本文整理了Java中com.nimbusds.jose.jwk.JWK.getKeyID()方法的一些代码示例,展示了JWK.getKeyID()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。JWK.getKeyID()方法的具体详情如下:
包路径:com.nimbusds.jose.jwk.JWK
类名称:JWK
方法名:getKeyID
[英]Gets the ID ( kid) of this JWK. The key ID can be used to match a specific key. This can be used, for instance, to choose a key within a JWKSet during key rollover. The key ID may also correspond to a JWS/JWE kid header parameter value.
[中]获取此JWK的ID(kid)。密钥ID可用于匹配特定密钥。例如,在关键点滚动期间,可以使用此选项在JWKSet内选择关键点。密钥ID也可能对应于JWS/JWE kid头参数值。
代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server
/*** Build this service based on the given keystore. All keys must have a key* id ({@code kid}) field in order to be used.** @param keyStore* @throws NoSuchAlgorithmException* @throws InvalidKeySpecException* @throws JOSEException*/public DefaultJWTEncryptionAndDecryptionService(JWKSetKeyStore keyStore) throws NoSuchAlgorithmException, InvalidKeySpecException, JOSEException {// convert all keys in the keystore to a map based on key idfor (JWK key : keyStore.getKeys()) {if (!Strings.isNullOrEmpty(key.getKeyID())) {this.keys.put(key.getKeyID(), key);} else {throw new IllegalArgumentException("Tried to load a key from a keystore without a 'kid' field: " + key);}}buildEncryptersAndDecrypters();}
代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server
/*** Build this service based on the given keystore. All keys must have a key* id ({@code kid}) field in order to be used.** @param keyStore* the keystore to load all keys from** @throws InvalidKeySpecException* If the keys in the JWKs are not valid* @throws NoSuchAlgorithmException* If there is no appropriate algorithm to tie the keys to.*/public DefaultJWTSigningAndValidationService(JWKSetKeyStore keyStore) throws NoSuchAlgorithmException, InvalidKeySpecException {// convert all keys in the keystore to a map based on key idif (keyStore!= null && keyStore.getJwkSet() != null) {for (JWK key : keyStore.getKeys()) {if (!Strings.isNullOrEmpty(key.getKeyID())) {// use the key ID that's built into the key itselfthis.keys.put(key.getKeyID(), key);} else {// create a random key idString fakeKid = UUID.randomUUID().toString();this.keys.put(fakeKid, key);}}}buildSignersAndVerifiers();}
代码示例来源:origin: spring-projects/spring-security
@Testpublic void getWhenNoMatchAndKeyIdNotMatchThenRefreshAndFoundThenFound() {this.server.enqueue(new MockResponse().setBody(this.keys2));when(this.matcher.matches(any())).thenReturn(false, false, true);when(this.matcher.getKeyIDs()).thenReturn(Collections.singleton("rotated"));List<JWK> keys = this.source.get(this.selector).block();assertThat(keys).hasSize(1);assertThat(keys.get(0).getKeyID()).isEqualTo("rotated");}
代码示例来源:origin: spring-projects/spring-security
@Testpublic void getWhenMatchThenCreatesKeys() {when(this.matcher.matches(any())).thenReturn(true);List<JWK> keys = this.source.get(this.selector).block();assertThat(keys).hasSize(2);JWK key1 = keys.get(0);assertThat(key1.getKeyID()).isEqualTo("1923397381d9574bb873202a90c32b7ceeaed027");assertThat(key1.getAlgorithm().getName()).isEqualTo("RS256");assertThat(key1.getKeyType()).isEqualTo(KeyType.RSA);assertThat(key1.getKeyUse()).isEqualTo(KeyUse.SIGNATURE);JWK key2 = keys.get(1);assertThat(key2.getKeyID()).isEqualTo("7ddf54d3032d1f0d48c3618892ca74c1ac30ad77");assertThat(key2.getAlgorithm().getName()).isEqualTo("RS256");assertThat(key2.getKeyType()).isEqualTo(KeyType.RSA);assertThat(key2.getKeyUse()).isEqualTo(KeyUse.SIGNATURE);}
代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server
decrypters.put(id, decrypter);} else {logger.warn("No private key for key #" + jwk.getKeyID());decrypters.put(id, decrypter);} else {logger.warn("No private key for key # " + jwk.getKeyID());
代码示例来源:origin: GoogleCloudPlatform/java-docs-samples
