%OAuth2.JWT
deprecated class %OAuth2.JWT extends %Library.RegisteredObject
Method Inventory
Methods
deprecated classmethod GetJWK(JWKS As %DynamicObject, Alg As %String, Kid As %String) as %DynamicObject
This method is deprecated. Use the GetJWK method in %Net.JSON.JWKS instead.
deprecated classmethod JWTToObject(JWT As %String, LocalPrivate As %String = "", RemotePublic As %String = "", Output JOSE As %String, Output Body As %DynamicObject, Output Header As %DynamicObject, AcceptUnsecured As %Boolean = 0) as %Status
This method processes a JSON Web Token (JWT), performing decryption and/or signature verification operations as required.
Input parameters:
JWT - JSON Web Token
LocalPrivate - Local Private JWKS
RemotePublic - Remote Public JWKS
Output parameters:
JOSE - Output Array of Strings containing the algorithms used for Signature and/or Encryption operations performed on the JWT.
JOSE("sigalg") - Signature or MAC algorithm
JOSE("keyalg") - Key management algorithm
JOSE("encalg") - Content encryption algorithm
Body - Output Object representation of the claims contained in the JWT
Header - Output Object representation of the JWT header
AcceptUnsecured - Boolean value indicating whether to consider a JWT signed with "alg":"none" as valid. Default is false (0).
This method is deprecated. Use the Validate method in %Net.JSON.JWT instead.
Input parameters:
JWT - JSON Web Token
LocalPrivate - Local Private JWKS
RemotePublic - Remote Public JWKS
Output parameters:
JOSE - Output Array of Strings containing the algorithms used for Signature and/or Encryption operations performed on the JWT.
JOSE("sigalg") - Signature or MAC algorithm
JOSE("keyalg") - Key management algorithm
JOSE("encalg") - Content encryption algorithm
Body - Output Object representation of the claims contained in the JWT
Header - Output Object representation of the JWT header
AcceptUnsecured - Boolean value indicating whether to consider a JWT signed with "alg":"none" as valid. Default is false (0).
This method is deprecated. Use the Validate method in %Net.JSON.JWT instead.
deprecated classmethod ObjectToJWT(ByRef JOSE As %String, Body As %DynamicObject, LocalPrivate As %String = "", RemotePublic As %String = "", Output JWT As %String) as %Status
This method generates a JSON Web Token (JWT), performing signature and/or encryption operations as requested.
Input parameters:
JOSE - Array of Strings used to specify the JSON Object Signature and/or Encryption operations to be performed on the JWT
For JSON Web Signature (JWS):
JOSE("sigalg") - Signature or MAC algorithm, supported options:
"HS256", HMAC with SHA-256
"HS384", HMAC with SHA-384
"HS512", HMAC with SHA-512
"RS256", RSASSA-PKCS1-V1_5 using SHA-256
"RS384", RSASSA-PKCS1-V1_5 using SHA-384
"RS512", RSASSA-PKCS1-V1_5 using SHA-512
"ES256", ECDSA using P-256 and SHA-256
"ES384", ECDSA using P-384 and SHA-384
"ES512", ECDSA using P-521 and SHA-512
For JSON Web Encryption (JWE):
JOSE("keyalg") - Key management algorithm, supported options:
"RSA1_5", Encryption with RSAES-PKCS1-V1_5
"RSA-OAEP", Encryption with RSAES-OAEP
JOSE("encalg") - Content encryption algorithm, supported options:
"A128CBC-HS256", 128-bit AES in CBC mode with HMAC SHA-256
"A192CBC-HS384", 192-bit AES in CBC mode with HMAC SHA-384
"A256CBC-HS512", 256-bit AES in CBC mode with HMAC SHA-512
Note, JOSE("keyalg") and JOSE("encalg") must both be specified or null.
If JWS and JWE are both specified the JWT will be signed, then encrypted.
JOSE("jku") - If defined, the JWK Url will be included in the JOSE header.
The relevant URL value must be included in JOSE("jku_local") or JOSE("jku_remote").
JOSE("jwk") - If defined, the JWK public key will be included in the JOSE header.
If performing a signature, the local public JWKS must be included in the JOSE("jwks_local")
Body - Object representation of the Claims contained in the JWT
LocalPrivate - Local Private JWKS
RemotePublic - Remote Public JWKS
Output parameter:
JWT - JSON Web Token
This method is deprecated. Use the Create method in %Net.JSON.JWT instead.
Input parameters:
JOSE - Array of Strings used to specify the JSON Object Signature and/or Encryption operations to be performed on the JWT
For JSON Web Signature (JWS):
JOSE("sigalg") - Signature or MAC algorithm, supported options:
"HS256", HMAC with SHA-256
"HS384", HMAC with SHA-384
"HS512", HMAC with SHA-512
"RS256", RSASSA-PKCS1-V1_5 using SHA-256
"RS384", RSASSA-PKCS1-V1_5 using SHA-384
"RS512", RSASSA-PKCS1-V1_5 using SHA-512
"ES256", ECDSA using P-256 and SHA-256
"ES384", ECDSA using P-384 and SHA-384
"ES512", ECDSA using P-521 and SHA-512
For JSON Web Encryption (JWE):
JOSE("keyalg") - Key management algorithm, supported options:
"RSA1_5", Encryption with RSAES-PKCS1-V1_5
"RSA-OAEP", Encryption with RSAES-OAEP
JOSE("encalg") - Content encryption algorithm, supported options:
"A128CBC-HS256", 128-bit AES in CBC mode with HMAC SHA-256
"A192CBC-HS384", 192-bit AES in CBC mode with HMAC SHA-384
"A256CBC-HS512", 256-bit AES in CBC mode with HMAC SHA-512
Note, JOSE("keyalg") and JOSE("encalg") must both be specified or null.
If JWS and JWE are both specified the JWT will be signed, then encrypted.
JOSE("jku") - If defined, the JWK Url will be included in the JOSE header.
The relevant URL value must be included in JOSE("jku_local") or JOSE("jku_remote").
JOSE("jwk") - If defined, the JWK public key will be included in the JOSE header.
If performing a signature, the local public JWKS must be included in the JOSE("jwks_local")
Body - Object representation of the Claims contained in the JWT
LocalPrivate - Local Private JWKS
RemotePublic - Remote Public JWKS
Output parameter:
JWT - JSON Web Token
This method is deprecated. Use the Create method in %Net.JSON.JWT instead.
Inherited Members
Inherited Methods
- %AddToSaveSet()
- %ClassIsLatestVersion()
- %ClassName()
- %ConstructClone()
- %DispatchClassMethod()
- %DispatchGetModified()
- %DispatchGetProperty()
- %DispatchMethod()
- %DispatchSetModified()
- %DispatchSetMultidimProperty()
- %DispatchSetProperty()
- %Extends()
- %GetParameter()
- %IsA()
- %IsModified()
- %New()
- %NormalizeObject()
- %ObjectModified()
- %OriginalNamespace()
- %PackageName()
- %RemoveFromSaveSet()
- %SerializeObject()
- %SetModified()
- %ValidateObject()