Package net.shibboleth.oidc.security

Class CredentialConversionUtil

java.lang.Object

net.shibboleth.oidc.security.CredentialConversionUtil

public final class CredentialConversionUtil
extends Object

Generic tool methods related to converting Credential to JWK.

Constructor Summary

Constructors

Modifier	Constructor	Description
private	CredentialConversionUtil()	Private constructor.

Method Summary

Modifier and Type	Method	Description
static JWKCredential	copySymmetricCredentialWithNewSecret(JWKCredential credential, String newKid, SecretKey derivedKey)	Create a shallow copy of the input credential, replacing the secrete key and keyID with those supplied.
static com.nimbusds.jose.jwk.JWK	credentialToKey(Credential credential)	Converts credential to JWK with only *public* components.
static UsageType	getUsageType(com.nimbusds.jose.jwk.JWK jwk)	Converts JWK key usage type to OpenSAML usage type.
static Credential	keyToCredential(com.nimbusds.jose.jwk.JWK key)	Converts a JWK to an internal Credential.
static com.nimbusds.jose.jwk.KeyUse	resolveKeyUse(Credential credential)	Resolves KeyUse parameter from credential.
static String	resolveKid(Credential credential)	Resolves kid from key name.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CredentialConversionUtil

private CredentialConversionUtil()

Private constructor.

Method Detail

resolveKid

public static String resolveKid(@Nonnull
                                Credential credential)

Resolves kid from key name. If there is no key name and the credential is JWK, the kid is read from JWK.

Parameters:

credential - input key names

Returns:

key names or null if not found

resolveKeyUse

public static com.nimbusds.jose.jwk.KeyUse resolveKeyUse(Credential credential)

Resolves KeyUse parameter from credential.

Parameters:

credential - credential to resolve KeyUse of

Returns:

KeyUse of credential

credentialToKey

public static com.nimbusds.jose.jwk.JWK credentialToKey(Credential credential)

Converts credential to JWK with only *public* components. Only RSA and EC keys supported.

Parameters:

credential - to convert.

Returns:

credential as JWK.

copySymmetricCredentialWithNewSecret

public static JWKCredential copySymmetricCredentialWithNewSecret(JWKCredential credential,
                                                                 String newKid,
                                                                 SecretKey derivedKey)

Create a shallow copy of the input credential, replacing the secrete key and keyID with those supplied. Only supports symmetric keys.

Parameters:

credential - the credential to copy and replace the secret key

newKid - the new keyID to use

derivedKey - the secret key to use

Returns:

the copied credential with the supplied secret key

keyToCredential

@Nullable
public static Credential keyToCredential(@Nullable
                                         com.nimbusds.jose.jwk.JWK key)
                                  throws com.nimbusds.jose.JOSEException

Converts a JWK to an internal Credential. Only RSA and EC keys supported.

Parameters:

key - to convert.

Returns:

credential as Credential.

Throws:

com.nimbusds.jose.JOSEException - on error converting the key

getUsageType

public static UsageType getUsageType(@Nonnull
                                     com.nimbusds.jose.jwk.JWK jwk)

Converts JWK key usage type to OpenSAML usage type.

Parameters:

jwk - containing usage type. Must not be null.

Returns:

usage type.