OpenIdConnectTokenPKIProviderImpl (OpenAM Project 15.1.7-SNAPSHOT API)

java.lang.Object
- org.forgerock.openam.sts.tokengeneration.STSCryptoProviderBase
- - org.forgerock.openam.sts.tokengeneration.oidc.crypto.OpenIdConnectTokenPKIProviderImpl

All Implemented Interfaces:: OpenIdConnectTokenPKIProvider

public class OpenIdConnectTokenPKIProviderImpl
extends STSCryptoProviderBase
implements OpenIdConnectTokenPKIProvider

See Also:: OpenIdConnectTokenPKIProvider

Field Summary
- Fields inherited from class org.forgerock.openam.sts.tokengeneration.STSCryptoProviderBase
  JKS_KEYSTORE

Constructor Summary

Constructors
Constructor and Description

OpenIdConnectTokenPKIProviderImpl(OpenIdConnectTokenConfig tokenConfiguration)

Constructors
Constructor and Description
`OpenIdConnectTokenPKIProviderImpl(OpenIdConnectTokenConfig tokenConfiguration)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`X509Certificate[]`	`getProviderCertificateChain(String keyAlias)` Get the OpenIdConnect Provider's X509Certificate[] corresponding to their PrivateKeyEntry.
`PrivateKey`	`getProviderPrivateKey(String keyAlias, String keyPassword)` Get the OpenIdConnect Provider's PrivateKey.

Methods inherited from class org.forgerock.openam.sts.tokengeneration.STSCryptoProviderBase
getPrivateKey, getX509Certificate, getX509CertificateChain

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - OpenIdConnectTokenPKIProviderImpl
```
public OpenIdConnectTokenPKIProviderImpl(OpenIdConnectTokenConfig tokenConfiguration)
                                  throws TokenCreationException
```
    Throws:
    
    TokenCreationException
- Method Detail
  - getProviderPrivateKey
```
public PrivateKey getProviderPrivateKey(String keyAlias,
                                        String keyPassword)
                                 throws TokenCreationException
```
    Description copied from interface: OpenIdConnectTokenPKIProvider
    
    Get the OpenIdConnect Provider's PrivateKey. Used to sign the OpenIdConnect token.
    
    Specified by:
    
    getProviderPrivateKey in interface OpenIdConnectTokenPKIProvider
    
    Parameters:
    
    keyAlias - alias identifying the KeyStore PrivateKeyEntry
    
    keyPassword - password for the PrivateKeyEntry
    
    Returns:
    
    the non-null PrivateKey corresponding to this entry.
    
    Throws:
    
    TokenCreationException - if a PrivateKey entry could not be found
  - getProviderCertificateChain
```
public X509Certificate[] getProviderCertificateChain(String keyAlias)
                                              throws TokenCreationException
```
    Description copied from interface: OpenIdConnectTokenPKIProvider
    
    Get the OpenIdConnect Provider's X509Certificate[] corresponding to their PrivateKeyEntry. Used to create the reference to the X509Certificate state corresponding to the OP's private key, as documented here: https://tools.ietf.org/html/draft-ietf-jose-json-web-signature-41#section-4.1
    
    Specified by:
    
    getProviderCertificateChain in interface OpenIdConnectTokenPKIProvider
    
    Parameters:
    
    keyAlias - alias identifying the PrivateKeyEntry
    
    Returns:
    
    the non-null X509Certificate[] corresponding to this entry, as returned from the underlying KeyStore. The leaf cert will be the first entry.
    
    Throws:
    
    TokenCreationException - if an entry could not be found

Class OpenIdConnectTokenPKIProviderImpl

Field Summary

Fields inherited from class org.forgerock.openam.sts.tokengeneration.STSCryptoProviderBase

Constructor Summary

Method Summary

Methods inherited from class org.forgerock.openam.sts.tokengeneration.STSCryptoProviderBase

Methods inherited from class java.lang.Object

Constructor Detail

OpenIdConnectTokenPKIProviderImpl

Method Detail

getProviderPrivateKey

getProviderCertificateChain