Module io.inverno.mod.security.jose

Package io.inverno.mod.security.jose.internal.jwe

Class GenericJWEReader<A>

java.lang.Object

io.inverno.mod.security.jose.internal.AbstractJOSEObjectReader<A,JWEHeader,JWE<A>,GenericJWEReader<A>>

io.inverno.mod.security.jose.internal.jwe.GenericJWEReader<A>

Type Parameters:

A - the expected payload type

All Implemented Interfaces:

JOSEObjectReader<A,JWEHeader,JWE<A>,GenericJWEReader<A>>, JWEReader<A,GenericJWEReader<A>>

Direct Known Subclasses:

RecipientJWEReader

public class GenericJWEReader<A>
extends AbstractJOSEObjectReader<A,JWEHeader,JWE<A>,GenericJWEReader<A>>
implements JWEReader<A,GenericJWEReader<A>>

Generic JSON Web Encryption compact reader implementation.

Since:

1.5

Author:

Jeremy Kuhn

Field Summary

Fields inherited from class io.inverno.mod.security.jose.internal.AbstractJOSEObjectReader

applicationProcessedParameters, dataConversionService, jwkService, keys, mapper, type

Constructor Summary

Constructors

Constructor	Description
GenericJWEReader(com.fasterxml.jackson.databind.ObjectMapper mapper, io.inverno.mod.security.jose.internal.converter.DataConversionService dataConversionService, JWKService jwkService, Type type, org.reactivestreams.Publisher<? extends JWK> keys, List<JWEZip> zips)	Creates a generic JWE reader

Method Summary

Modifier and Type	Method	Description
protected void	checkHeader(JWEHeader header)	Verifies that the JOSE header is valid.
protected byte[]	getAdditionalAuthenticationData(GenericJWEHeader jweHeader)	Returns expected additional authentication data.
protected JWEZip	getPayloadZip(String zip)	Returns the JWE compression algorithm.
reactor.core.publisher.Mono<JWE<A>>	read(String compact, String contentType)	Reads the specified compact representation using the specified payload media type and returns the corresponding JOSE object.
reactor.core.publisher.Mono<JWE<A>>	read(String compact, Function<String,reactor.core.publisher.Mono<A>> payloadDecoder)	Reads the specified compact representation using the specified payload decoder and returns the corresponding JOSE object.
protected GenericJWEHeader	readJWEHeader(String encodedHeader)	Reads the JWE header.

Methods inherited from class io.inverno.mod.security.jose.internal.AbstractJOSEObjectReader

checkCriticalParameters, getKeys, getPayloadDecoder, getProcessedParameters, processedParameters

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface io.inverno.mod.security.jose.JOSEObjectReader

processedParameters, read

Constructor Details

GenericJWEReader

public GenericJWEReader(com.fasterxml.jackson.databind.ObjectMapper mapper,
 io.inverno.mod.security.jose.internal.converter.DataConversionService dataConversionService,
 JWKService jwkService,
 Type type,
 org.reactivestreams.Publisher<? extends JWK> keys,
 List<JWEZip> zips)

Creates a generic JWE reader

Parameters:

mapper - an object mapper

dataConversionService - a data conversion service

jwkService - a JWK service

type - the expected payload type

keys - the keys to consider to decrypt the CEK

zips - a list of supported JWE compression algorithms

Method Details

read

public reactor.core.publisher.Mono<JWE<A>> read(String compact,
 String contentType)
                                         throws JWEReadException,
JWEBuildException,
JOSEObjectReadException,
JOSEObjectBuildException,
JOSEProcessingException

Description copied from interface: JOSEObjectReader

Reads the specified compact representation using the specified payload media type and returns the corresponding JOSE object.

The reader will use the specified media type to determine the converter to use to deserialize the payload and ignore the content type specified in the JOSE header. The operation will fail if there is no media type converters defined for that particular media type. Media types converters are provided when building the JOSE module. Please consider read method JOSEObjectReader.read(java.lang.String, java.util.function.Function) to provide a custom payload decoder.

Specified by:

read in interface JOSEObjectReader<A,JWEHeader,JWE<A>,GenericJWEReader<A>>

Parameters:

compact - a JOSE object compact representation

contentType - the expected payload media type

Returns:

a single JOSE object publisher

Throws:

JOSEObjectReadException - if there was an error reading the JOSE object

JOSEObjectBuildException - if there was an error building the JOSE object

JOSEProcessingException - if there was a JOSE processing error

JWEReadException

JWEBuildException

read

public reactor.core.publisher.Mono<JWE<A>> read(String compact,
 Function<String,reactor.core.publisher.Mono<A>> payloadDecoder)
                                         throws JWEReadException,
JWEBuildException,
JOSEObjectReadException,
JOSEObjectBuildException,
JOSEProcessingException

Description copied from interface: JOSEObjectReader

Reads the specified compact representation using the specified payload decoder and returns the corresponding JOSE object.

The reader will use the specified payload decoder to deserialize the payload and ignore the content type specified in the JOSE header.

Specified by:

read in interface JOSEObjectReader<A,JWEHeader,JWE<A>,GenericJWEReader<A>>

Parameters:

compact - a JOSE object compact representation

payloadDecoder - a payload decoder

Returns:

a single JOSE object publisher

Throws:

JOSEObjectReadException - if there was an error reading the JOSE object

JOSEObjectBuildException - if there was an error building the JOSE object

JOSEProcessingException - if there was a JOSE processing error

JWEReadException

JWEBuildException

checkHeader

protected void checkHeader(JWEHeader header)
                    throws JWEReadException,
JOSEObjectReadException

Description copied from class: AbstractJOSEObjectReader

Verifies that the JOSE header is valid.

This basically checks that:

• the algorithm is not blank
• Critical parameters set does not include registered parameters (see AbstractJOSEObjectReader.getProcessedParameters())
• Critical parameters set does not include parameters not present in the custom parameters

Overrides:

checkHeader in class AbstractJOSEObjectReader<A,JWEHeader,JWE<A>,GenericJWEReader<A>>

Parameters:

header - the JOSE header

Throws:

JOSEObjectReadException - if the header is invalid

JWEReadException

readJWEHeader

protected GenericJWEHeader readJWEHeader(String encodedHeader)
                                  throws JWEReadException,
JOSEObjectReadException,
JOSEProcessingException

Reads the JWE header.

Parameters:

encodedHeader - the Base64URL encoded JWE header

Returns:

the JWE header

Throws:

JWEReadException - if there was an error reading the JWE header

JOSEObjectReadException - if there was an error reading the JWE header

JOSEProcessingException - if there was a JOSE processing error

getAdditionalAuthenticationData

protected byte[] getAdditionalAuthenticationData(GenericJWEHeader jweHeader)

Returns expected additional authentication data.

For a compact JWE it should be ASCII(Encoded Protected Header). For a JSON JWE it should be ASCII(Encoded Protected Header || '.' || BASE64URL(JWE AAD)).

Parameters:

jweHeader - the JWE header

Returns:

the additional authentication data

getPayloadZip

protected JWEZip getPayloadZip(String zip)
                        throws JWEReadException

Returns the JWE compression algorithm.

Parameters:

zip - the JWE compression algorithm name

Returns:

a JWE compression algorithm or null if the compression algorithm name is blank

Throws:

JWEReadException - if the compression algorithm name is not blank and no corresponding JWE compression algorithm could be found