Package io.jans.as.client.model

Class JwtState

  • public class JwtState
extends java.lang.Object
    Version:
    November 20, 2018
    Author:
    Javier Rojas Blum

    • Constructor Summary

      Constructors 
      Constructor Description
      JwtState​(io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm keyEncryptionAlgorithm, io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm blockEncryptionAlgorithm, io.jans.as.model.crypto.AbstractCryptoProvider cryptoProvider)  
      JwtState​(io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm keyEncryptionAlgorithm, io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm blockEncryptionAlgorithm, java.lang.String sharedKey)  
      JwtState​(io.jans.as.model.crypto.signature.SignatureAlgorithm signatureAlgorithm, io.jans.as.model.crypto.AbstractCryptoProvider cryptoProvider)  
      JwtState​(io.jans.as.model.crypto.signature.SignatureAlgorithm signatureAlgorithm, java.lang.String sharedKey, io.jans.as.model.crypto.AbstractCryptoProvider cryptoProvider)  

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      org.json.JSONObject getAdditionalClaims()  
      java.lang.String getAs()
      String identifying the authorization server that this request was sent to.
      java.lang.String getAtHash()
      Access Token hash value.
      java.lang.String getAud()
      String identifying the client that this state value is intended for.
      io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm getBlockEncryptionAlgorithm()  
      java.lang.String getcHash()
      Code hash value.
      java.lang.String getEncodedJwt()  
      java.lang.String getEncodedJwt​(org.json.JSONObject jwks)  
      java.lang.String getExp()
      The expiration time claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing.
      java.lang.String getIat()
      Timestamp of when this Authorization Request was issued.
      java.lang.String getIss()
      String identifying the party that issued this state value.
      java.lang.String getJti()
      The "jti" (JWT ID) claim provides a unique identifier for the JWT.
      io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm getKeyEncryptionAlgorithm()  
      java.lang.String getKeyId()
      Identifier of the key used to sign this state token at the issuer.
      java.lang.String getRfp()
      String containing a verifiable identifier for the browser session, that cannot be guessed by a third party.
      io.jans.as.model.crypto.signature.SignatureAlgorithm getSignatureAlgorithm()  
      java.lang.String getTargetLinkUri()
      URI containing the location the user agent is to be redirected to after authorization.
      io.jans.as.model.jwt.JwtType getType()  
      protected org.json.JSONObject headerToJSONObject()  
      protected org.json.JSONObject payloadToJSONObject()  
      void setAdditionalClaims​(org.json.JSONObject additionalClaims)  
      void setAs​(java.lang.String as)
      String identifying the authorization server that this request was sent to.
      void setAtHash​(java.lang.String atHash)
      Access Token hash value.
      void setAud​(java.lang.String aud)
      String identifying the client that this state value is intended for.
      void setBlockEncryptionAlgorithm​(io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm blockEncryptionAlgorithm)  
      void setcHash​(java.lang.String cHash)
      Code hash value.
      void setExp​(java.lang.String exp)
      The expiration time claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing.
      void setIat​(java.lang.String iat)
      Timestamp of when this Authorization Request was issued.
      void setIss​(java.lang.String iss)
      String identifying the party that issued this state value.
      void setJti​(java.lang.String jti)
      The "jti" (JWT ID) claim provides a unique identifier for the JWT.
      void setKeyEncryptionAlgorithm​(io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm keyEncryptionAlgorithm)  
      void setKeyId​(java.lang.String keyId)
      Identifier of the key used to sign this state token at the issuer.
      void setRfp​(java.lang.String rfp)
      String containing a verifiable identifier for the browser session, that cannot be guessed by a third party.
      void setSignatureAlgorithm​(io.jans.as.model.crypto.signature.SignatureAlgorithm signatureAlgorithm)  
      void setTargetLinkUri​(java.lang.String targetLinkUri)
      URI containing the location the user agent is to be redirected to after authorization.
      void setType​(io.jans.as.model.jwt.JwtType type)  

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • JwtState

        public JwtState​(io.jans.as.model.crypto.signature.SignatureAlgorithm signatureAlgorithm,
                io.jans.as.model.crypto.AbstractCryptoProvider cryptoProvider)

      • JwtState

        public JwtState​(io.jans.as.model.crypto.signature.SignatureAlgorithm signatureAlgorithm,
                java.lang.String sharedKey,
                io.jans.as.model.crypto.AbstractCryptoProvider cryptoProvider)

