Module io.inverno.mod.security.jose
Class GenericX509JWKCertPathValidator
java.lang.Object
io.inverno.mod.security.jose.internal.jwk.GenericX509JWKCertPathValidator
- All Implemented Interfaces:
X509JWKCertPathValidator
Generic X.509 certificates path validator implementation.
This is an overridable bean which can be overriden by injecting a custom X509JWKCertPathValidator instance when building the JOSE module.
It requires an executor service to be able to execute certificate path validation, which might be blocking, asynchronously.
- Since:
- 1.5
- Author:
- Jeremy Kuhn
-
Constructor Summary
ConstructorsConstructorDescriptionGenericX509JWKCertPathValidator(PKIXParameters pkixParameters, ExecutorService executor) Creates an X.509 certificates path validator. -
Method Summary
Modifier and TypeMethodDescriptionreactor.core.publisher.Mono<X509Certificate>validate(List<X509Certificate> certificates) Validates the specified certificates chain.
-
Constructor Details
-
GenericX509JWKCertPathValidator
Creates an X.509 certificates path validator.
- Parameters:
pkixParameters- PKIX parametersexecutor- an executor service
-
-
Method Details
-
validate
public reactor.core.publisher.Mono<X509Certificate> validate(List<X509Certificate> certificates) throws JWKResolveException Description copied from interface:X509JWKCertPathValidatorValidates the specified certificates chain.
- Specified by:
validatein interfaceX509JWKCertPathValidator- Parameters:
certificates- the certificates chain to validate- Returns:
- a single publisher emitting the validated certificate (the first certificate in the chain)
- Throws:
JWKResolveException- if the certificates chain is invalid
-