public class JsonWebSignature extends JsonWebToken
Sample usage:
public static void printPayload(JsonFactory jsonFactory, String tokenString) throws IOException { JsonWebSignature jws = JsonWebSignature.parse(jsonFactory, tokenString); System.out.println(jws.getPayload()); }
Implementation is not thread-safe.
Modifier and Type | Class and Description |
---|---|
static class |
JsonWebSignature.Header
Header as specified in
Reserved
Header Parameter Names.
|
static class |
JsonWebSignature.Parser
JWS parser.
|
JsonWebToken.Payload
Constructor and Description |
---|
JsonWebSignature(JsonWebSignature.Header header,
JsonWebToken.Payload payload,
byte[] signatureBytes,
byte[] signedContentBytes) |
Modifier and Type | Method and Description |
---|---|
JsonWebSignature.Header |
getHeader()
Returns the header.
|
byte[] |
getSignatureBytes()
Returns the bytes of the signature.
|
byte[] |
getSignedContentBytes()
Returns the bytes of the signature content.
|
static JsonWebSignature |
parse(JsonFactory jsonFactory,
String tokenString)
Parses the given JWS token string and returns the parsed
JsonWebSignature . |
static JsonWebSignature.Parser |
parser(JsonFactory jsonFactory)
Returns a new instance of a JWS parser.
|
static String |
signUsingRsaSha256(PrivateKey privateKey,
JsonFactory jsonFactory,
JsonWebSignature.Header header,
JsonWebToken.Payload payload)
Signs a given JWS header and payload based on the given private key using RSA and SHA-256 as
described in JWS using
RSA SHA-256.
|
X509Certificate |
verifySignature()
Beta Verifies the signature of the content using the certificate chain embedded in the signature. |
boolean |
verifySignature(PublicKey publicKey)
Verifies the signature of the content.
|
X509Certificate |
verifySignature(X509TrustManager trustManager)
Beta Verifies the signature of the content using the certificate chain embedded in the signature. |
getPayload, toString
public JsonWebSignature(JsonWebSignature.Header header, JsonWebToken.Payload payload, byte[] signatureBytes, byte[] signedContentBytes)
header
- headerpayload
- payloadsignatureBytes
- bytes of the signaturesignedContentBytes
- bytes of the signed contentpublic JsonWebSignature.Header getHeader()
JsonWebToken
Overriding is only supported for the purpose of calling the super implementation and changing the return type, but nothing else.
getHeader
in class JsonWebToken
public final boolean verifySignature(PublicKey publicKey) throws GeneralSecurityException
Currently only "RS256"
algorithm is verified, but others may be added in the future.
For any other algorithm it returns false
.
publicKey
- public keyGeneralSecurityException
@Beta public final X509Certificate verifySignature(X509TrustManager trustManager) throws GeneralSecurityException
Beta
Currently only "RS256"
algorithm is verified, but others may be added in the future.
For any other algorithm it returns null
.
The leaf certificate of the certificate chain must be an SSL server certificate.
trustManager
- trust manager used to verify the X509 certificate chain embedded in this
messageGeneralSecurityException
@Beta public final X509Certificate verifySignature() throws GeneralSecurityException
Beta
Currently only "RS256"
algorithm is verified, but others may be added in the future.
For any other algorithm it returns null
.
The certificate chain is verified using the system default trust manager.
The leaf certificate of the certificate chain must be an SSL server certificate.
GeneralSecurityException
public final byte[] getSignatureBytes()
public final byte[] getSignedContentBytes()
public static JsonWebSignature parse(JsonFactory jsonFactory, String tokenString) throws IOException
JsonWebSignature
.jsonFactory
- JSON factorytokenString
- JWS token stringIOException
public static JsonWebSignature.Parser parser(JsonFactory jsonFactory)
public static String signUsingRsaSha256(PrivateKey privateKey, JsonFactory jsonFactory, JsonWebSignature.Header header, JsonWebToken.Payload payload) throws GeneralSecurityException, IOException
privateKey
- private keyjsonFactory
- JSON factoryheader
- JWS headerpayload
- JWS payloadGeneralSecurityException
IOException
Copyright © 2011–2019 Google. All rights reserved.