      • JwtState

        public JwtState​(io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm keyEncryptionAlgorithm,
                io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm blockEncryptionAlgorithm,
                io.jans.as.model.crypto.AbstractCryptoProvider cryptoProvider)

      • JwtState

        public JwtState​(io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm keyEncryptionAlgorithm,
                io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm blockEncryptionAlgorithm,
                java.lang.String sharedKey)

    • Method Detail

      • getType

        public io.jans.as.model.jwt.JwtType getType()

      • setType

        public void setType​(io.jans.as.model.jwt.JwtType type)

      • getSignatureAlgorithm

        public io.jans.as.model.crypto.signature.SignatureAlgorithm getSignatureAlgorithm()

      • setSignatureAlgorithm

        public void setSignatureAlgorithm​(io.jans.as.model.crypto.signature.SignatureAlgorithm signatureAlgorithm)

      • getKeyEncryptionAlgorithm

        public io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm getKeyEncryptionAlgorithm()

      • setKeyEncryptionAlgorithm

        public void setKeyEncryptionAlgorithm​(io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm keyEncryptionAlgorithm)

      • getBlockEncryptionAlgorithm

        public io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm getBlockEncryptionAlgorithm()

      • setBlockEncryptionAlgorithm

        public void setBlockEncryptionAlgorithm​(io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm blockEncryptionAlgorithm)

      • getKeyId

        public java.lang.String getKeyId()
        Identifier of the key used to sign this state token at the issuer. Identifier of the key used to encrypt this JWT state token at the issuer.
        Returns:
        The key identifier

      • setKeyId

        public void setKeyId​(java.lang.String keyId)
        Identifier of the key used to sign this state token at the issuer. Identifier of the key used to encrypt this JWT state token at the issuer.
        Parameters:
        keyId - The key identifier

      • getRfp

        public java.lang.String getRfp()
        String containing a verifiable identifier for the browser session, that cannot be guessed by a third party. The verification of this element by the client protects it from accepting authorization responses generated in response to forged requests generated by third parties.
        Returns:
        The Request Forgery Protection value

      • setRfp

        public void setRfp​(java.lang.String rfp)
        String containing a verifiable identifier for the browser session, that cannot be guessed by a third party. The verification of this element by the client protects it from accepting authorization responses generated in response to forged requests generated by third parties.
        Parameters:
        rfp - The Request Forgery Protection value

      • getIat

        public java.lang.String getIat()
        Timestamp of when this Authorization Request was issued.
        Returns:
        The Issued at value

      • setIat

        public void setIat​(java.lang.String iat)
        Timestamp of when this Authorization Request was issued.
        Parameters:
        iat - The Issued at value

      • getExp

        public java.lang.String getExp()
        The expiration time claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing. The processing of the "exp" claim requires that the current date/time MUST be before the expiration date/time listed in the "exp" claim. Implementers MAY provide for some small leeway, usually no more than a few minutes, to account for clock skew. Its value MUST be a number containing an IntDate value.
        Returns:
        The expiration time value

      • setExp

        public void setExp​(java.lang.String exp)
        The expiration time claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing. The processing of the "exp" claim requires that the current date/time MUST be before the expiration date/time listed in the "exp" claim. Implementers MAY provide for some small leeway, usually no more than a few minutes, to account for clock skew. Its value MUST be a number containing an IntDate value.
        Parameters:
        exp - The expiration time value

      • getIss

        public java.lang.String getIss()
        String identifying the party that issued this state value.
        Returns:
        The issuer value

      • setIss

        public void setIss​(java.lang.String iss)
        String identifying the party that issued this state value.
        Parameters:
        iss - The issuer value

      • getAud

        public java.lang.String getAud()
        String identifying the client that this state value is intended for.
        Returns:
        The audience

      • setAud

        public void setAud​(java.lang.String aud)
        String identifying the client that this state value is intended for.
        Parameters:
        aud - The audience

      • getTargetLinkUri

        public java.lang.String getTargetLinkUri()
        URI containing the location the user agent is to be redirected to after authorization.
        Returns:
        The target link URI

      • setTargetLinkUri

        public void setTargetLinkUri​(java.lang.String targetLinkUri)
        URI containing the location the user agent is to be redirected to after authorization.
        Parameters:
        targetLinkUri - The target link URI

