Class JwtState

java.lang.Object
io.jans.as.client.model.JwtState

public class JwtState extends Object
Version:
November 20, 2018
Author:
Javier Rojas Blum
  • Constructor Summary

    Constructors
    Constructor
    Description
    JwtState(io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm keyEncryptionAlgorithm, io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm blockEncryptionAlgorithm, io.jans.as.model.crypto.AbstractCryptoProvider cryptoProvider)
     
    JwtState(io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm keyEncryptionAlgorithm, io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm blockEncryptionAlgorithm, String sharedKey)
     
    JwtState(io.jans.as.model.crypto.signature.SignatureAlgorithm signatureAlgorithm, io.jans.as.model.crypto.AbstractCryptoProvider cryptoProvider)
     
    JwtState(io.jans.as.model.crypto.signature.SignatureAlgorithm signatureAlgorithm, String sharedKey, io.jans.as.model.crypto.AbstractCryptoProvider cryptoProvider)
     
  • Method Summary

    Modifier and Type
    Method
    Description
    org.json.JSONObject
     
    String identifying the authorization server that this request was sent to.
    Access Token hash value.
    String identifying the client that this state value is intended for.
    io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm
     
    Code hash value.
     
    getEncodedJwt(org.json.JSONObject jwks)
     
    The expiration time claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing.
    Timestamp of when this Authorization Request was issued.
    String identifying the party that issued this state value.
    The "jti" (JWT ID) claim provides a unique identifier for the JWT.
    io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm
     
    Identifier of the key used to sign this state token at the issuer.
    String containing a verifiable identifier for the browser session, that cannot be guessed by a third party.
    io.jans.as.model.crypto.signature.SignatureAlgorithm
     
    URI containing the location the user agent is to be redirected to after authorization.
    io.jans.as.model.jwt.JwtType
     
    protected org.json.JSONObject
     
    protected org.json.JSONObject
     
    void
    setAdditionalClaims(org.json.JSONObject additionalClaims)
     
    void
    String identifying the authorization server that this request was sent to.
    void
    setAtHash(String atHash)
    Access Token hash value.
    void
    String identifying the client that this state value is intended for.
    void
    setBlockEncryptionAlgorithm(io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm blockEncryptionAlgorithm)
     
    void
    Code hash value.
    void
    The expiration time claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing.
    void
    Timestamp of when this Authorization Request was issued.
    void
    String identifying the party that issued this state value.
    void
    The "jti" (JWT ID) claim provides a unique identifier for the JWT.
    void
    setKeyEncryptionAlgorithm(io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm keyEncryptionAlgorithm)
     
    void
    Identifier of the key used to sign this state token at the issuer.
    void
    String containing a verifiable identifier for the browser session, that cannot be guessed by a third party.
    void
    setSignatureAlgorithm(io.jans.as.model.crypto.signature.SignatureAlgorithm signatureAlgorithm)
     
    void
    setTargetLinkUri(String targetLinkUri)
    URI containing the location the user agent is to be redirected to after authorization.
    void
    setType(io.jans.as.model.jwt.JwtType type)
     

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
  • Constructor Details

    • JwtState

      public JwtState(io.jans.as.model.crypto.signature.SignatureAlgorithm signatureAlgorithm, io.jans.as.model.crypto.AbstractCryptoProvider cryptoProvider)
    • JwtState

      public JwtState(io.jans.as.model.crypto.signature.SignatureAlgorithm signatureAlgorithm, String sharedKey, io.jans.as.model.crypto.AbstractCryptoProvider cryptoProvider)
    • JwtState

      public JwtState(io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm keyEncryptionAlgorithm, io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm blockEncryptionAlgorithm, io.jans.as.model.crypto.AbstractCryptoProvider cryptoProvider)
    • JwtState

      public JwtState(io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm keyEncryptionAlgorithm, io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm blockEncryptionAlgorithm, String sharedKey)
  • Method Details

