Class JwtIssuerJwks

java.lang.Object
io.confluent.security.authentication.oauthbearer.JwtIssuer
io.confluent.security.authentication.oauthbearer.JwtIssuerJwks
public final class JwtIssuerJwks extends JwtIssuer
JwtIssuer which fetches JsonWebKeySet from a trusted HTTPS endpoint.

  • Method Details

    • name

      public String name()
      JsonWebSignature Issuer name. This should be the URL of the Authorization Server though there may be some cases where its not.
      Specified by:
      name in class JwtIssuer
      Returns:
      JsonWebSignature Issuing authority.

    • audience

      public Set<String> audience()
      The recipient(s) for this token.
      Specified by:
      audience in class JwtIssuer
      Returns:
      audience claim value.

    • jwksUri

      public String jwksUri()
      HTTPS endpoint hosting this issuers JsonWebKeySet.
      Returns:
      JsonWebKeySet.

    • keyResolver

      public ConstrainedVerificationKeyResolver keyResolver(Collection<Constraint> constraints, io.confluent.security.util.SecurityContext context)
      Returns Signature Verification Key identified by HeaderParameterNames.JWK_SET_URL
      Specified by:
      keyResolver in class JwtIssuer
      Parameters:
      constraints - Collection of Constraint to be enforced.
      Returns:
      ConstrainedVerificationKeyResolver

    • createConsumer

      public org.jose4j.jwt.consumer.JwtConsumer createConsumer(Collection<Constraint> constraints, boolean requireSubjectClaim, io.confluent.security.util.SecurityContext context)
      Description copied from class: JwtIssuer
      Creates a new JwtConsumer to process incoming JsonWebSignatures.
      Overrides:
      createConsumer in class JwtIssuer
      Parameters:
      constraints - Custom collection of Constraint instances.
      Returns:
      JwtConsumer instance.

    • builder

      public static JwtIssuerJwks.Builder builder()