Package io.jans.as.client.model

Class JwtState

  • public class JwtState
extends Object
    Version:
    November 20, 2018
    Author:
    Javier Rojas Blum

    • Constructor Summary

      Constructors 
      Constructor Description
      JwtState​(io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm keyEncryptionAlgorithm, io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm blockEncryptionAlgorithm, io.jans.as.model.crypto.AbstractCryptoProvider cryptoProvider)  
      JwtState​(io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm keyEncryptionAlgorithm, io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm blockEncryptionAlgorithm, String sharedKey)  
      JwtState​(io.jans.as.model.crypto.signature.SignatureAlgorithm signatureAlgorithm, io.jans.as.model.crypto.AbstractCryptoProvider cryptoProvider)  
      JwtState​(io.jans.as.model.crypto.signature.SignatureAlgorithm signatureAlgorithm, String sharedKey, io.jans.as.model.crypto.AbstractCryptoProvider cryptoProvider)  

    • Constructor Detail

      • JwtState

        public JwtState​(io.jans.as.model.crypto.signature.SignatureAlgorithm signatureAlgorithm,
                io.jans.as.model.crypto.AbstractCryptoProvider cryptoProvider)

      • JwtState

        public JwtState​(io.jans.as.model.crypto.signature.SignatureAlgorithm signatureAlgorithm,
                String sharedKey,
                io.jans.as.model.crypto.AbstractCryptoProvider cryptoProvider)

      • JwtState

        public JwtState​(io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm keyEncryptionAlgorithm,
                io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm blockEncryptionAlgorithm,
                io.jans.as.model.crypto.AbstractCryptoProvider cryptoProvider)

      • JwtState

        public JwtState​(io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm keyEncryptionAlgorithm,
                io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm blockEncryptionAlgorithm,
                String sharedKey)

    • Method Detail

      • getType

        public io.jans.as.model.jwt.JwtType getType()

      • setType

        public void setType​(io.jans.as.model.jwt.JwtType type)

      • getSignatureAlgorithm

        public io.jans.as.model.crypto.signature.SignatureAlgorithm getSignatureAlgorithm()

      • setSignatureAlgorithm

        public void setSignatureAlgorithm​(io.jans.as.model.crypto.signature.SignatureAlgorithm signatureAlgorithm)

      • getKeyEncryptionAlgorithm

        public io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm getKeyEncryptionAlgorithm()

      • setKeyEncryptionAlgorithm

        public void setKeyEncryptionAlgorithm​(io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm keyEncryptionAlgorithm)

      • getBlockEncryptionAlgorithm

        public io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm getBlockEncryptionAlgorithm()

      • setBlockEncryptionAlgorithm

        public void setBlockEncryptionAlgorithm​(io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm blockEncryptionAlgorithm)

      • getKeyId

        public String getKeyId()
        Identifier of the key used to sign this state token at the issuer. Identifier of the key used to encrypt this JWT state token at the issuer.
        Returns:
        The key identifier

      • setKeyId

        public void setKeyId​(String keyId)
        Identifier of the key used to sign this state token at the issuer. Identifier of the key used to encrypt this JWT state token at the issuer.
        Parameters:
        keyId - The key identifier

      • getRfp

        public String getRfp()
        String containing a verifiable identifier for the browser session, that cannot be guessed by a third party. The verification of this element by the client protects it from accepting authorization responses generated in response to forged requests generated by third parties.
        Returns:
        The Request Forgery Protection value

      • setRfp

        public void setRfp​(String rfp)
        String containing a verifiable identifier for the browser session, that cannot be guessed by a third party. The verification of this element by the client protects it from accepting authorization responses generated in response to forged requests generated by third parties.
        Parameters:
        rfp - The Request Forgery Protection value

      • getIat

        public String getIat()
        Timestamp of when this Authorization Request was issued.
        Returns:
        The Issued at value

      • setIat

        public void setIat​(String iat)
        Timestamp of when this Authorization Request was issued.
        Parameters:
        iat - The Issued at value

      • getExp

        public String getExp()
        The expiration time claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing. The processing of the "exp" claim requires that the current date/time MUST be before the expiration date/time listed in the "exp" claim. Implementers MAY provide for some small leeway, usually no more than a few minutes, to account for clock skew. Its value MUST be a number containing an IntDate value.
        Returns:
        The expiration time value

      • setExp

        public void setExp​(String exp)
        The expiration time claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing. The processing of the "exp" claim requires that the current date/time MUST be before the expiration date/time listed in the "exp" claim. Implementers MAY provide for some small leeway, usually no more than a few minutes, to account for clock skew. Its value MUST be a number containing an IntDate value.
        Parameters:
        exp - The expiration time value

      • getIss

        public String getIss()
        String identifying the party that issued this state value.
        Returns:
        The issuer value

