Package org.keycloak.keys.infinispan
Class InfinispanPublicKeyStorageProvider
- java.lang.Object
-
- org.keycloak.keys.infinispan.InfinispanPublicKeyStorageProvider
-
- All Implemented Interfaces:
PublicKeyStorageProvider
,Provider
public class InfinispanPublicKeyStorageProvider extends Object implements PublicKeyStorageProvider
- Author:
- Marek Posolda
-
-
Constructor Summary
Constructors Constructor Description InfinispanPublicKeyStorageProvider(KeycloakSession session, org.infinispan.Cache<String,PublicKeysEntry> keys, Map<String,FutureTask<PublicKeysEntry>> tasksInProgress, int minTimeBetweenRequests)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
close()
protected KeycloakTransaction
getAfterTransaction()
KeyWrapper
getFirstPublicKey(String modelKey, String algorithm, PublicKeyLoader loader)
Get first found public key to verify messages signed by particular client having several public keys.KeyWrapper
getPublicKey(String modelKey, String kid, String algorithm, PublicKeyLoader loader)
Get public key to verify messages signed by particular client.protected void
runInvalidations()
-
-
-
Constructor Detail
-
InfinispanPublicKeyStorageProvider
public InfinispanPublicKeyStorageProvider(KeycloakSession session, org.infinispan.Cache<String,PublicKeysEntry> keys, Map<String,FutureTask<PublicKeysEntry>> tasksInProgress, int minTimeBetweenRequests)
-
-
Method Detail
-
getAfterTransaction
protected KeycloakTransaction getAfterTransaction()
-
runInvalidations
protected void runInvalidations()
-
getFirstPublicKey
public KeyWrapper getFirstPublicKey(String modelKey, String algorithm, PublicKeyLoader loader)
Description copied from interface:PublicKeyStorageProvider
Get first found public key to verify messages signed by particular client having several public keys. Used for example during JWT client authentication or to encrypt content encryption key (CEK) by particular client. Used for example during encrypting a token in JWE- Specified by:
getFirstPublicKey
in interfacePublicKeyStorageProvider
- Returns:
-
getPublicKey
public KeyWrapper getPublicKey(String modelKey, String kid, String algorithm, PublicKeyLoader loader)
Description copied from interface:PublicKeyStorageProvider
Get public key to verify messages signed by particular client. Used for example during JWT client authentication- Specified by:
getPublicKey
in interfacePublicKeyStorageProvider
algorithm
- The returned key must match this algorithm (unless the algorithm is not set in the JWK)- Returns:
-
-