Module io.inverno.mod.security.jose
Class RecipientJWEBuilder<A>
java.lang.Object
io.inverno.mod.security.jose.internal.AbstractJOSEObjectBuilder<A,JWEHeader,JWE<A>,GenericJWEHeader,GenericJWEBuilder<A>>
io.inverno.mod.security.jose.internal.jwe.GenericJWEBuilder<A>
io.inverno.mod.security.jose.internal.jwe.RecipientJWEBuilder<A>
- Type Parameters:
A- the payload type
- All Implemented Interfaces:
JOSEObjectBuilder<A,,JWEHeader, JWE<A>, GenericJWEHeader, GenericJWEBuilder<A>> JWEBuilder<A,GenericJWEHeader, GenericJWEBuilder<A>>
JSON JWE recipient specific JWE builder used to build recipient specific JWE when building a JSON JWE.
- Since:
- 1.5
- Author:
- Jeremy Kuhn
-
Field Summary
Fields inherited from class io.inverno.mod.security.jose.internal.jwe.GenericJWEBuilder
headerConfigurerFields inherited from class io.inverno.mod.security.jose.internal.AbstractJOSEObjectBuilder
dataConversionService, jwkService, keys, mapper, payload, type -
Constructor Summary
ConstructorsConstructorDescriptionRecipientJWEBuilder(com.fasterxml.jackson.databind.ObjectMapper mapper, io.inverno.mod.security.jose.internal.converter.DataConversionService dataConversionService, JWKService jwkService, Type type, org.reactivestreams.Publisher<? extends JWK> keys, List<JWEZip> zips, GenericJWEHeader protectedJWEHeader, GenericJWEHeader recipientJWEHeader, GenericJWEHeader jweHeader, GenericJWEPayload<A> jwePayload, byte[] aad) Creates a JSON JWE recipient builder.RecipientJWEBuilder(com.fasterxml.jackson.databind.ObjectMapper mapper, io.inverno.mod.security.jose.internal.converter.DataConversionService dataConversionService, JWKService jwkService, Type type, org.reactivestreams.Publisher<? extends JWK> keys, List<JWEZip> zips, GenericJWEHeader protectedJWEHeader, GenericJWEHeader recipientJWEHeader, GenericJWEHeader jweHeader, GenericJWEPayload<A> jwePayload, byte[] aad, JWK cek, JWACipher.EncryptedData zipAndEncryptedPayload) Creates a JSON JWE recipient builder. -
Method Summary
Modifier and TypeMethodDescriptionprotected voidamendJWEHeader(GenericJWEHeader header, Map<String, Object> moreHeaderParameters, Set<String> processedParameters) Amends the JWE header with custom parameters and processed parameters output by key management and encryption algorithms.protected GenericJWEHeaderBuilds the JWE header.protected reactor.core.publisher.Mono<GenericJWEPayload<A>>buildJWEPayload(Function<A, reactor.core.publisher.Mono<String>> overridingPayloadEncoder, String overridingContentType, GenericJWEHeader jweHeader) Builds the JWE payload.protected reactor.core.publisher.Flux<? extends JWK>generateCEK(GenericJWEHeader jweHeader) Generates Content Encryption Keys used to encrypt the payload.protected byte[]getAdditionalAuthenticationData(GenericJWEHeader jweHeader) Returns additional authentication data.header(Consumer<GenericJWEHeader> configurer) Specifies the JOSE header.Specifies the JOSE object payload.protected JWACipher.EncryptedDatazipAndEncryptPayload(GenericJWEHeader jweHeader, GenericJWEPayload<A> jwePayload, JWEZip payloadZip, JWK cek) Compresses and encrypt the JWE payload.Methods inherited from class io.inverno.mod.security.jose.internal.jwe.GenericJWEBuilder
build, build, checkHeader, getPayloadZip, getProcessedParameters, secureRandomMethods inherited from class io.inverno.mod.security.jose.internal.AbstractJOSEObjectBuilder
checkPayload, getKeys, getPayloadEncoderMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface io.inverno.mod.security.jose.JOSEObjectBuilder
build
-
Constructor Details
-
RecipientJWEBuilder
public RecipientJWEBuilder(com.fasterxml.jackson.databind.ObjectMapper mapper, io.inverno.mod.security.jose.internal.converter.DataConversionService dataConversionService, JWKService jwkService, Type type, org.reactivestreams.Publisher<? extends JWK> keys, List<JWEZip> zips, GenericJWEHeader protectedJWEHeader, GenericJWEHeader recipientJWEHeader, GenericJWEHeader jweHeader, GenericJWEPayload<A> jwePayload, byte[] aad) Creates a JSON JWE recipient builder.
- Parameters:
mapper- an object mapperdataConversionService- a data conversion servicejwkService- a JWK servicetype- the payload typekeys- the recipient specific keys to consider to secure the CEKzips- a list of supported JWE compression algorithmsprotectedJWEHeader- the JSON JWE protected headerrecipientJWEHeader- the JSON JWE unprotected headerjweHeader- the recipient JWE headerjwePayload- the JSON JWE payloadaad- the additional authentication data
-
RecipientJWEBuilder
public RecipientJWEBuilder(com.fasterxml.jackson.databind.ObjectMapper mapper, io.inverno.mod.security.jose.internal.converter.DataConversionService dataConversionService, JWKService jwkService, Type type, org.reactivestreams.Publisher<? extends JWK> keys, List<JWEZip> zips, GenericJWEHeader protectedJWEHeader, GenericJWEHeader recipientJWEHeader, GenericJWEHeader jweHeader, GenericJWEPayload<A> jwePayload, byte[] aad, JWK cek, JWACipher.EncryptedData zipAndEncryptedPayload) Creates a JSON JWE recipient builder.
