Package io.fusionauth.jwt.hmac

Class HMACSigner

java.lang.Object
io.fusionauth.jwt.hmac.HMACSigner
All Implemented Interfaces:
Signer
public class HMACSigner extends Object implements Signer
This class can sign and verify a JWT that was signed using HMAC.
Author:
Daniel DeGroff

  • Method Details

    • newSHA256Signer

      public static HMACSigner newSHA256Signer(byte[] secret)
      Build a new HMAC signer using a SHA-256 hash.
      Parameters:
      secret - The secret used to generate the HMAC hash.
      Returns:
      a new HMAC signer.

    • newSHA256Signer

      public static HMACSigner newSHA256Signer(String secret)
      Build a new HMAC signer using a SHA-256 hash.
      Parameters:
      secret - The secret used to generate the HMAC hash.
      Returns:
      a new HMAC signer.

    • newSHA256Signer

      public static HMACSigner newSHA256Signer(byte[] secret, String kid)
      Build a new HMAC signer using a SHA-256 hash.
      Parameters:
      secret - The secret used to generate the HMAC hash.
      kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.
      Returns:
      a new HMAC signer.

    • newSHA256Signer

      public static HMACSigner newSHA256Signer(String secret, String kid)
      Build a new HMAC signer using a SHA-256 hash.
      Parameters:
      secret - The secret used to generate the HMAC hash.
      kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.
      Returns:
      a new HMAC signer.

    • newSHA256Signer

      public static HMACSigner newSHA256Signer(String secret, CryptoProvider cryptoProvider)
      Build a new HMAC signer using a SHA-256 hash.
      Parameters:
      secret - The secret used to generate the HMAC hash.
      cryptoProvider - The crypto provider used to get the MAC digest algorithm.
      Returns:
      a new HMAC signer.

    • newSHA256Signer

      public static HMACSigner newSHA256Signer(byte[] secret, String kid, CryptoProvider cryptoProvider)
      Build a new HMAC signer using a SHA-256 hash.
      Parameters:
      secret - The secret used to generate the HMAC hash.
      kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.
      cryptoProvider - The crypto provider used to get the MAC digest algorithm.
      Returns:
      a new HMAC signer.

    • newSHA256Signer

      public static HMACSigner newSHA256Signer(String secret, String kid, CryptoProvider cryptoProvider)
      Build a new HMAC signer using a SHA-256 hash.
      Parameters:
      secret - The secret used to generate the HMAC hash.
      kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.
      cryptoProvider - The crypto provider used to get the MAC digest algorithm.
      Returns:
      a new HMAC signer.

    • newSHA384Signer

      public static HMACSigner newSHA384Signer(byte[] secret)
      Build a new HMAC signer using a SHA-384 hash.
      Parameters:
      secret - The secret used to generate the HMAC hash.
      Returns:
      a new HMAC signer.

    • newSHA384Signer

      public static HMACSigner newSHA384Signer(String secret)
      Build a new HMAC signer using a SHA-384 hash.
      Parameters:
      secret - The secret used to generate the HMAC hash.
      Returns:
      a new HMAC signer.

    • newSHA384Signer

      public static HMACSigner newSHA384Signer(byte[] secret, String kid)
      Build a new HMAC signer using a SHA-384 hash.
      Parameters:
      secret - The secret used to generate the HMAC hash.
      kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.
      Returns:
      a new HMAC signer.

    • newSHA384Signer

      public static HMACSigner newSHA384Signer(String secret, String kid)
      Build a new HMAC signer using a SHA-384 hash.
      Parameters:
      secret - The secret used to generate the HMAC hash.
      kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.
      Returns:
      a new HMAC signer.

    • newSHA384Signer

      public static HMACSigner newSHA384Signer(String secret, CryptoProvider cryptoProvider)
      Build a new HMAC signer using a SHA-384 hash.
      Parameters:
      secret - The secret used to generate the HMAC hash.
      cryptoProvider - The crypto provider used to get the MAC digest algorithm.
      Returns:
      a new HMAC signer.

    • newSHA384Signer

      public static HMACSigner newSHA384Signer(byte[] secret, String kid, CryptoProvider cryptoProvider)
      Build a new HMAC signer using a SHA-384 hash.
      Parameters:
      secret - The secret used to generate the HMAC hash.
      kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.
      cryptoProvider - The crypto provider used to get the MAC digest algorithm.
      Returns:
      a new HMAC signer.

    • newSHA384Signer

      public static HMACSigner newSHA384Signer(String secret, String kid, CryptoProvider cryptoProvider)
      Build a new HMAC signer using a SHA-384 hash.
      Parameters:
      secret - The secret used to generate the HMAC hash.
      kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.
      cryptoProvider - The crypto provider used to get the MAC digest algorithm.
      Returns:
      a new HMAC signer.

    • newSHA512Signer

      public static HMACSigner newSHA512Signer(byte[] secret)
      Build a new HMAC signer using a SHA-512 hash.
      Parameters:
      secret - The secret used to generate the HMAC hash.
      Returns:
      a new HMAC signer.

    • newSHA512Signer

      public static HMACSigner newSHA512Signer(String secret)
      Build a new HMAC signer using a SHA-512 hash.
      Parameters:
      secret - The secret used to generate the HMAC hash.
      Returns:
      a new HMAC signer.

    • newSHA512Signer

      public static HMACSigner newSHA512Signer(byte[] secret, String kid)
      Build a new HMAC signer using a SHA-512 hash.
      Parameters:
      secret - The secret used to generate the HMAC hash.
      kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.
      Returns:
      a new HMAC signer.

    • newSHA512Signer

      public static HMACSigner newSHA512Signer(String secret, String kid)
      Build a new HMAC signer using a SHA-512 hash.
      Parameters:
      secret - The secret used to generate the HMAC hash.
      kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.
      Returns:
      a new HMAC signer.

    • newSHA512Signer

      public static HMACSigner newSHA512Signer(String secret, CryptoProvider cryptoProvider)
      Build a new HMAC signer using a SHA-512 hash.
      Parameters:
      secret - The secret used to generate the HMAC hash.
      cryptoProvider - The crypto provider used to get the MAC digest algorithm.
      Returns:
      a new HMAC signer.

    • newSHA512Signer

      public static HMACSigner newSHA512Signer(byte[] secret, String kid, CryptoProvider cryptoProvider)
      Build a new HMAC signer using a SHA-512 hash.
      Parameters:
      secret - The secret used to generate the HMAC hash.
      kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.
      cryptoProvider - The crypto provider used to get the MAC digest algorithm.
      Returns:
      a new HMAC signer.

    • newSHA512Signer

      public static HMACSigner newSHA512Signer(String secret, String kid, CryptoProvider cryptoProvider)
      Build a new HMAC signer using a SHA-512 hash.
      Parameters:
      secret - The secret used to generate the HMAC hash.
      kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.
      cryptoProvider - The crypto provider used to get the MAC digest algorithm.
      Returns:
      a new HMAC signer.

    • getAlgorithm

      public Algorithm getAlgorithm()
      Description copied from interface: Signer
      Return the algorithm supported by this signer.
      Specified by:
      getAlgorithm in interface Signer
      Returns:
      the algorithm.

    • getKid

      public String getKid()
      Description copied from interface: Signer
      Return the kid used for this signer.
      Specified by:
      getKid in interface Signer
      Returns:
      the kid

    • sign

      public byte[] sign(String message)
      Description copied from interface: Signer
      Sign the provided message and return the signature.
      Specified by:
      sign in interface Signer
      Parameters:
      message - The JWT payload to sign.
      Returns:
      The message signature in a byte array.