Package org.keycloak.sdjwt

Class SdJwt

java.lang.Object
org.keycloak.sdjwt.SdJwt
public class SdJwt extends Object
Main entry class for selective disclosure jwt (SD-JWT).
Author:
Francis Pouatcha

  • Field Details

    • DEFAULT_NUMBER_OF_DECOYS

      public static final int DEFAULT_NUMBER_OF_DECOYS
      See Also:

  • Constructor Details

  • Method Details

    • asNestedPayload

      public com.fasterxml.jackson.databind.JsonNode asNestedPayload()
      Prepare to a nested payload to this SD-JWT.

      dropping the algo claim.

      Returns:

    • toSdJwtString

      public String toSdJwtString()

    • getKeybindingJwt

      public KeyBindingJWT getKeybindingJwt()

    • setKeybindingJwt

      public void setKeybindingJwt(KeyBindingJWT keybindingJwt)

    • getClaims

      public List<SdJwtClaim> getClaims()

    • getSdJwtVerificationContext

      public SdJwtVerificationContext getSdJwtVerificationContext()

    • setSdJwtVerificationContext

      public void setSdJwtVerificationContext(SdJwtVerificationContext sdJwtVerificationContext)

    • getSdJwtString

      public Optional<String> getSdJwtString()

    • setSdJwtString

      public void setSdJwtString(Optional<String> sdJwtString)

    • toString

      public String toString()
      Overrides:
      toString in class Object

    • getIssuerSignedJWT

      public IssuerSignedJWT getIssuerSignedJWT()

    • getDisclosures

      public List<String> getDisclosures()

    • verify

      public void verify(List<SignatureVerifierContext> issuerVerifyingKeys, IssuerSignedJwtVerificationOpts verificationOpts) throws VerificationException
      Verifies SD-JWT as to whether the Issuer-signed JWT's signature and disclosures are valid.
      Parameters:
      issuerVerifyingKeys - Verifying keys for validating the Issuer-signed JWT. The caller is responsible for establishing trust in that the keys belong to the intended issuer.
      verificationOpts - Options to parameterize the Issuer-Signed JWT verification.
      Throws:
      VerificationException - if verification failed

    • builder

      public static SdJwt.Builder builder()