      • getAs

        public java.lang.String getAs()
        String identifying the authorization server that this request was sent to.
        Returns:
        The authorization server

      • setAs

        public void setAs​(java.lang.String as)
        String identifying the authorization server that this request was sent to.
        Parameters:
        as - The authorization server

      • getJti

        public java.lang.String getJti()
        The "jti" (JWT ID) claim provides a unique identifier for the JWT. The identifier value MUST be assigned in a manner that ensures that there is a negligible probability that the same value will be accidentally assigned to a different data object. The "jti" claim can be used to prevent the JWT from being replayed. The "jti" value is a case-sensitive string.
        Returns:
        The JWT ID

      • setJti

        public void setJti​(java.lang.String jti)
        The "jti" (JWT ID) claim provides a unique identifier for the JWT. The identifier value MUST be assigned in a manner that ensures that there is a negligible probability that the same value will be accidentally assigned to a different data object. The "jti" claim can be used to prevent the JWT from being replayed. The "jti" value is a case-sensitive string.
        Parameters:
        jti - The JWT ID

      • getAtHash

        public java.lang.String getAtHash()
        Access Token hash value. Its value is the base64url encoding of the left-most half of the hash of the octets of the ASCII representation of the "access_token" value, where the hash algorithm used is the hash algorithm used in the "alg" parameter of the State Token's JWS header. For instance, if the "alg" is "RS256", hash the "access_token" value with SHA-256, then take the left-most 128 bits and base64url encode them. The "at_hash" value is a case sensitive string. This is REQUIRED if the JWT [RFC7519] state token is being produced by the AS and issued with a "access_token" in the authorization response.
        Returns:
        The access token hash value

      • setAtHash

        public void setAtHash​(java.lang.String atHash)
        Access Token hash value. Its value is the base64url encoding of the left-most half of the hash of the octets of the ASCII representation of the "access_token" value, where the hash algorithm used is the hash algorithm used in the "alg" parameter of the State Token's JWS header. For instance, if the "alg" is "RS256", hash the "access_token" value with SHA-256, then take the left-most 128 bits and base64url encode them. The "at_hash" value is a case sensitive string. This is REQUIRED if the JWT [RFC7519] state token is being produced by the AS and issued with a "access_token" in the authorization response.
        Parameters:
        atHash - The access token hash value

      • getcHash

        public java.lang.String getcHash()
        Code hash value. Its value is the base64url encoding of the left-most half of the hash of the octets of the ASCII representation of the "code" value, where the hash algorithm used is the hash algorithm used in the "alg" header parameter of the State Token's JWS [RFC7515] header. For instance, if the "alg" is "HS512", hash the "code" value with SHA-512, then take the left-most 256 bits and base64url encode them. The "c_hash" value is a case sensitive string. This is REQUIRED if the JWT [RFC7519] state token is being produced by the AS and issued with a "code" in the authorization response.
        Returns:
        The code hash value

      • setcHash

        public void setcHash​(java.lang.String cHash)
        Code hash value. Its value is the base64url encoding of the left-most half of the hash of the octets of the ASCII representation of the "code" value, where the hash algorithm used is the hash algorithm used in the "alg" header parameter of the State Token's JWS [RFC7515] header. For instance, if the "alg" is "HS512", hash the "code" value with SHA-512, then take the left-most 256 bits and base64url encode them. The "c_hash" value is a case sensitive string. This is REQUIRED if the JWT [RFC7519] state token is being produced by the AS and issued with a "code" in the authorization response.
        Parameters:
        cHash - The code hash value

      • getAdditionalClaims

        public org.json.JSONObject getAdditionalClaims()

      • setAdditionalClaims

        public void setAdditionalClaims​(org.json.JSONObject additionalClaims)

      • getEncodedJwt

        public java.lang.String getEncodedJwt​(org.json.JSONObject jwks)
                               throws java.lang.Exception
        Throws:
        java.lang.Exception

      • getEncodedJwt

        public java.lang.String getEncodedJwt()
                               throws java.lang.Exception
        Throws:
        java.lang.Exception

      • headerToJSONObject

        protected org.json.JSONObject headerToJSONObject()
                                          throws io.jans.as.model.exception.InvalidJwtException
        Throws:
        io.jans.as.model.exception.InvalidJwtException

      • payloadToJSONObject

        protected org.json.JSONObject payloadToJSONObject()
                                           throws org.json.JSONException
        Throws:
        org.json.JSONException