Examples of com.nimbusds.jose.JWSHeader

• com.nimbusds.jose.JWSHeader
  JSON Web Signature (JWS) header.

  Supports all {@link #getRegisteredParameterNames registered headerparameters} of the JWS specification:

  • alg
  • jku
  • jwk
  • x5u
  • x5t
  • x5t#S256
  • x5c
  • kid
  • typ
  • cty
  • crit

  The header may also include {@link #getCustomParams customparameters}; these will be serialised and parsed along the registered ones.

  Example header of a JSON Web Signature (JWS) object using the {@link JWSAlgorithm#HS256 HMAC SHA-256 algorithm}:

   { "alg" : "HS256" } 

  @author Vladimir Dzhuvinov @version $version$ (2014-08-20)

        idToken = new PlainJWT(idClaims);

      } else {

        // signed ID token
        idToken = new SignedJWT(new JWSHeader(signingAlg), idClaims);

        if (signingAlg.equals(JWSAlgorithm.HS256)
            || signingAlg.equals(JWSAlgorithm.HS384)
            || signingAlg.equals(JWSAlgorithm.HS512)) {
          JwtSigningAndValidationService signer = symmetricCacheService.getSymmetricValidtor(client);

    claims.setIssueTime(new Date());
    claims.setExpirationTime(token.getExpiration());
    claims.setJWTID(UUID.randomUUID().toString()); // set a random NONCE in the middle of it

    JWSAlgorithm signingAlg = jwtService.getDefaultSigningAlgorithm();
    SignedJWT signed = new SignedJWT(new JWSHeader(signingAlg), claims);

    jwtService.signJwt(signed);

    token.setJwt(signed);

      claims.setClaim(option.getKey(), option.getValue());
    }



    SignedJWT jwt = new SignedJWT(new JWSHeader(signingAndValidationService.getDefaultSigningAlgorithm()), claims);

    signingAndValidationService.signJwt(jwt);

    try {
      URIBuilder uriBuilder = new URIBuilder(serverConfig.getAuthorizationEndpointUri());

        JWSAlgorithm signingAlg = jwtService.getDefaultSigningAlgorithm(); // default to the server's preference
        if (client.getUserInfoSignedResponseAlg() != null) {
          signingAlg = client.getUserInfoSignedResponseAlg(); // override with the client's preference if available
        }

        SignedJWT signed = new SignedJWT(new JWSHeader(signingAlg), claims);

        if (signingAlg.equals(JWSAlgorithm.HS256)
            || signingAlg.equals(JWSAlgorithm.HS384)
            || signingAlg.equals(JWSAlgorithm.HS512)) {

        Date now = new Date(System.currentTimeMillis());
        claimsSet.setIssueTime(now);
        claimsSet.setNotBeforeTime(now);

        SignedJWT jwt = new SignedJWT(new JWSHeader(alg), claimsSet);

        signer.signJwt(jwt, alg);

        form.add("client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer");
        form.add("client_assertion", jwt.serialize());

    claims.setJWTID(UUID.randomUUID().toString()); // set a random NONCE in the middle of it

    JWSAlgorithm signingAlg = jwtService.getDefaultSigningAlgorithm();

    SignedJWT signed = new SignedJWT(new JWSHeader(signingAlg), claims);

    jwtService.signJwt(signed);

    token.setJwt(signed);

    jwtClaims.setJWTID(UUID.randomUUID().toString());
    // jwtClaims.setCustomClaim("name", user.name);
    // jwtClaims.setCustomClaim("email", user.email);

    // Create JWS header with HS256 algorithm
    JWSHeader header = new JWSHeader(JWSAlgorithm.HS256);
    header.setContentType("text/plain");

    // Create JWS object
    JWSObject jwsObject = new JWSObject(header, new Payload(jwtClaims.toJSONObject()));

    // Create HMAC signer

  public void testPassMissingCritHeader() {

    CriticalHeaderParameterChecker checker = new CriticalHeaderParameterChecker();

    JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.RS256).keyID("1").build();

    assertTrue(checker.headerPasses(header));
  }

  public void testPassIgnoredCritParams() {

    CriticalHeaderParameterChecker checker = new CriticalHeaderParameterChecker();
    checker.getIgnoredCriticalHeaders().add("exp");

    JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.RS256).
      keyID("1").
      customParam("exp", "2014-04-24").
      criticalParams(new HashSet<>(Arrays.asList("exp"))).
      build();

  public void testReject() {

    CriticalHeaderParameterChecker checker = new CriticalHeaderParameterChecker();

    JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.RS256).
      keyID("1").
      customParam("exp", "2014-04-24").
      criticalParams(new HashSet<>(Arrays.asList("exp"))).
      build();