    • getType

      public io.jans.as.model.jwt.JwtType getType()
    • setType

      public void setType(io.jans.as.model.jwt.JwtType type)
    • getSignatureAlgorithm

      public io.jans.as.model.crypto.signature.SignatureAlgorithm getSignatureAlgorithm()
    • setSignatureAlgorithm

      public void setSignatureAlgorithm(io.jans.as.model.crypto.signature.SignatureAlgorithm signatureAlgorithm)
    • getKeyEncryptionAlgorithm

      public io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm getKeyEncryptionAlgorithm()
    • setKeyEncryptionAlgorithm

      public void setKeyEncryptionAlgorithm(io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm keyEncryptionAlgorithm)
    • getBlockEncryptionAlgorithm

      public io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm getBlockEncryptionAlgorithm()
    • setBlockEncryptionAlgorithm

      public void setBlockEncryptionAlgorithm(io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm blockEncryptionAlgorithm)
    • getKeyId

      public String getKeyId()
      Identifier of the key used to sign this state token at the issuer. Identifier of the key used to encrypt this JWT state token at the issuer.
      Returns:
      The key identifier
    • setKeyId

      public void setKeyId(String keyId)
      Identifier of the key used to sign this state token at the issuer. Identifier of the key used to encrypt this JWT state token at the issuer.
      Parameters:
      keyId - The key identifier
    • getRfp

      public String getRfp()
      String containing a verifiable identifier for the browser session, that cannot be guessed by a third party. The verification of this element by the client protects it from accepting authorization responses generated in response to forged requests generated by third parties.
      Returns:
      The Request Forgery Protection value
    • setRfp

      public void setRfp(String rfp)
      String containing a verifiable identifier for the browser session, that cannot be guessed by a third party. The verification of this element by the client protects it from accepting authorization responses generated in response to forged requests generated by third parties.
      Parameters:
      rfp - The Request Forgery Protection value
    • getIat

      public String getIat()
      Timestamp of when this Authorization Request was issued.
      Returns:
      The Issued at value
    • setIat

      public void setIat(String iat)
      Timestamp of when this Authorization Request was issued.
      Parameters:
      iat - The Issued at value
    • getExp

      public String getExp()
      The expiration time claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing. The processing of the "exp" claim requires that the current date/time MUST be before the expiration date/time listed in the "exp" claim. Implementers MAY provide for some small leeway, usually no more than a few minutes, to account for clock skew. Its value MUST be a number containing an IntDate value.
      Returns:
      The expiration time value
    • setExp

      public void setExp(String exp)
      The expiration time claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing. The processing of the "exp" claim requires that the current date/time MUST be before the expiration date/time listed in the "exp" claim. Implementers MAY provide for some small leeway, usually no more than a few minutes, to account for clock skew. Its value MUST be a number containing an IntDate value.
      Parameters:
      exp - The expiration time value
    • getIss

      public String getIss()
      String identifying the party that issued this state value.
      Returns:
      The issuer value
    • setIss

      public void setIss(String iss)
      String identifying the party that issued this state value.
      Parameters:
      iss - The issuer value
    • getAud

      public String getAud()
      String identifying the client that this state value is intended for.
      Returns:
      The audience
    • setAud

      public void setAud(String aud)
      String identifying the client that this state value is intended for.
      Parameters:
      aud - The audience
    • getTargetLinkUri

      public String getTargetLinkUri()
      URI containing the location the user agent is to be redirected to after authorization.
      Returns:
      The target link URI
    • setTargetLinkUri

      public void setTargetLinkUri(String targetLinkUri)
      URI containing the location the user agent is to be redirected to after authorization.
      Parameters:
      targetLinkUri - The target link URI
    • getAs

      public String getAs()
      String identifying the authorization server that this request was sent to.
      Returns:
      The authorization server
    • setAs

      public void setAs(String as)
      String identifying the authorization server that this request was sent to.
      Parameters:
      as - The authorization server
    • getJti

