Examples of com.nimbusds.jose.jwk.JWK

• com.nimbusds.jose.jwk.JWK
  The base abstract class for JSON Web Keys (JWKs). It serialises to a JSON object.

  The following JSON object members are common to all JWK types:

  • {@link #getKeyType kty} (required)
  • {@link #getKeyUse use} (optional)
  • {@link #getKeyOperations key_ops} (optional)
  • {@link #getKeyID kid} (optional)

  Example JWK (of the Elliptic Curve type):

   { "kty" : "EC", "crv" : "P-256", "x"   : "MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4", "y"   : "4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM", "use" : "enc", "kid" : "1" } 

  @author Vladimir Dzhuvinov @author Justin Richer @version $version$ (2014-04-02)

  private void buildEncryptersAndDecrypters() throws NoSuchAlgorithmException, InvalidKeySpecException, JOSEException {

    for (Map.Entry<String, JWK> jwkEntry : keys.entrySet()) {

      String id = jwkEntry.getKey();
      JWK jwk = jwkEntry.getValue();

      if (jwk instanceof RSAKey) {
        // build RSA encrypters and decrypters

        RSAEncrypter encrypter = new RSAEncrypter(((RSAKey) jwk).toRSAPublicKey()); // there should always at least be the public key
        encrypters.put(id, encrypter);

        if (jwk.isPrivate()) { // we can decrypt!
          RSADecrypter decrypter = new RSADecrypter(((RSAKey) jwk).toRSAPrivateKey());
          decrypters.put(id, decrypter);
        } else {
          logger.warn("No private key for key #" + jwk.getKeyID());
        }

        // TODO: add support for EC keys

      } else if (jwk instanceof OctetSequenceKey) {

  public Map<String, JWK> getAllPublicKeys() {
    Map<String, JWK> pubKeys = new HashMap<String, JWK>();

    // pull out all public keys
    for (String keyId : keys.keySet()) {
      JWK key = keys.get(keyId);
      JWK pub = key.toPublicJWK();
      if (pub != null) {
        pubKeys.put(keyId, pub);
      }
    }

   */
  private void buildSignersAndVerifiers() throws NoSuchAlgorithmException, InvalidKeySpecException {
    for (Map.Entry<String, JWK> jwkEntry : keys.entrySet()) {

      String id = jwkEntry.getKey();
      JWK jwk = jwkEntry.getValue();

      if (jwk instanceof RSAKey) {
        // build RSA signers & verifiers

        if (jwk.isPrivate()) { // only add the signer if there's a private key
          RSASSASigner signer = new RSASSASigner(((RSAKey) jwk).toRSAPrivateKey());
          signers.put(id, signer);
        }

        RSASSAVerifier verifier = new RSASSAVerifier(((RSAKey) jwk).toRSAPublicKey());
        verifiers.put(id, verifier);

      } else if (jwk instanceof ECKey) {
        // build EC signers & verifiers

        // TODO: add support for EC keys
        logger.warn("EC Keys are not yet supported.");

      } else if (jwk instanceof OctetSequenceKey) {
        // build HMAC signers & verifiers

        if (jwk.isPrivate()) { // technically redundant check because all HMAC keys are private
          MACSigner signer = new MACSigner(((OctetSequenceKey) jwk).toByteArray());
          signers.put(id, signer);
        }

        MACVerifier verifier = new MACVerifier(((OctetSequenceKey) jwk).toByteArray());

  public Map<String, JWK> getAllPublicKeys() {
    Map<String, JWK> pubKeys = new HashMap<String, JWK>();

    // pull all keys out of the verifiers if we know how
    for (String keyId : keys.keySet()) {
      JWK key = keys.get(keyId);
      JWK pub = key.toPublicJWK();
      if (pub != null) {
        pubKeys.put(keyId, pub);
      }
    }

    public JwtSigningAndValidationService load(String key) throws Exception {
      try {

        String id = "SYMMETRIC-KEY";

        JWK jwk = new OctetSequenceKey(Base64URL.encode(key), KeyUse.SIGNATURE, null, null, id, null, null, null);
        Map<String, JWK> keys = ImmutableMap.of(id, jwk);
        JwtSigningAndValidationService service = new DefaultJwtSigningAndValidationService(keys);

        return service;