private ECPublicKey getKey(String kid, String alg) throws Exception {JWK jwk = keyCache.get(kid);if (jwk == null) {// update cache loading jwk public key data from urlJWKSet jwkSet = JWKSet.load(new URL(PUBLIC_KEY_VERIFICATION_URL));for (JWK key : jwkSet.getKeys()) {keyCache.put(key.getKeyID(), key);}jwk = keyCache.get(kid);}// confirm that algorithm matchesif (jwk != null && jwk.getAlgorithm().getName().equals(alg)) {return ECKey.parse(jwk.toJSONString()).toECPublicKey();}return null;}
代码示例来源:origin: de.adorsys.sts/sts-crypto-utils
private KeyAndJwk get(String keyID){if(keyID==null) return null;KeyAndJwk keyAndJwk = keyMap.get(keyID);if(keyAndJwk==null) return null;if(!keyID.equalsIgnoreCase(keyAndJwk.jwk.getKeyID()))return null;return keyAndJwk;}
代码示例来源:origin: de.adorsys.cryptoutils/jjwk
private KeyAndJwk get(String keyID){if(keyID==null) return null;KeyAndJwk keyAndJwk = keyMap.get(keyID);if(keyAndJwk==null) return null;if(!keyID.equalsIgnoreCase(keyAndJwk.jwk.getKeyID()))return null;return keyAndJwk;}
代码示例来源:origin: com.nimbusds/nimbus-jose-jwt
/*** Gets the key from this JSON Web Key (JWK) set as identified by its* Key ID (kid) member.** <p>If more than one key exists in the JWK Set with the same* identifier, this function returns only the first one in the set.** @param kid They key identifier.** @return The key identified by {@code kid} or {@code null} if no key* exists.*/public JWK getKeyByKeyId(String kid) {for (JWK key : getKeys()) {if (key.getKeyID() != null && key.getKeyID().equals(kid)) {return key;}}// no key foundreturn null;}
代码示例来源:origin: de.adorsys.sts/sts-keymanagement
private JWKSet getFilteredPrivateKeys(Predicate<StsKeyEntry> predicate) {if(repository.exists()) {StsKeyStore keyStore = repository.load();ServerKeysHolder exportedKeys = keyConversionService.export(keyStore.getKeyStore());Map<String, StsKeyEntry> keyEntries = keyStore.getKeyEntries();List<String> filteredKeyAliases = keyEntries.values().stream().filter(predicate).map(StsKeyEntry::getAlias).collect(Collectors.toList());List<JWK> filteredKeys = exportedKeys.getPrivateKeySet().getKeys().stream().filter(k -> filteredKeyAliases.contains(k.getKeyID())).collect(Collectors.toList());return new JWKSet(filteredKeys);} else {return EMPTY_JWK_SET;}}
代码示例来源:origin: de.adorsys.cryptoutils/jjwk
public ServerKeyMap(JWKSet jwkSet){List<JWK> keys = jwkSet.getKeys();for (JWK jwk : keys) {if (jwk instanceof AssymetricJWK) {Key key = KeyConverter.toPrivateOrSecret(jwk);if(key!=null && jwk.getKeyID()!=null){KeyAndJwk keyAndJwk = new KeyAndJwk(key, jwk);keyMap.put(jwk.getKeyID(), keyAndJwk);if(KeyUse.SIGNATURE.equals(jwk.getKeyUse())){signKeyList.add(keyAndJwk);} else if (KeyUse.ENCRYPTION.equals(jwk.getKeyUse())){encKeyList.add(keyAndJwk);}}} else if (jwk instanceof SecretJWK) {Key key = KeyConverter.toPrivateOrSecret(jwk);if(key!=null && jwk.getKeyID()!=null){KeyAndJwk keyAndJwk = new KeyAndJwk(key, jwk);keyMap.put(jwk.getKeyID(), keyAndJwk);secretKeyList.add(keyAndJwk);}}}}
代码示例来源:origin: de.adorsys.sts/sts-crypto-utils
public StsServerKeyMap(JWKSet jwkSet) {List<JWK> keys = jwkSet.getKeys();for (JWK jwk : keys) {if (jwk instanceof RSAKey) {Key key = KeyConverter.toPrivateOrSecret(jwk);if(key!=null && jwk.getKeyID()!=null){KeyAndJwk keyAndJwk = new KeyAndJwk(key, jwk);keyMap.put(jwk.getKeyID(), keyAndJwk);if(KeyUse.SIGNATURE.equals(jwk.getKeyUse())){signKeyList.add(keyAndJwk);} else if (KeyUse.ENCRYPTION.equals(jwk.getKeyUse())){encKeyList.add(keyAndJwk);}}} else if (jwk instanceof SecretJWK) {Key key = KeyConverter.toPrivateOrSecret(jwk);if(key!=null && jwk.getKeyID()!=null){KeyAndJwk keyAndJwk = new KeyAndJwk(key, jwk);keyMap.put(jwk.getKeyID(), keyAndJwk);secretKeyList.add(keyAndJwk);}}}}
代码示例来源:origin: de.adorsys.sts/sts-keymanagement
@Overridepublic JWKSet getPublicKeys() {if(repository.exists()) {StsKeyStore keyStore = repository.load();ServerKeysHolder exportedKeys = keyConversionService.export(keyStore.getKeyStore());Map<String, StsKeyEntry> keyEntries = keyStore.getKeyEntries();List<String> filteredKeyAliases = keyEntries.values().stream().filter(this::hasUsablePublicKey).map(StsKeyEntry::getAlias).collect(Collectors.toList());List<JWK> filteredKeys = exportedKeys.getPublicKeySet().getKeys().stream().filter(k -> filteredKeyAliases.contains(k.getKeyID())).collect(Collectors.toList());return new JWKSet(filteredKeys);} else {return EMPTY_JWK_SET;}}