      public String getJti()
      The "jti" (JWT ID) claim provides a unique identifier for the JWT. The identifier value MUST be assigned in a manner that ensures that there is a negligible probability that the same value will be accidentally assigned to a different data object. The "jti" claim can be used to prevent the JWT from being replayed. The "jti" value is a case-sensitive string.
      Returns:
      The JWT ID
    • setJti

      public void setJti(String jti)
      The "jti" (JWT ID) claim provides a unique identifier for the JWT. The identifier value MUST be assigned in a manner that ensures that there is a negligible probability that the same value will be accidentally assigned to a different data object. The "jti" claim can be used to prevent the JWT from being replayed. The "jti" value is a case-sensitive string.
      Parameters:
      jti - The JWT ID
    • getAtHash

      public String getAtHash()
      Access Token hash value. Its value is the base64url encoding of the left-most half of the hash of the octets of the ASCII representation of the "access_token" value, where the hash algorithm used is the hash algorithm used in the "alg" parameter of the State Token's JWS header. For instance, if the "alg" is "RS256", hash the "access_token" value with SHA-256, then take the left-most 128 bits and base64url encode them. The "at_hash" value is a case sensitive string. This is REQUIRED if the JWT [RFC7519] state token is being produced by the AS and issued with a "access_token" in the authorization response.
      Returns:
      The access token hash value
    • setAtHash

      public void setAtHash(String atHash)
      Access Token hash value. Its value is the base64url encoding of the left-most half of the hash of the octets of the ASCII representation of the "access_token" value, where the hash algorithm used is the hash algorithm used in the "alg" parameter of the State Token's JWS header. For instance, if the "alg" is "RS256", hash the "access_token" value with SHA-256, then take the left-most 128 bits and base64url encode them. The "at_hash" value is a case sensitive string. This is REQUIRED if the JWT [RFC7519] state token is being produced by the AS and issued with a "access_token" in the authorization response.
      Parameters:
      atHash - The access token hash value
    • getcHash

      public String getcHash()
      Code hash value. Its value is the base64url encoding of the left-most half of the hash of the octets of the ASCII representation of the "code" value, where the hash algorithm used is the hash algorithm used in the "alg" header parameter of the State Token's JWS [RFC7515] header. For instance, if the "alg" is "HS512", hash the "code" value with SHA-512, then take the left-most 256 bits and base64url encode them. The "c_hash" value is a case sensitive string. This is REQUIRED if the JWT [RFC7519] state token is being produced by the AS and issued with a "code" in the authorization response.
      Returns:
      The code hash value
    • setcHash

      public void setcHash(String cHash)
      Code hash value. Its value is the base64url encoding of the left-most half of the hash of the octets of the ASCII representation of the "code" value, where the hash algorithm used is the hash algorithm used in the "alg" header parameter of the State Token's JWS [RFC7515] header. For instance, if the "alg" is "HS512", hash the "code" value with SHA-512, then take the left-most 256 bits and base64url encode them. The "c_hash" value is a case sensitive string. This is REQUIRED if the JWT [RFC7519] state token is being produced by the AS and issued with a "code" in the authorization response.
      Parameters:
      cHash - The code hash value
    • getAdditionalClaims

      public org.json.JSONObject getAdditionalClaims()
    • setAdditionalClaims

      public void setAdditionalClaims(org.json.JSONObject additionalClaims)
    • getEncodedJwt

      public String getEncodedJwt(org.json.JSONObject jwks) throws Exception
      Throws:
      Exception
    • getEncodedJwt

      public String getEncodedJwt() throws Exception
      Throws:
      Exception
    • headerToJSONObject

      protected org.json.JSONObject headerToJSONObject() throws io.jans.as.model.exception.InvalidJwtException
      Throws:
      io.jans.as.model.exception.InvalidJwtException
    • payloadToJSONObject

      protected org.json.JSONObject payloadToJSONObject() throws org.json.JSONException
      Throws:
      org.json.JSONException