View Javadoc
1   /*
2    * The contents of this file are subject to the terms of the Common Development and
3    * Distribution License (the License). You may not use this file except in compliance with the
4    * License.
5    *
6    * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
7    * specific language governing permission and limitations under the License.
8    *
9    * When distributing Covered Software, include this CDDL Header Notice in each file and include
10   * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
11   * Header, with the fields enclosed by brackets [] replaced by your own identifying
12   * information: "Portions copyright [year] [name of copyright owner]".
13   *
14   * Copyright 2013-2016 ForgeRock AS.
15   */
16  
17  package org.forgerock.json.jose.builders;
18  
19  import java.security.Key;
20  
21  import org.forgerock.json.jose.jwe.EncryptedJwt;
22  import org.forgerock.json.jose.jwe.JweHeader;
23  import org.forgerock.json.jose.jws.JwsAlgorithm;
24  import org.forgerock.json.jose.jws.handlers.SigningHandler;
25  import org.forgerock.json.jose.jwt.JwtClaimsSet;
26  
27  /**
28   * An implementation of a JwtBuilder that can build a JWT and encrypt it, resulting in an EncryptedJwt object.
29   *
30   * @since 2.0.0
31   */
32  public class EncryptedJwtBuilder extends AbstractJwtBuilder {
33  
34      final Key publicKey;
35  
36      /**
37       * Constructs a new EncryptedJwtBuilder that will use the given public key to encrypt the JWT.
38       *
39       * @param publicKey The public key to encrypt the JWT with.
40       */
41      public EncryptedJwtBuilder(Key publicKey) {
42          this.publicKey = publicKey;
43      }
44  
45      /**
46       * Gets the JweHeaderBuilder that this JwtBuilder will use to build the JWE's header parameters.
47       *
48       * @return The JweHeaderBuilder instance.
49       */
50      @Override
51      @SuppressWarnings("unchecked")
52      public JweHeaderBuilder<? extends EncryptedJwtBuilder> headers() {
53          setJwtHeaderBuilder(new JweHeaderBuilder<>(this));
54          return (JweHeaderBuilder<? extends EncryptedJwtBuilder>) getHeaderBuilder();
55      }
56  
57      /**
58       * Sets the JwtClaimsSet for this JwtBuilder.
59       *
60       * @param claimsSet {@inheritDoc}
61       * @return This EncryptedJwtBuilder.
62       */
63      @Override
64      public EncryptedJwtBuilder claims(JwtClaimsSet claimsSet) {
65          return (EncryptedJwtBuilder) super.claims(claimsSet);
66      }
67  
68      /**
69       * Returns a SignedEncryptedJwtBuilder that will build a signed JWT with this builder's encrypted JWT as its
70       * payload.
71       *
72       * @param signingHandler The SigningHandler instance used to sign the JWS.
73       * @param jwsAlgorithm The JwsAlgorithm to use when signing the JWT.
74       * @return The SignedEncryptedJwtBuilder instance.
75       * @deprecated Use {@link #signedWith(SigningHandler, JwsAlgorithm)} instead.
76       */
77      @Deprecated
78      public SignedEncryptedJwtBuilder sign(SigningHandler signingHandler, JwsAlgorithm jwsAlgorithm) {
79          return new SignedEncryptedJwtBuilder(this, signingHandler, jwsAlgorithm);
80      }
81  
82      /**
83       * Returns an {@link EncryptedThenSignedJwtBuilder} that will build a signed JWT with this builder's encrypted JWT
84       * as its payload.
85       *
86       * @param signingHandler The SigningHandler instance used to sign the JWS.
87       * @param jwsAlgorithm The JwsAlgorithm to use when signing the JWT.
88       * @return The EncryptedThenSignedJwtBuilder instance.
89       */
90      public EncryptedThenSignedJwtBuilder signedWith(SigningHandler signingHandler, JwsAlgorithm jwsAlgorithm) {
91          return new EncryptedThenSignedJwtBuilder(this, signingHandler, jwsAlgorithm);
92      }
93  
94      @Override
95      public EncryptedJwt asJwt() {
96          JwtHeaderBuilder<?, ?> headerBuilder = getHeaderBuilder();
97          JweHeader header;
98          if (headerBuilder == null) {
99              header = new JweHeader();
100         } else {
101             header = (JweHeader) getHeaderBuilder().build();
102         }
103         JwtClaimsSet claimsSet = getClaimsSet();
104         if (claimsSet == null) {
105             claimsSet = new JwtClaimsSet();
106         }
107         return new EncryptedJwt(header, claimsSet, publicKey);
108     }
109 
110     /**
111      * Builds the JWE into a <code>String</code> by calling the <tt>build</tt> method on the JWE object.
112      * <p>
113      * @see org.forgerock.json.jose.jwe.EncryptedJwt#build()
114      *
115      * @return The base64url encoded UTF-8 parts of the JWE.
116      */
117     @Override
118     public String build() {
119         return asJwt().build();
120     }
121 }