use of org.forgerock.json.jose.jwk.JWKSet in project OpenAM by OpenRock.
the class OpenAMClientRegistration method byJWKs.
private boolean byJWKs(OAuth2Jwt jwt) throws IdRepoException, SSOException, MalformedURLException, FailedToLoadJWKException {
Set<String> set = amIdentity.getAttribute(OAuth2Constants.OAuth2Client.JWKS);
if (set == null || set.isEmpty()) {
throw OAuthProblemException.OAuthError.SERVER_ERROR.handle(Request.getCurrent(), "No Client Bearer JWKs_URI set.");
}
final String jwkSetStr = set.iterator().next();
final JWKSet jwkSet = new JWKSet(JsonValueBuilder.toJsonValue(jwkSetStr));
//0 values as not using for inet comms
final JWKSetParser setParser = new JWKSetParser(0, 0);
final Map<String, Key> jwkMap = setParser.jwkSetToMap(jwkSet);
final Key key = jwkMap.get(jwt.getSignedJwt().getHeader().getKeyId());
return key != null && jwt.isValid(signingManager.newRsaSigningHandler(key));
}
Aggregations