org.apache.cxf.rs.security.jose.common

Class JoseConstants

java.lang.Object

org.apache.cxf.rt.security.rs.RSSecurityConstants

org.apache.cxf.rs.security.jose.common.JoseConstants

public final class JoseConstants
extends RSSecurityConstants

Field Summary

Fields

Modifier and Type	Field and Description
static String	ENABLE_UNSIGNED_JWT_PRINCIPAL Whether to allow unsigned JWT tokens as SecurityContext Principals.
static String	HEADER_ALGORITHM
static String	HEADER_CONTENT_TYPE
static String	HEADER_CRITICAL
static String	HEADER_JSON_WEB_KEY
static String	HEADER_JSON_WEB_KEY_SET
static String	HEADER_KEY_ID
static String	HEADER_TYPE
static String	HEADER_X509_CHAIN
static String	HEADER_X509_THUMBPRINT
static String	HEADER_X509_THUMBPRINT_SHA256
static String	HEADER_X509_URL
static String	JOSE_CONTEXT_PROPERTY
static String	JOSE_DEBUG Whether to trace JOSE headers.
static String	JWE_DEFLATE_ZIP_ALGORITHM
static String	JWE_HEADER_CONTENT_ENC_ALGORITHM
static String	JWE_HEADER_KEY_ENC_ALGORITHM
static String	JWE_HEADER_ZIP_ALGORITHM
static String	JWS_HEADER_B64_STATUS_HEADER
static String	MEDIA_TYPE_JOSE
static String	MEDIA_TYPE_JOSE_JSON
static String	RSSEC_ACCEPT_PUBLIC_KEY Whether to allow using a JWK received in the header for signature validation.
static String	RSSEC_DECRYPTION_KEY_PSWD_PROVIDER A reference to a PrivateKeyPasswordProvider instance used to retrieve passwords to access keys for decryption.
static String	RSSEC_EC_CURVE The EC Curve to use with EC keys loaded from Java Key Store.
static String	RSSEC_ENCRYPTION_CONTENT_ALGORITHM The encryption content algorithm to use.
static String	RSSEC_ENCRYPTION_IN_PROPS The decryption properties file for decryption.
static String	RSSEC_ENCRYPTION_INCLUDE_CERT Include the X.509 certificate for encryption the "x5c" header.
static String	RSSEC_ENCRYPTION_INCLUDE_CERT_SHA1 Include the X.509 certificate SHA-1 digest for encryption in the "x5t" header.
static String	RSSEC_ENCRYPTION_INCLUDE_CERT_SHA256 Include the X.509 certificate SHA-256 digest for encryption in the "x5t#S256" header.
static String	RSSEC_ENCRYPTION_INCLUDE_KEY_ID Include the JWK key id for encryption in the "kid" header.
static String	RSSEC_ENCRYPTION_INCLUDE_PUBLIC_KEY Include the JWK public key for encryption in the "jwk" header.
static String	RSSEC_ENCRYPTION_KEY_ALGORITHM The encryption key algorithm to use.
static String	RSSEC_ENCRYPTION_OUT_PROPS The encryption properties file for encryption creation.
static String	RSSEC_ENCRYPTION_PBES2_COUNT The value to be used for the "p2c" (PBES2 count) Header Parameter.
static String	RSSEC_ENCRYPTION_PROPS The encryption/decryption properties file
static String	RSSEC_ENCRYPTION_ZIP_ALGORITHM The encryption zip algorithm to use.
static String	RSSEC_KEY_STORE_ALIASES The keystore aliases corresponding to the keys to use, when using the JSON serialization form.
static String	RSSEC_KEY_STORE_JWKKEY
static String	RSSEC_KEY_STORE_JWKSET TODO documentation for these
static String	RSSEC_SIGNATURE_INCLUDE_CERT Include the X.509 certificate for signature in the "x5c" header.
static String	RSSEC_SIGNATURE_INCLUDE_CERT_SHA1 Include the X.509 certificate SHA-1 digest for signature in the "x5t" header.
static String	RSSEC_SIGNATURE_INCLUDE_CERT_SHA256 Include the X.509 certificate SHA-256 digest for signature in the "x5t#S256" header.
static String	RSSEC_SIGNATURE_INCLUDE_KEY_ID Include the JWK key id for signature in the "kid" header.
static String	RSSEC_SIGNATURE_INCLUDE_PUBLIC_KEY Include the JWK public key for signature in the "jwk" header.
static String	RSSEC_SIGNATURE_KEY_PSWD_PROVIDER A reference to a PrivateKeyPasswordProvider instance used to retrieve passwords to access keys for signature.
static String	TYPE_JOSE
static String	TYPE_JOSE_JSON
static String	TYPE_JWT