- Parameters:
mapper- an object mapperdataConversionService- a data conversion servicejwkService- a JWK servicetype- the payload typekeys- the recipient specific keys to consider to secure the CEKzips- a list of supported JWE compression algorithmsprotectedJWEHeader- the JSON JWE protected headerrecipientJWEHeader- the JSON JWE unprotected headerjweHeader- the recipient JWE headerjwePayload- the JSON JWE payloadaad- the additional authentication datacek- the JSON JWE Content Encryption keyzipAndEncryptedPayload- the encrypted payload
-
-
Method Details
-
header
Description copied from interface:JOSEObjectBuilderSpecifies the JOSE header.
- Specified by:
headerin interfaceJOSEObjectBuilder<A,JWEHeader, JWE<A>, GenericJWEHeader, GenericJWEBuilder<A>> - Overrides:
headerin classGenericJWEBuilder<A>- Parameters:
configurer- a JOSE header configurer- Returns:
- this builder
-
payload
Description copied from interface:JOSEObjectBuilderSpecifies the JOSE object payload.
- Specified by:
payloadin interfaceJOSEObjectBuilder<A,JWEHeader, JWE<A>, GenericJWEHeader, GenericJWEBuilder<A>> - Overrides:
payloadin classAbstractJOSEObjectBuilder<A,JWEHeader, JWE<A>, GenericJWEHeader, GenericJWEBuilder<A>> - Parameters:
payload- a payload- Returns:
- this builder
-
buildJWEHeader
protected GenericJWEHeader buildJWEHeader() throws JWEBuildException, JOSEObjectBuildException, JOSEProcessingExceptionDescription copied from class:GenericJWEBuilderBuilds the JWE header.
- Overrides:
buildJWEHeaderin classGenericJWEBuilder<A>- Returns:
- the JWE header
- Throws:
JWEBuildException- if there was an error building the JWE headerJOSEObjectBuildException- if there was an error building the JWE headerJOSEProcessingException- if there was a JOSE processing error
-
buildJWEPayload
protected reactor.core.publisher.Mono<GenericJWEPayload<A>> buildJWEPayload(Function<A, reactor.core.publisher.Mono<String>> overridingPayloadEncoder, String overridingContentType, GenericJWEHeader jweHeader) throws JWEBuildException, JOSEObjectBuildException, JOSEProcessingExceptionDescription copied from class:GenericJWEBuilderBuilds the JWE payload.
- Overrides:
buildJWEPayloadin classGenericJWEBuilder<A>- Parameters:
overridingPayloadEncoder- an overriding payload encoderoverridingContentType- an overriding payload content typejweHeader- the JWE header- Returns:
- a single JWE payload publisher
- Throws:
JWEBuildException- if there was an error building the JWE payloadJOSEObjectBuildException- if there was an error building the JWE payloadJOSEProcessingException- if there was a JOSE processing error
-
generateCEK
protected reactor.core.publisher.Flux<? extends JWK> generateCEK(GenericJWEHeader jweHeader) throws JWKGenerateException Description copied from class:GenericJWEBuilderGenerates Content Encryption Keys used to encrypt the payload.
This can result in multiple keys depending on the target encryption algorithm and the JWK service setup, the first succeeding key will be retained and the others dropped before they are generated.
- Overrides:
generateCEKin classGenericJWEBuilder<A>- Parameters:
jweHeader- the JWE header- Returns:
- a JWK publisher
- Throws:
JWKGenerateException- if no CEK corresponding to the encryption algorithm could be generated
-
amendJWEHeader
protected void amendJWEHeader(GenericJWEHeader header, Map<String, Object> moreHeaderParameters, Set<String> processedParameters) throws JWEBuildException, JOSEObjectBuildException, JOSEProcessingExceptionDescription copied from class:GenericJWEBuilderAmends the JWE header with custom parameters and processed parameters output by key management and encryption algorithms.
- Overrides:
amendJWEHeaderin classGenericJWEBuilder<A>- Parameters:
header- the JWE headermoreHeaderParameters- custom parametersprocessedParameters- processed parameters- Throws:
JWEBuildException- if there was an error amending the JWE headerJOSEObjectBuildException- if there was an error amending the JWE headerJOSEProcessingException- if there was a JOSE processing error
-
getAdditionalAuthenticationData
Description copied from class:GenericJWEBuilderReturns additional authentication data.
For a compact JWE it should be
ASCII(Encoded Protected Header). For a JSON JWE it should beASCII(Encoded Protected Header || '.' || BASE64URL(JWE AAD)).- Overrides:
getAdditionalAuthenticationDatain classGenericJWEBuilder<A>- Parameters:
jweHeader- the JWE header- Returns:
- the additional authentication data
-
zipAndEncryptPayload
protected JWACipher.EncryptedData zipAndEncryptPayload(GenericJWEHeader jweHeader, GenericJWEPayload<A> jwePayload, JWEZip payloadZip, JWK cek) throws JWKProcessingException, JWEZipException, JWACipherException Description copied from class:GenericJWEBuilderCompresses and encrypt the JWE payload.
- Overrides:
zipAndEncryptPayloadin classGenericJWEBuilder<A>- Parameters:
jweHeader- the JWE headerjwePayload- the JWE payloadpayloadZip- the JWE payload compression algorithmcek- the Content Encryption Key- Returns:
- encrypted data
- Throws:
JWKProcessingException- if there was an error obtaining the cipher instanceJWEZipException- if there was an error compressing the payloadJWACipherException- if there was an error encrypting the payload
-