代码示例来源:origin: org.wso2.carbon.apimgt/org.wso2.carbon.apimgt.hostobjects.oidc
if (jwkKey != null && jwkKey.getKeyID() != null) {String id = jwkKey.getKeyID();verifiers.put(id, verifier);
代码示例来源:origin: de.adorsys.cryptoutils/jjwk
public static List<JWK> selectKeypairs(JWKSet exportKeys){JWKSet publicJWKSet = exportKeys.toPublicJWKSet();List<JWK> keys = publicJWKSet.getKeys();if(keys==null || keys.isEmpty()) return keys;Set<String> keyIds = new HashSet<>();for (JWK jwk : keys) {keyIds.add(jwk.getKeyID());}JWKMatcher keyPairs = new JWKMatcher.Builder().keyIDs(keyIds).build();return new JWKSelector(keyPairs).select(exportKeys);}
代码示例来源:origin: de.adorsys.cryptoutils/jjwk
boolean change = false;for (JWK jwk : keys) {String keyID = jwk.getKeyID();Base64URL thumbprint = jwk.computeThumbprint();String expectedKeyId = thumbprint.toString().toLowerCase();
代码示例来源:origin: de.adorsys.sts/sts-resource-server
private JWEHeader getHeader(JWK jwk) throws JOSEException {JWEHeader header;if (jwk instanceof RSAKey) {header = new JWEHeader(JWEAlgorithm.RSA_OAEP, EncryptionMethod.A128GCM);} else if (jwk instanceof ECKey) {header = new JWEHeader(JWEAlgorithm.ECDH_ES_A128KW, EncryptionMethod.A192GCM);} else {return null;}return new JWEHeader.Builder(header).keyID(jwk.getKeyID()).build();}}
代码示例来源:origin: de.adorsys.cryptoutils/encobject
/**** @param keystorePersistence* @param keyStoreAccess Muss nur das ReadStorePassword enthalten. ReadKeyPassword darf null sein* @return*/public static KeySourceAndKeyID getForPublicKey(KeystorePersistence keystorePersistence, KeyStoreAccess keyStoreAccess) {LOGGER.debug("get keysource for public key of " + keyStoreAccess.getKeyStorePath());KeyStore userKeystore = keystorePersistence.loadKeystore(keyStoreAccess.getKeyStorePath().getObjectHandle(), keyStoreAccess.getKeyStoreAuth().getReadStoreHandler());JWKSet exportKeys = load(userKeystore, null);LOGGER.debug("number of public keys found:" + exportKeys.getKeys().size());List<JWK> encKeys = selectEncKeys(exportKeys);if (encKeys.isEmpty()) {throw new AsymmetricEncryptionException("did not find any public keys in keystore " + keyStoreAccess.getKeyStorePath());}JWK randomKey = JwkExport.randomKey(encKeys);KeyID keyID = new KeyID(randomKey.getKeyID());KeySource keySource = new KeyStoreBasedPublicKeySourceImpl(exportKeys);return new KeySourceAndKeyID(keySource, keyID);}
代码示例来源:origin: gravitee-io/graviteeio-access-management
jwk.setAlg(nimbusJwk.getAlgorithm().getName());if (nimbusJwk.getKeyID() != null) {jwk.setKid(nimbusJwk.getKeyID());
代码示例来源:origin: de.adorsys.cryptoutils/encobject
/**** @param keystorePersistence* @param keyStoreAccess bei Passworte muessen gesetzt sein* @return*/public static KeySourceAndKeyID getForSecretKey(KeystorePersistence keystorePersistence, KeyStoreAccess keyStoreAccess) {LOGGER.debug("get keysource for secret key of " + keyStoreAccess.getKeyStorePath());// KeyStore ladenKeyStore userKeystore = keystorePersistence.loadKeystore(keyStoreAccess.getKeyStorePath().getObjectHandle(), keyStoreAccess.getKeyStoreAuth().getReadStoreHandler());KeySource keySource = new KeyStoreBasedSecretKeySourceImpl(userKeystore, keyStoreAccess.getKeyStoreAuth().getReadKeyHandler());// Willkürlich einen SecretKey aus dem KeyStore nehmen für die Verschlüsselung des GuardsJWKSet jwkSet = JwkExport.exportKeys(userKeystore, keyStoreAccess.getKeyStoreAuth().getReadKeyHandler());if (jwkSet.getKeys().isEmpty()) {throw new SymmetricEncryptionException("did not find any secret keys in keystore with id: " + keyStoreAccess.getKeyStorePath());}ServerKeyMap serverKeyMap = new ServerKeyMap(jwkSet);KeyAndJwk randomSecretKey = serverKeyMap.randomSecretKey();KeyID keyID = new KeyID(randomSecretKey.jwk.getKeyID());return new KeySourceAndKeyID(keySource, keyID);}
内容来源于网络,如有侵权,请联系作者删除!