Package org.keycloak.keys.infinispan
Class InfinispanPublicKeyStorageProvider
- java.lang.Object
-
- org.keycloak.keys.infinispan.InfinispanPublicKeyStorageProvider
-
- All Implemented Interfaces:
PublicKeyStorageProvider,Provider
public class InfinispanPublicKeyStorageProvider extends Object implements PublicKeyStorageProvider
- Author:
- Marek Posolda
-
-
Constructor Summary
Constructors Constructor Description InfinispanPublicKeyStorageProvider(KeycloakSession session, org.infinispan.Cache<String,PublicKeysEntry> keys, Map<String,FutureTask<PublicKeysEntry>> tasksInProgress, int minTimeBetweenRequests)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidclose()protected KeycloakTransactiongetAfterTransaction()KeyWrappergetFirstPublicKey(String modelKey, String algorithm, PublicKeyLoader loader)Get first found public key to verify messages signed by particular client having several public keys.KeyWrappergetPublicKey(String modelKey, String kid, String algorithm, PublicKeyLoader loader)Get public key to verify messages signed by particular client.protected voidrunInvalidations()
-
-
-
Constructor Detail
-
InfinispanPublicKeyStorageProvider
public InfinispanPublicKeyStorageProvider(KeycloakSession session, org.infinispan.Cache<String,PublicKeysEntry> keys, Map<String,FutureTask<PublicKeysEntry>> tasksInProgress, int minTimeBetweenRequests)
-
-
Method Detail
-
getAfterTransaction
protected KeycloakTransaction getAfterTransaction()
-
runInvalidations
protected void runInvalidations()
-
getFirstPublicKey
public KeyWrapper getFirstPublicKey(String modelKey, String algorithm, PublicKeyLoader loader)
Description copied from interface:PublicKeyStorageProviderGet first found public key to verify messages signed by particular client having several public keys. Used for example during JWT client authentication or to encrypt content encryption key (CEK) by particular client. Used for example during encrypting a token in JWE- Specified by:
getFirstPublicKeyin interfacePublicKeyStorageProvider- Returns:
-
getPublicKey
public KeyWrapper getPublicKey(String modelKey, String kid, String algorithm, PublicKeyLoader loader)
Description copied from interface:PublicKeyStorageProviderGet public key to verify messages signed by particular client. Used for example during JWT client authentication- Specified by:
getPublicKeyin interfacePublicKeyStorageProvideralgorithm- The returned key must match this algorithm (unless the algorithm is not set in the JWK)- Returns:
-
-