure JOSE objects.

    • payload

      protected A payload
      The payload.

  • Constructor Details

    • AbstractJOSEObjectBuilder

      public AbstractJOSEObjectBuilder(com.fasterxml.jackson.databind.ObjectMapper mapper, io.inverno.mod.security.jose.internal.converter.DataConversionService dataConversionService, JWKService jwkService, Type type, org.reactivestreams.Publisher<? extends JWK> keys)

      Creates a JOSE object builder.

      Parameters:
      mapper - an object mapper
      dataConversionService - a data conversion service
      jwkService - a JWK service
      type - the payload type
      keys - the keys to consider to secure JOSE objects

  • Method Details

    • payload

      public E payload(A payload)
      Description copied from interface: JOSEObjectBuilder

      Specifies the JOSE object payload.

      Specified by:
      payload in interface JOSEObjectBuilder<A,B extends JOSEHeader,C extends JOSEObject<A,B>,D extends JOSEHeaderConfigurator<D>,E extends AbstractJOSEObjectBuilder<A,B,C,D,E>>
      Parameters:
      payload - a payload
      Returns:
      this builder

    • getProcessedParameters

      protected Set<String> getProcessedParameters()

      Returns the set of parameters processed by the builder.

      These basically corresponds to the registered parameters processed and understood by the JOSE header.

      Returns:
      a set of parameters

    • getKeys

      protected reactor.core.publisher.Flux<? extends JWK> getKeys(JOSEHeader header) throws JOSEObjectBuildException

      Returns the keys to consider to secure JOSE objects.

      Keys can be provided explicitly to the builder, in which case, only the keys that supports the specified algorithm will be retained to secure JOSE objects otherwise the builder will try to resolve keys based on the JOSE header built from the builder's parameters and only retain the trusted keys, typically those resolved from the JWKStore or from a trusted KeyStore.

      The resulting publisher will fail if no key could be found.

      Parameters:
      header - the JOSE header
      Returns:
      a publisher of keys
      Throws:
      JOSEObjectBuildException - if no suitable key could be found

    • checkHeader

      protected void checkHeader(B header) throws JOSEObjectBuildException, JOSEProcessingException

      Verifies that the JOSE header is valid.

      This basically checks that:

      • the algorithm is not blank
      • Custom parameters do not include registered parameters (see getProcessedParameters())
      • Critical parameters set does not include undefined parameters
      Parameters:
      header - the JOSE header
      Throws:
      JOSEObjectBuildException - if the header is invalid
      JOSEProcessingException - if there was a JOSE processing error

    • checkPayload

      protected void checkPayload() throws JOSEObjectBuildException, JOSEProcessingException

      Verifies that the payload is valid.

      This basically checks that the payload is not null.

      Throws:
      JOSEObjectBuildException - if the payload is invalid
      JOSEProcessingException - if there was a JOSE processing error

    • getPayloadEncoder

      protected Function<A,reactor.core.publisher.Mono<String>> getPayloadEncoder(Function<A,reactor.core.publisher.Mono<String>> overridingPayloadEncoder, String overridingContentType, JOSEHeader header) throws JOSEObjectBuildException, JOSEProcessingException

      Returns the payload encoder to use to serialize the payload.

      This method first considers the overriding payload encoder which is returned if present. Then the overriding content type is used if present to resolve the media type converter to use. Finally the payload content type defined in the JOSE header is considered to resolve the media type converter to use.

      Parameters:
      overridingPayloadEncoder - the overriding payload encoder
      overridingContentType - the overriding payload media type
      header - the JOSE header
      Returns:
      a payload encoder
      Throws:
      JOSEObjectBuildException - if no payload encoder could have been resolved
      JOSEProcessingException - if there was a JOSE processing error