-
Notifications
You must be signed in to change notification settings - Fork 7
CredentialBeanFactories
Scott Cantor edited this page Feb 18, 2021
·
5 revisions
This is a bean factory configured from resources for Credentials based on JWKs.
Eventhough JWK contains algorithm information it is not applied. Algorithm must be defined in the signature signing configuration of the security configuration, as with any other shibboleth credential. Kid field is applied unless there is key name defined for the credential. In such case key name is used as Kid.
- jWKResource, resource containing JWK.
<bean id="shibboleth.oidc.DefaultSigningCredential"
class="org.geant.idpextension.oidc.profile.spring.factory.BasicJWKCredentialFactoryBean"
p:jWKResource="%{idp.signing.oidc.key}" />
{
"kty": "RSA",
"d": "gv7aqFcXV86jDcCn6-JCqEEIRcv1Rh1AEv4dKziFzQal1nROliDdtkJjELpOYlFY9CgI-xAXt8ivwJ4q1eA_G9WTId7qLxPdcQW4QjfRl8VVEPUhka6Gc8y95WUO4VONEwzZnZ4V7KobE0QGADXvXUw3MtIZdGgvRCS-6avQXITjhTnlkUONxeqpy2BE6l0cI8GSM1vlLy66vjsQ06aAizMB-g3yMMpbKNd73oYgrdpEjAtddH3-sLhv_TG7pMlbB_etnPGkWKdIbpvTKr2P2oZN_8Qvq7G4ETIe9nIv7i8T7GXZfTxWspYkszbrpRACM9Ic8fSctvil2j013JeSgQ",
"e": "AQAB",
"use": "sig",
"kid": "testkey",
"alg": "RS256",
"n": "pNf03ghVzMAw5sWrwDAMAZdSYNY2q7OVlxMInljMgz8XB5mf8XKH3EtP7AKrb8IAf7rGhfuH3T1N1C7F-jwIeYjXxMm2nIAZ0hXApgbccvBpf4n2H7IZflMjt4A3tt587QQSxQ069drCP4sYevxhTcLplJy6RWA0cLj-5CHyWy94zPeeA4GRd6xgHFLz0RNiSF0pF0kE4rmRgQVZ-b4_BmD9SsWnIpwhms5Ihciw36WyAGQUeZqULGsfwAMwlNLIaTCBLAoRgv370p-XsLrgz86pTkNBJqXP5GwI-ZfgiLmJuHjQ9l85KqHM87f-QdsqiV8KoRcslgXPqb6VOTJBVw"
}
(Migrated)