Interface ClientSecretCredential
-
- All Known Implementing Classes:
DefaultClientSecretCredential
public interface ClientSecretCredentialCredential wrapping a client_secret. Contains methods to convert the client_secret into suitable keys used for signing and encryption.Note, despite its name, this is not an opensaml
Credentialtype.- Since:
- 2.2.0
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description StringgetSecret()Get the client_secret as a UTF-8 encoded String.byte[]getSecretAsBytes()Get the client_secret as UTF-8 bytes.JWKCredentialtoEncryptionCredential(com.nimbusds.jose.JWEAlgorithm alg, com.nimbusds.jose.EncryptionMethod enc)Create a symmetric encryption key derived from the client_secret and compatible with the key management mode and encryption algorithm specified.JWKCredentialtoSigningCredential()Create a MAC singing key from the client_secret.
-
-
-
Method Detail
-
getSecret
@Nonnull @NotEmpty String getSecret()
Get the client_secret as a UTF-8 encoded String.- Returns:
- The client_secret.
-
getSecretAsBytes
@Nonnull byte[] getSecretAsBytes()
Get the client_secret as UTF-8 bytes.- Returns:
- the client_secret in bytes
-
toSigningCredential
@Nonnull JWKCredential toSigningCredential()
Create a MAC singing key from the client_secret. The MAC key used is the octets of the UTF-8 representation of the client_secret value.- Returns:
- a MAC signing key
-
toEncryptionCredential
@Nonnull JWKCredential toEncryptionCredential(@Nonnull com.nimbusds.jose.JWEAlgorithm alg, @Nonnull com.nimbusds.jose.EncryptionMethod enc) throws com.nimbusds.jose.JOSEException
Create a symmetric encryption key derived from the client_secret and compatible with the key management mode and encryption algorithm specified.- Parameters:
alg- the key management modeenc- the encryption algorithm- Returns:
- a JWKCredential compatible with the 'alg' and 'enc' input
- Throws:
com.nimbusds.jose.JOSEException- if a key can not be derived
-
-