Class AlgorithmWhitelist

java.lang.Object

io.confluent.security.authentication.oauthbearer.AlgorithmWhitelist

All Implemented Interfaces:

Constraint

public final class AlgorithmWhitelist
extends Object
implements Constraint

Constraint restricts signature verification to a specific set of SignatureAlgorithms.

Constructor Summary

Constructors

Constructor	Description
AlgorithmWhitelist(Set<SignatureAlgorithm> algorithmWhitelist)

Method Summary

Modifier and Type	Method	Description
void	validate(org.jose4j.jws.JsonWebSignature jws)	Ensures JWS was signed using a whitelisted signature algorithm.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

AlgorithmWhitelist

public AlgorithmWhitelist(Set<SignatureAlgorithm> algorithmWhitelist)

Method Details

validate

public void validate(org.jose4j.jws.JsonWebSignature jws)
              throws KeyConstraintException

Ensures JWS was signed using a whitelisted signature algorithm.

Specified by:

validate in interface Constraint

Parameters:

jws - token to be verified.

Throws:

KeyConstraintException - if was signed with an algorithm which was not whitelisted.