Fields inherited from class org.apache.cxf.rt.security.rs.RSSecurityConstants

RSSEC_ENABLE_REVOCATION, RSSEC_KEY_PSWD, RSSEC_KEY_PSWD_PROVIDER, RSSEC_KEY_STORE, RSSEC_KEY_STORE_ALIAS, RSSEC_KEY_STORE_FILE, RSSEC_KEY_STORE_PSWD, RSSEC_KEY_STORE_TYPE, RSSEC_SIGNATURE_ALGORITHM, RSSEC_SIGNATURE_IN_PROPS, RSSEC_SIGNATURE_OUT_PROPS, RSSEC_SIGNATURE_PROPS

Method Summary

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

HEADER_TYPE

public static final String HEADER_TYPE

See Also:

Constant Field Values

HEADER_ALGORITHM

public static final String HEADER_ALGORITHM

See Also:

Constant Field Values

HEADER_CONTENT_TYPE

public static final String HEADER_CONTENT_TYPE

See Also:

Constant Field Values

HEADER_CRITICAL

public static final String HEADER_CRITICAL

See Also:

Constant Field Values

HEADER_KEY_ID

public static final String HEADER_KEY_ID

See Also:

Constant Field Values

HEADER_X509_URL

public static final String HEADER_X509_URL

See Also:

Constant Field Values

HEADER_X509_CHAIN

public static final String HEADER_X509_CHAIN

See Also:

Constant Field Values

HEADER_X509_THUMBPRINT

public static final String HEADER_X509_THUMBPRINT

See Also:

Constant Field Values

HEADER_X509_THUMBPRINT_SHA256

public static final String HEADER_X509_THUMBPRINT_SHA256

See Also:

Constant Field Values

HEADER_JSON_WEB_KEY

public static final String HEADER_JSON_WEB_KEY

See Also:

Constant Field Values

HEADER_JSON_WEB_KEY_SET

public static final String HEADER_JSON_WEB_KEY_SET

See Also:

Constant Field Values

JWE_HEADER_KEY_ENC_ALGORITHM

public static final String JWE_HEADER_KEY_ENC_ALGORITHM

See Also:

Constant Field Values

JWE_HEADER_CONTENT_ENC_ALGORITHM

public static final String JWE_HEADER_CONTENT_ENC_ALGORITHM

See Also:

Constant Field Values

JWE_HEADER_ZIP_ALGORITHM

public static final String JWE_HEADER_ZIP_ALGORITHM

See Also:

Constant Field Values

JWE_DEFLATE_ZIP_ALGORITHM

public static final String JWE_DEFLATE_ZIP_ALGORITHM

See Also:

Constant Field Values

JWS_HEADER_B64_STATUS_HEADER

public static final String JWS_HEADER_B64_STATUS_HEADER

See Also:

Constant Field Values

TYPE_JWT

public static final String TYPE_JWT

See Also:

Constant Field Values

TYPE_JOSE

public static final String TYPE_JOSE

See Also:

Constant Field Values

TYPE_JOSE_JSON

public static final String TYPE_JOSE_JSON

See Also:

Constant Field Values

MEDIA_TYPE_JOSE

public static final String MEDIA_TYPE_JOSE

See Also:

Constant Field Values

MEDIA_TYPE_JOSE_JSON

public static final String MEDIA_TYPE_JOSE_JSON

See Also:

Constant Field Values

JOSE_CONTEXT_PROPERTY

public static final String JOSE_CONTEXT_PROPERTY

See Also:

Constant Field Values

RSSEC_KEY_STORE_ALIASES

public static final String RSSEC_KEY_STORE_ALIASES

The keystore aliases corresponding to the keys to use, when using the JSON serialization form. You can append one of the following to this tag to get the alias for more specific operations: - jws.out - jws.in

See Also:

Constant Field Values

RSSEC_ACCEPT_PUBLIC_KEY

public static final String RSSEC_ACCEPT_PUBLIC_KEY

Whether to allow using a JWK received in the header for signature validation. The default is "false".

See Also:

Constant Field Values

RSSEC_KEY_STORE_JWKSET

public static final String RSSEC_KEY_STORE_JWKSET

TODO documentation for these

See Also:

Constant Field Values

RSSEC_KEY_STORE_JWKKEY

public static final String RSSEC_KEY_STORE_JWKKEY

See Also:

Constant Field Values

RSSEC_SIGNATURE_KEY_PSWD_PROVIDER

public static final String RSSEC_SIGNATURE_KEY_PSWD_PROVIDER

A reference to a PrivateKeyPasswordProvider instance used to retrieve passwords to access keys for signature. If this is not specified it falls back to use the RSSEC_KEY_PSWD_PROVIDER.

See Also:

Constant Field Values

RSSEC_EC_CURVE

public static final String RSSEC_EC_CURVE

The EC Curve to use with EC keys loaded from Java Key Store. JWK EC Keys are expected to use a standard "crv" property instead.

See Also:

Constant Field Values

RSSEC_SIGNATURE_INCLUDE_PUBLIC_KEY

public static final String RSSEC_SIGNATURE_INCLUDE_PUBLIC_KEY

Include the JWK public key for signature in the "jwk" header.

