- All Known Implementing Classes:
InMemoryJWKStore,NoOpJWKStore
A JWK store is used to store frequently used keys and make them available to JWKFactory and JWKBuilder so keys can be automatically resolved when building or reading JOSE objects.
Keys are stored and resolved based on the key id, the X.509 SHA1 thumbprint, the X.509 SHA256 thumbprint or the JWK thumbprint in that order.
It is recommended to only store trusted keys inside a JWK store to prevent them from being evicted when resolving a JOSE object key.
- Since:
- 1.5
- Author:
- Jeremy Kuhn
-
Method Summary
Modifier and TypeMethodDescription<T extends JWK>
reactor.core.publisher.Mono<T>Returns the key stored for the specified X.509 SHA1 thumbprint<T extends JWK>
reactor.core.publisher.Mono<T>getByJWKThumbprint(String jwkThumbprint) Returns the key stored for the specified JWK thumbprint.<T extends JWK>
reactor.core.publisher.Mono<T>getByKeyId(String kid) Returns the key stored for the specified key id.<T extends JWK>
reactor.core.publisher.Mono<T>getByX509CertificateSHA256Thumbprint(String x5t_S256) Returns the key stored for the specified X.509 SHA256 thumbprintreactor.core.publisher.Mono<Void>Removes the specified key from the store.reactor.core.publisher.Mono<Void>Stores the specified key into the store.
-
Method Details
-
getByKeyId
Returns the key stored for the specified key id.
- Type Parameters:
T- the expected type of the key- Parameters:
kid- a key id- Returns:
- a single key publisher or an empty publisher
- Throws:
JWKStoreException- if there was an error accessing the store
-
getBy509CertificateSHA1Thumbprint
<T extends JWK> reactor.core.publisher.Mono<T> getBy509CertificateSHA1Thumbprint(String x5t) throws JWKStoreException Returns the key stored for the specified X.509 SHA1 thumbprint
- Type Parameters:
T- the expected type of the key- Parameters:
x5t- an X.509 SHA1 thumbprint- Returns:
- a single key publisher or an empty publisher
- Throws:
JWKStoreException- if there was an error accessing the store
-
getByX509CertificateSHA256Thumbprint
<T extends JWK> reactor.core.publisher.Mono<T> getByX509CertificateSHA256Thumbprint(String x5t_S256) throws JWKStoreException Returns the key stored for the specified X.509 SHA256 thumbprint
- Type Parameters:
T- the expected type of the key- Parameters:
x5t_S256- an X.509 SHA256 thumbprint- Returns:
- a single key publisher or an empty publisher
- Throws:
JWKStoreException- if there was an error accessing the store
-
getByJWKThumbprint
<T extends JWK> reactor.core.publisher.Mono<T> getByJWKThumbprint(String jwkThumbprint) throws JWKStoreException Returns the key stored for the specified JWK thumbprint.
- Type Parameters:
T- the expected type of the key- Parameters:
jwkThumbprint- a JWK thumbprint- Returns:
- a single key publisher or an empty publisher
- Throws:
JWKStoreException- if there was an error accessing the store
-
set
Stores the specified key into the store.
This method should store the key for all available identifiers: key id, X.509 SHA1 thumbprint, X.509 SHA256 thumbprint and JWK thumbprint.
- Parameters:
jwk- the key to store- Returns:
- a single empty publisher that completes once the key has been stored
- Throws:
JWKStoreException- if there was an error accessing the store
-
remove
Removes the specified key from the store.
This method should remove the key associated to all available identifiers: key id, X.509 SHA1 thumbprint, X.509 SHA256 thumbprint and JWK thumbprint.
- Parameters:
jwk- the key to remove- Returns:
- a single empty publisher that completes once the key has been removed
- Throws:
JWKStoreException- if there was an error accessing the store
-