Package org.keycloak.sdjwt
Class IssuerSignedJWT
java.lang.Object
org.keycloak.sdjwt.SdJws
org.keycloak.sdjwt.IssuerSignedJWT
Handle verifiable credentials (SD-JWT VC), enabling the parsing
of existing VCs as well as the creation and signing of new ones.
It integrates with Keycloak's SignatureSignerContext to facilitate
the generation of issuer signature.
- Author:
- Francis Pouatcha
-
Nested Class Summary
-
Field Summary
Fields inherited from class org.keycloak.sdjwt.SdJws
CLAIM_NAME_ISSUER
-
Constructor Summary
ConstructorDescriptionIssuerSignedJWT
(com.fasterxml.jackson.databind.JsonNode payload, SignatureSignerContext signer, String jwsType) -
Method Summary
Modifier and TypeMethodDescriptionstatic IssuerSignedJWT.Builder
builder()
static IssuerSignedJWT
Optional<com.fasterxml.jackson.databind.JsonNode>
Returns `cnf` claim (establishing key binding)Returns declared hash algorithm from SD hash claim.void
Verifies that the SD hash algorithm is understood and deemed secure.Methods inherited from class org.keycloak.sdjwt.SdJws
getHeader, getPayload, sign, toJws, verifyAge, verifyExpClaim, verifyIssClaim, verifyIssuedAtClaim, verifyNotBeforeClaim, verifySignature, verifyVctClaim
-
Field Details
-
CLAIM_NAME_SELECTIVE_DISCLOSURE
- See Also:
-
CLAIM_NAME_SD_HASH_ALGORITHM
- See Also:
-
-
Constructor Details
-
IssuerSignedJWT
public IssuerSignedJWT(com.fasterxml.jackson.databind.JsonNode payload, SignatureSignerContext signer, String jwsType)
-
-
Method Details
-
fromJws
-
getCnfClaim
Returns `cnf` claim (establishing key binding) -
getSdHashAlg
Returns declared hash algorithm from SD hash claim. -
verifySdHashAlgorithm
Verifies that the SD hash algorithm is understood and deemed secure.- Throws:
VerificationException
- if not
-
builder
-