Package org.keycloak.keys.infinispan
Class InfinispanPublicKeyStorageProvider
java.lang.Object
org.keycloak.keys.infinispan.InfinispanPublicKeyStorageProvider
- All Implemented Interfaces:
PublicKeyStorageProvider,Provider
- Author:
- Marek Posolda
-
Constructor Summary
ConstructorsConstructorDescriptionInfinispanPublicKeyStorageProvider(KeycloakSession session, org.infinispan.Cache<String, PublicKeysEntry> keys, Map<String, FutureTask<PublicKeysEntry>> tasksInProgress, int minTimeBetweenRequests) -
Method Summary
Modifier and TypeMethodDescriptionvoidclose()protected KeycloakTransactiongetFirstPublicKey(String modelKey, String algorithm, PublicKeyLoader loader) Get first found public key to verify messages signed by particular client having several public keys.getPublicKey(String modelKey, String kid, String algorithm, PublicKeyLoader loader) Get public key to verify messages signed by particular client.protected void
-
Constructor Details
-
InfinispanPublicKeyStorageProvider
public InfinispanPublicKeyStorageProvider(KeycloakSession session, org.infinispan.Cache<String, PublicKeysEntry> keys, Map<String, FutureTask<PublicKeysEntry>> tasksInProgress, int minTimeBetweenRequests)
-
-
Method Details
-
getAfterTransaction
-
runInvalidations
protected void runInvalidations() -
getFirstPublicKey
Description copied from interface:PublicKeyStorageProviderGet first found public key to verify messages signed by particular client having several public keys. Used for example during JWT client authentication or to encrypt content encryption key (CEK) by particular client. Used for example during encrypting a token in JWE- Specified by:
getFirstPublicKeyin interfacePublicKeyStorageProvider- Returns:
-
getPublicKey
public KeyWrapper getPublicKey(String modelKey, String kid, String algorithm, PublicKeyLoader loader) Description copied from interface:PublicKeyStorageProviderGet public key to verify messages signed by particular client. Used for example during JWT client authentication- Specified by:
getPublicKeyin interfacePublicKeyStorageProvideralgorithm- The returned key must match this algorithm (unless the algorithm is not set in the JWK)- Returns:
-
close
public void close()
-