See Also:

Constant Field Values

RSSEC_SIGNATURE_INCLUDE_CERT

public static final String RSSEC_SIGNATURE_INCLUDE_CERT

Include the X.509 certificate for signature in the "x5c" header.

See Also:

Constant Field Values

RSSEC_SIGNATURE_INCLUDE_KEY_ID

public static final String RSSEC_SIGNATURE_INCLUDE_KEY_ID

Include the JWK key id for signature in the "kid" header.

See Also:

Constant Field Values

RSSEC_SIGNATURE_INCLUDE_CERT_SHA1

public static final String RSSEC_SIGNATURE_INCLUDE_CERT_SHA1

Include the X.509 certificate SHA-1 digest for signature in the "x5t" header.

See Also:

Constant Field Values

RSSEC_SIGNATURE_INCLUDE_CERT_SHA256

public static final String RSSEC_SIGNATURE_INCLUDE_CERT_SHA256

Include the X.509 certificate SHA-256 digest for signature in the "x5t#S256" header.

See Also:

Constant Field Values

RSSEC_DECRYPTION_KEY_PSWD_PROVIDER

public static final String RSSEC_DECRYPTION_KEY_PSWD_PROVIDER

A reference to a PrivateKeyPasswordProvider instance used to retrieve passwords to access keys for decryption. If this is not specified it falls back to use the RSSEC_KEY_PSWD_PROVIDER.

See Also:

Constant Field Values

RSSEC_ENCRYPTION_CONTENT_ALGORITHM

public static final String RSSEC_ENCRYPTION_CONTENT_ALGORITHM

The encryption content algorithm to use. The default algorithm if not specified is 'A128GCM'.

See Also:

Constant Field Values

RSSEC_ENCRYPTION_KEY_ALGORITHM

public static final String RSSEC_ENCRYPTION_KEY_ALGORITHM

The encryption key algorithm to use. The default algorithm if not specified is 'RSA-OAEP' if the key is an RSA key, and 'A128GCMKW' if it is an octet sequence.

See Also:

Constant Field Values

RSSEC_ENCRYPTION_ZIP_ALGORITHM

public static final String RSSEC_ENCRYPTION_ZIP_ALGORITHM

The encryption zip algorithm to use.

See Also:

Constant Field Values

RSSEC_ENCRYPTION_OUT_PROPS

public static final String RSSEC_ENCRYPTION_OUT_PROPS

The encryption properties file for encryption creation. If not specified then it falls back to RSSEC_ENCRYPTION_PROPS.

See Also:

Constant Field Values

RSSEC_ENCRYPTION_IN_PROPS

public static final String RSSEC_ENCRYPTION_IN_PROPS

The decryption properties file for decryption. If not specified then it falls back to RSSEC_ENCRYPTION_PROPS.

See Also:

Constant Field Values

RSSEC_ENCRYPTION_PROPS

public static final String RSSEC_ENCRYPTION_PROPS

The encryption/decryption properties file

See Also:

Constant Field Values

RSSEC_ENCRYPTION_INCLUDE_PUBLIC_KEY

public static final String RSSEC_ENCRYPTION_INCLUDE_PUBLIC_KEY

Include the JWK public key for encryption in the "jwk" header.

See Also:

Constant Field Values

RSSEC_ENCRYPTION_INCLUDE_CERT

public static final String RSSEC_ENCRYPTION_INCLUDE_CERT

Include the X.509 certificate for encryption the "x5c" header.

See Also:

Constant Field Values

RSSEC_ENCRYPTION_INCLUDE_KEY_ID

public static final String RSSEC_ENCRYPTION_INCLUDE_KEY_ID

Include the JWK key id for encryption in the "kid" header.

See Also:

Constant Field Values

RSSEC_ENCRYPTION_INCLUDE_CERT_SHA1

public static final String RSSEC_ENCRYPTION_INCLUDE_CERT_SHA1

Include the X.509 certificate SHA-1 digest for encryption in the "x5t" header.

See Also:

Constant Field Values

RSSEC_ENCRYPTION_INCLUDE_CERT_SHA256

public static final String RSSEC_ENCRYPTION_INCLUDE_CERT_SHA256

Include the X.509 certificate SHA-256 digest for encryption in the "x5t#S256" header.

See Also:

Constant Field Values

RSSEC_ENCRYPTION_PBES2_COUNT

public static final String RSSEC_ENCRYPTION_PBES2_COUNT

The value to be used for the "p2c" (PBES2 count) Header Parameter. The default is 4096.

See Also:

Constant Field Values

ENABLE_UNSIGNED_JWT_PRINCIPAL

public static final String ENABLE_UNSIGNED_JWT_PRINCIPAL

Whether to allow unsigned JWT tokens as SecurityContext Principals. The default is false.

See Also:

Constant Field Values

JOSE_DEBUG

public static final String JOSE_DEBUG

Whether to trace JOSE headers.

See Also:

Constant Field Values