Package uk.co.spudsoft.jwtvalidatorvertx

Interface JsonWebKeySetOpenIdDiscoveryHandler

All Superinterfaces:
JsonWebKeySetHandler, OpenIdDiscoveryHandler
All Known Implementing Classes:
JWKSOpenIdDiscoveryHandlerImpl
public interface JsonWebKeySetOpenIdDiscoveryHandler extends JsonWebKeySetHandler, OpenIdDiscoveryHandler
Perform OpenID Connect discovery as per openid-connect-discovery-1_0. It is not usually necessary to use this interface for anything other than the Factory method.
Author:
jtalbut

  • Method Details

    • create

      static JsonWebKeySetOpenIdDiscoveryHandler create(io.vertx.ext.web.client.WebClient webClient, Collection<String> acceptableIssuerRegexes, Duration defaultJwkCacheDuration)
      Construct an instance of the implementation class.
      Parameters:
      webClient - Vertx WebClient instance, so that the discovery handler can make asynchronous web requests.
      acceptableIssuerRegexes - Collection of regular expressions that any issues will be checked against.
      defaultJwkCacheDuration - Time to keep JWKs in cache if no cache-control: max-age header is found. It is vital for the security of any system using OpenID Connect Discovery that it is only used with trusted issuers (otherwise any key that has an RFC compliant discovery endpoint will be accepted). Equally the acceptable issuers must be accessed via https for the environment to offer any security, so it is strongly recommended that all regexes start 'https://' (this is not enforced in the code to make test setups easier).
      Returns:
      a newly created instance of the implementation class.

    • findJwk

      io.vertx.core.Future<JWK> findJwk(DiscoveryData discoveryData, String kid)
      Find a JWK using the jwks_uri value from the Discovery Data. The resulting JWK will be cached against the jwks_uri.
      Parameters:
      discoveryData - The Discovery Data that contains the jwks_uri.
      kid - The key ID being sought.
      Returns:
      A Future that will be completed with the JWK.