Class DefaultClientSecretCredential
- java.lang.Object
-
- net.shibboleth.oidc.security.credential.DefaultClientSecretCredential
-
- All Implemented Interfaces:
ClientSecretCredential
@ThreadSafe public class DefaultClientSecretCredential extends Object implements ClientSecretCredential
A basic implementation ofClientSecretCredential.- Since:
- 2.2.0
-
-
Field Summary
Fields Modifier and Type Field Description private byte[]clientSecretThe client_secret.private static StringDEFAULT_SECRET_KEY_NAMEDefault client_secret keyname.private StringsecretKeyNameThe chosen client_secret keyname.
-
Constructor Summary
Constructors Constructor Description DefaultClientSecretCredential(String secret)Constructor.DefaultClientSecretCredential(String secret, String keyName)Constructor.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description StringgetSecret()Get the client_secret as a UTF-8 encoded String.byte[]getSecretAsBytes()Get the client_secret as UTF-8 bytes.JWKCredentialtoEncryptionCredential(com.nimbusds.jose.JWEAlgorithm alg, com.nimbusds.jose.EncryptionMethod enc)Create a symmetric encryption key derived from the client_secret and compatible with the key management mode and encryption algorithm specified.JWKCredentialtoSigningCredential()Create a MAC singing key from the client_secret.
-
-
-
Field Detail
-
DEFAULT_SECRET_KEY_NAME
@Nonnull private static final String DEFAULT_SECRET_KEY_NAME
Default client_secret keyname.- See Also:
- Constant Field Values
-
clientSecret
@Nonnull private final byte[] clientSecret
The client_secret.
-
-
Constructor Detail
-
DefaultClientSecretCredential
public DefaultClientSecretCredential(@Nonnull String secret)Constructor.- Parameters:
secret- the client_secret
-
DefaultClientSecretCredential
public DefaultClientSecretCredential(@Nonnull String secret, @Nonnull String keyName)Constructor.- Parameters:
secret- the client_secretkeyName- the keyname to use when creating aJWKCredential
-
-
Method Detail
-
getSecret
@Nonnull public String getSecret()
Description copied from interface:ClientSecretCredentialGet the client_secret as a UTF-8 encoded String.- Specified by:
getSecretin interfaceClientSecretCredential- Returns:
- The client_secret.
-
getSecretAsBytes
@NotLive @Nonnull public byte[] getSecretAsBytes()
Description copied from interface:ClientSecretCredentialGet the client_secret as UTF-8 bytes.- Specified by:
getSecretAsBytesin interfaceClientSecretCredential- Returns:
- the client_secret in bytes
-
toSigningCredential
@Nonnull public JWKCredential toSigningCredential()
Description copied from interface:ClientSecretCredentialCreate a MAC singing key from the client_secret. The MAC key used is the octets of the UTF-8 representation of the client_secret value.- Specified by:
toSigningCredentialin interfaceClientSecretCredential- Returns:
- a MAC signing key
-
toEncryptionCredential
public JWKCredential toEncryptionCredential(com.nimbusds.jose.JWEAlgorithm alg, com.nimbusds.jose.EncryptionMethod enc) throws com.nimbusds.jose.JOSEException
Description copied from interface:ClientSecretCredentialCreate a symmetric encryption key derived from the client_secret and compatible with the key management mode and encryption algorithm specified.- Specified by:
toEncryptionCredentialin interfaceClientSecretCredential- Parameters:
alg- the key management modeenc- the encryption algorithm- Returns:
- a JWKCredential compatible with the 'alg' and 'enc' input
- Throws:
com.nimbusds.jose.JOSEException- if a key can not be derived
-
-