...
JwsSignatureProvider | JwsSignatureVerifier | |
HMAC | HmacJwsSignatureProvider | HmacJwsSignatureVerifier |
RSASSA-PKCS1-v1_5 | PrivateKeyJwsSignatureProvider | PublicKeyJwsSignatureVerifier |
ECDSA | EcDsaJwsSignatureProvider | EcDsaJwsSignatureVerifier |
RSASSA-PSS | PrivateKeyJwsSignatureProvider | PublicKeyJwsSignatureVerifier |
None | NoneJwsSignatureProvider | NoneJwsSignatureVerifier |
...
Key and Content Encryption Providers
...
JWE
...
Encryption process typically involves a content-encryption key being generated with this key being subsequently encrypted/wrapped with a key known to the consumer. Thus CXF offers the providers for supporting the key-encryption algorithms and providers for supporting the content-encryption algorithms. Direct key encryption (where the content-encryption key is established out of band) is also supported.
KeyEncryptionProvider supports encrypting a content-encryption key, KeyDecryptionProvider - decrypting it.
The following table shows the key encryption algorithms and the corresponding providers:
RSAKeyEncryptionAlgorithm
KeyEncryptionProvider | KeyDecryptionProvider | |
RSAES-PKCS1-v1_5 | RSAKeyEncryptionAlgorithm | RSAKeyDecryptionAlgorithm |
RSAES OAEP | RSAKeyEncryptionAlgorithm | RSAKeyDecryptionAlgorithm |
AES Key Wrap | EcDsaJwsSignatureProvider | EcDsaJwsSignatureVerifier |
RSASSA-PSS | PrivateKeyJwsSignatureProvider | PublicKeyJwsSignatureVerifier |
None | NoneJwsSignatureProvider | NoneJwsSignatureVerifier |
Either of these providers can be initialized with the keys loaded from JWK or JCA stores or from the in-memory representations.
JWE Compact
JweEncryptionProvider supports encrypting the content, JweDecryptionProvider - decrypting the content. Encryptors and Decryptors for all of JWE algorithms JweEncryptionProvider supports encrypting the content, JweDecryptionProvider - decrypting the content. Encryptors and Decryptors for all of JWE algorithms are shipped.
Here is the example of doing AES CBC HMAC and AES Key Wrap in CXF:
...
CXF offers an initial JWT support in this package.
JOSE JAX-RS Filters
JWS
JWE
...
Linking JWT authentications to JWS or JWE content
...