Package org.keycloak.rotation
Interface KeyLocator
- All Known Implementing Classes:
CompositeKeyLocator,HardcodedKeyLocator,SamlMetadataKeyLocator
This interface defines a method for obtaining a security key by ID.
If the KeyLocator implementor wants to make all its keys available for iteration,
it should implement Iterable<T extends Key> interface.
The base KeyLocator does not extend this interface to enable KeyLocators
that do not support listing their keys.
- Author:
- Hynek Mlnařík
-
Nested Class Summary
Nested ClassesModifier and TypeInterfaceDescriptionstatic classHelper class that facilitates the hash of a Key to be located easier. -
Method Summary
Modifier and TypeMethodDescriptionReturns a key with a particular ID.default KeyMethod that checks if the key passed is inside the locator.default KeyReturns the key in the locator that is represented by the KeyInfo dsig structure.voidIf this key locator caches keys in any way, forces this cache cleanup and refreshing the keys.Methods inherited from interface java.lang.Iterable
forEach, iterator, spliterator
-
Method Details
-
getKey
Returns a key with a particular ID.- Parameters:
kid- Key ID- Returns:
- key, which should be used for verify signature on given "input"
- Throws:
KeyManagementException
-
getKey
Method that checks if the key passed is inside the locator.- Parameters:
key- The key to search- Returns:
- The same key or null if it's not in the locator
- Throws:
KeyManagementException
-
getKey
Returns the key in the locator that is represented by the KeyInfo dsig structure. The default implementation just iterates and returns the first KeyName, X509Data or PublicKey that is in the locator.- Parameters:
info- The KeyInfo to search- Returns:
- The key found or null
- Throws:
KeyManagementException
-
refreshKeyCache
void refreshKeyCache()If this key locator caches keys in any way, forces this cache cleanup and refreshing the keys.
-