Package com.nimbusds.openid.connect.sdk.federation.entities

Class EntityStatement

java.lang.Object

com.nimbusds.openid.connect.sdk.federation.entities.EntityStatement

@Immutable
public final class EntityStatement
extends Object

Federation entity statement / entity configuration.

Related specifications:

• OpenID Connect Federation 1.0, section 3.1.

Field Summary

Fields

Modifier and Type	Field	Description
static com.nimbusds.common.contenttype.ContentType	CONTENT_TYPE	The federation entity statement content type (application/entity-statement+jwt).
static com.nimbusds.jose.JOSEObjectType	JOSE_OBJECT_TYPE	The federation entity statement JOSE object type (entity-statement+jwt).

Method Summary

Modifier and Type	Method	Description
EntityStatementClaimsSet	getClaimsSet()	Returns the statement claims.
EntityID	getEntityID()	Returns the entity ID.
com.nimbusds.jwt.SignedJWT	getSignedStatement()	Returns the signed statement.
static EntityStatement	parse(com.nimbusds.jwt.SignedJWT signedStmt)	Parses a federation entity statement.
static EntityStatement	parse(String signedStmtString)	Parses a federation entity statement.
static EntityStatement	sign(EntityStatementClaimsSet claimsSet, com.nimbusds.jose.jwk.JWK signingJWK)	Signs the specified federation entity claims set.
static EntityStatement	sign(EntityStatementClaimsSet claimsSet, com.nimbusds.jose.jwk.JWK signingJWK, com.nimbusds.jose.JWSAlgorithm jwsAlg)	Signs the specified federation entity claims set.
com.nimbusds.jose.util.Base64URL	verifySignature(com.nimbusds.jose.jwk.JWKSet jwkSet)	Verifies the signature and checks the statement type, issue and expiration times.
com.nimbusds.jose.util.Base64URL	verifySignatureOfSelfStatement()	Verifies the signature for a self-statement (typically for a trust anchor or leaf) and checks the statement issue and expiration times.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

JOSE_OBJECT_TYPE

public static final com.nimbusds.jose.JOSEObjectType JOSE_OBJECT_TYPE

The federation entity statement JOSE object type (entity-statement+jwt).

CONTENT_TYPE

public static final com.nimbusds.common.contenttype.ContentType CONTENT_TYPE

The federation entity statement content type (application/entity-statement+jwt).

Method Detail

getEntityID

public EntityID getEntityID()

Returns the entity ID.

Returns:

The entity ID.

getSignedStatement

public com.nimbusds.jwt.SignedJWT getSignedStatement()

Returns the signed statement.

Returns:

The signed statement as signed JWT.

getClaimsSet

public EntityStatementClaimsSet getClaimsSet()

Returns the statement claims.

Returns:

The statement claims.

verifySignatureOfSelfStatement

public com.nimbusds.jose.util.Base64URL verifySignatureOfSelfStatement()
                                                                throws com.nimbusds.jose.proc.BadJOSEException,
                                                                       com.nimbusds.jose.JOSEException

Verifies the signature for a self-statement (typically for a trust anchor or leaf) and checks the statement issue and expiration times.

Returns:

The SHA-256 thumbprint of the key used to successfully verify the signature.

Throws:

com.nimbusds.jose.proc.BadJOSEException - If the signature is invalid or the statement is expired or before the issue time.

com.nimbusds.jose.JOSEException - On a internal JOSE exception.

verifySignature

public com.nimbusds.jose.util.Base64URL verifySignature(com.nimbusds.jose.jwk.JWKSet jwkSet)
                                                 throws com.nimbusds.jose.proc.BadJOSEException,
                                                        com.nimbusds.jose.JOSEException

Verifies the signature and checks the statement type, issue and expiration times.

Parameters:

jwkSet - The JWK set to use for the signature verification. Must not be null.

Returns:

The SHA-256 thumbprint of the key used to successfully verify the signature.

Throws:

com.nimbusds.jose.proc.BadJOSEException - If the signature is invalid or the statement is expired or before the issue time.

com.nimbusds.jose.JOSEException - On an internal JOSE exception.

sign

public static EntityStatement sign(EntityStatementClaimsSet claimsSet,
                                   com.nimbusds.jose.jwk.JWK signingJWK)
                            throws com.nimbusds.jose.JOSEException

Signs the specified federation entity claims set.

Parameters:

claimsSet - The claims set. Must not be null.

signingJWK - The private signing JWK. Must be contained in the entity JWK set and not null.

Returns:

The signed federation entity statement.

Throws:

com.nimbusds.jose.JOSEException - On a internal signing exception.

sign

public static EntityStatement sign(EntityStatementClaimsSet claimsSet,
                                   com.nimbusds.jose.jwk.JWK signingJWK,
                                   com.nimbusds.jose.JWSAlgorithm jwsAlg)
                            throws com.nimbusds.jose.JOSEException

Signs the specified federation entity claims set.

Parameters:

claimsSet - The claims set. Must not be null.

signingJWK - The private signing JWK. Must be contained in the entity JWK set and not null.

jwsAlg - The signing algorithm. Must be supported by the JWK and not null.

Returns:

The signed federation entity statement.

Throws:

com.nimbusds.jose.JOSEException - On a internal signing exception.

parse

public static EntityStatement parse(com.nimbusds.jwt.SignedJWT signedStmt)
                             throws ParseException

Parses a federation entity statement.

Parameters:

signedStmt - The signed statement as a signed JWT. Must not be null.

Returns:

The federation entity statement.

Throws:

ParseException - If parsing failed.

parse

public static EntityStatement parse(String signedStmtString)
                             throws ParseException

Parses a federation entity statement.

Parameters:

signedStmtString - The signed statement as a signed JWT string. Must not be null.

Returns:

The federation entity statement.

Throws:

ParseException - If parsing failed.