Package io.smallrye.jwt.build
Interface JwtEncryptionBuilder
-
- All Superinterfaces:
JwtEncryption
public interface JwtEncryptionBuilder extends JwtEncryption
JWT JsonWebEncryption Builder.JwtEncryptionBuilder implementations must set the 'alg' (algorithm) header to 'RSA-OAEP-256' and 'enc' (content encryption algorithm) header to 'A256GCM' unless they have already been set. The 'cty' (content type) header must be set to 'JWT' when the inner signed JWT is encrypted.
Note that JwtEncryptionBuilder implementations are not expected to be thread-safe. However reusing a single JwtEncryptionBuilder for creating more than one encrypted token is not recommended because a single JwtEncryptionBuilder can not provide a unique token identifier per every token.
- See Also:
- RFC7516
-
-
Method Summary
All Methods Instance Methods Abstract Methods Default Methods Deprecated Methods Modifier and Type Method Description JwtEncryptionBuildercontentAlgorithm(ContentEncryptionAlgorithm algorithm)Set an 'enc' content encryption algorithm.default JwtEncryptionBuildercontentEncryptionAlgorithm(ContentEncryptionAlgorithm algorithm)JwtEncryptionBuilderheader(String name, Object value)Custom JWT encryption header.JwtEncryptionBuilderkeyAlgorithm(KeyEncryptionAlgorithm algorithm)Set an 'alg' key encryption algorithm.default JwtEncryptionBuilderkeyEncryptionAlgorithm(KeyEncryptionAlgorithm algorithm)Deprecated.default JwtEncryptionBuilderkeyEncryptionKeyId(String keyId)Deprecated.JwtEncryptionBuilderkeyId(String keyId)Set a 'kid' key encryption key id.-
Methods inherited from interface io.smallrye.jwt.build.JwtEncryption
encrypt, encrypt, encrypt, encrypt, encryptWithSecret
-
-
-
-
Method Detail
-
keyAlgorithm
JwtEncryptionBuilder keyAlgorithm(KeyEncryptionAlgorithm algorithm)
Set an 'alg' key encryption algorithm. Note that only 'RSA-OAEP-256' (default), 'ECDH-ES+A256KW' and 'A256KW' algorithms must be supported. A key of size 2048 bits or larger MUST be used with 'RSA-OAEP-256' algorithm.- Parameters:
algorithm- the key encryption algorithm- Returns:
- JwtEncryptionBuilder
- Since:
- 2.1.3
-
keyEncryptionAlgorithm
@Deprecated default JwtEncryptionBuilder keyEncryptionAlgorithm(KeyEncryptionAlgorithm algorithm)
Deprecated.Set an 'alg' key encryption algorithm. Note that only 'RSA-OAEP-256' (default), 'ECDH-ES+A256KW' and 'A256KW' algorithms must be supported. A key of size 2048 bits or larger MUST be used with 'RSA-OAEP-256' algorithm.- Parameters:
algorithm- the key encryption algorithm- Returns:
- JwtEncryptionBuilder
-
contentAlgorithm
JwtEncryptionBuilder contentAlgorithm(ContentEncryptionAlgorithm algorithm)
Set an 'enc' content encryption algorithm. Note that only 'A256GCM' (default) and 'A128CBC-HS256' algorithms must be supported.- Parameters:
algorithm- the content encryption algorithm- Returns:
- JwtEncryptionBuilder
- Since:
- 2.1.3
-
contentEncryptionAlgorithm
@Deprecated default JwtEncryptionBuilder contentEncryptionAlgorithm(ContentEncryptionAlgorithm algorithm)
Set an 'enc' content encryption algorithm. Note that only 'A256GCM' (default) and 'A128CBC-HS256' algorithms must be supported.- Parameters:
algorithm- the content encryption algorithm- Returns:
- JwtEncryptionBuilder
-
keyId
JwtEncryptionBuilder keyId(String keyId)
Set a 'kid' key encryption key id.- Parameters:
keyId- the key id- Returns:
- JwtEncryptionBuilder
- Since:
- 2.1.3
-
keyEncryptionKeyId
@Deprecated default JwtEncryptionBuilder keyEncryptionKeyId(String keyId)
Deprecated.Set a 'kid' key encryption key id.- Parameters:
keyId- the key id- Returns:
- JwtEncryptionBuilder
-
header
JwtEncryptionBuilder header(String name, Object value)
Custom JWT encryption header. If the 'alg' (algorithm) header is set with this method then it has to match one of theKeyEncryptionAlgorithmvalues. If the 'enc' (encryption) header is set with this method then it has to match one of theContentEncryptionAlgorithmvalues.- Parameters:
name- the header namevalue- the header value- Returns:
- JwtEncryptionBuilder
-
-