      • setIss

        public void setIss​(String iss)
        String identifying the party that issued this state value.
        Parameters:
        iss - The issuer value

      • getAud

        public String getAud()
        String identifying the client that this state value is intended for.
        Returns:
        The audience

      • setAud

        public void setAud​(String aud)
        String identifying the client that this state value is intended for.
        Parameters:
        aud - The audience

      • getTargetLinkUri

        public String getTargetLinkUri()
        URI containing the location the user agent is to be redirected to after authorization.
        Returns:
        The target link URI

      • setTargetLinkUri

        public void setTargetLinkUri​(String targetLinkUri)
        URI containing the location the user agent is to be redirected to after authorization.
        Parameters:
        targetLinkUri - The target link URI

      • getAs

        public String getAs()
        String identifying the authorization server that this request was sent to.
        Returns:
        The authorization server

      • setAs

        public void setAs​(String as)
        String identifying the authorization server that this request was sent to.
        Parameters:
        as - The authorization server

      • getJti

        public String getJti()
        The "jti" (JWT ID) claim provides a unique identifier for the JWT. The identifier value MUST be assigned in a manner that ensures that there is a negligible probability that the same value will be accidentally assigned to a different data object. The "jti" claim can be used to prevent the JWT from being replayed. The "jti" value is a case-sensitive string.
        Returns:
        The JWT ID

      • setJti

        public void setJti​(String jti)
        The "jti" (JWT ID) claim provides a unique identifier for the JWT. The identifier value MUST be assigned in a manner that ensures that there is a negligible probability that the same value will be accidentally assigned to a different data object. The "jti" claim can be used to prevent the JWT from being replayed. The "jti" value is a case-sensitive string.
        Parameters:
        jti - The JWT ID

      • getAtHash

        public String getAtHash()
        Access Token hash value. Its value is the base64url encoding of the left-most half of the hash of the octets of the ASCII representation of the "access_token" value, where the hash algorithm used is the hash algorithm used in the "alg" parameter of the State Token's JWS header. For instance, if the "alg" is "RS256", hash the "access_token" value with SHA-256, then take the left-most 128 bits and base64url encode them. The "at_hash" value is a case sensitive string. This is REQUIRED if the JWT [RFC7519] state token is being produced by the AS and issued with a "access_token" in the authorization response.
        Returns:
        The access token hash value

      • setAtHash

        public void setAtHash​(String atHash)
        Access Token hash value. Its value is the base64url encoding of the left-most half of the hash of the octets of the ASCII representation of the "access_token" value, where the hash algorithm used is the hash algorithm used in the "alg" parameter of the State Token's JWS header. For instance, if the "alg" is "RS256", hash the "access_token" value with SHA-256, then take the left-most 128 bits and base64url encode them. The "at_hash" value is a case sensitive string. This is REQUIRED if the JWT [RFC7519] state token is being produced by the AS and issued with a "access_token" in the authorization response.
        Parameters:
        atHash - The access token hash value

      • getcHash

        public String getcHash()
        Code hash value. Its value is the base64url encoding of the left-most half of the hash of the octets of the ASCII representation of the "code" value, where the hash algorithm used is the hash algorithm used in the "alg" header parameter of the State Token's JWS [RFC7515] header. For instance, if the "alg" is "HS512", hash the "code" value with SHA-512, then take the left-most 256 bits and base64url encode them. The "c_hash" value is a case sensitive string. This is REQUIRED if the JWT [RFC7519] state token is being produced by the AS and issued with a "code" in the authorization response.
        Returns:
        The code hash value

      • setcHash

        public void setcHash​(String cHash)
        Code hash value. Its value is the base64url encoding of the left-most half of the hash of the octets of the ASCII representation of the "code" value, where the hash algorithm used is the hash algorithm used in the "alg" header parameter of the State Token's JWS [RFC7515] header. For instance, if the "alg" is "HS512", hash the "code" value with SHA-512, then take the left-most 256 bits and base64url encode them. The "c_hash" value is a case sensitive string. This is REQUIRED if the JWT [RFC7519] state token is being produced by the AS and issued with a "code" in the authorization response.
        Parameters:
        cHash - The code hash value

      • getAdditionalClaims

        public org.json.JSONObject getAdditionalClaims()

      • setAdditionalClaims

        public void setAdditionalClaims​(org.json.JSONObject additionalClaims)

      • headerToJSONObject

        protected org.json.JSONObject headerToJSONObject()
                                          throws io.jans.as.model.exception.InvalidJwtException
        Throws:
        io.jans.as.model.exception.InvalidJwtException

      • payloadToJSONObject

        protected org.json.JSONObject payloadToJSONObject()
                                           throws org.json.JSONException
        Throws:
        org.json.JSONException