Skip to main content

%OAuth2.JWKS

class %OAuth2.JWKS extends %Library.RegisteredObject

Method Inventory

Methods

classmethod AddOct(Alg As %String, ClientSecret As %String, ByRef RemotePublic As %String) as %Status
This method adds a new shared symmetric key to a JSON Web Key Set (JWKS).

Alg - The algorithm for which the key is intended for use.
Supported options for signature:
"HS256", HMAC with SHA-256
"HS384", HMAC with SHA-384
"HS512", HMAC with SHA-512
Supported options for key management:
"A128KW", AES Key Wrap with 128-bit key
"A192KW", AES Key Wrap with 192-bit key
"A256KW", AES Key Wrap with 256-bit key

ClientSecret - Secret shared between a client and a server. This must have sufficient entropy to support the specified algorithm.

Output Parameter:

RemotePublic - The Remote Public JWKS to which the shared symmetric key will be added. If it does not already exist it will be created.
classmethod AddRSA(Alg As %String, ByRef LocalPrivate As %String, ByRef LocalPublic As %String) as %Status
This algorithm adds a new RSA private and public key pair to JSON Web Key Sets (JWKS).

Input parameter:

Alg - The algorithm with which the keys are intended for use.
Supported options for signature:
"RS256", RSASSA-PKCS1-V1_5 using SHA-256
"RS384", RSASSA-PKCS1-V1_5 using SHA-384
"RS512", RSASSA-PKCS1-V1_5 using SHA-512
Supported options for key management:
"RSA1_5", Encryption with RSAES-PKCS1-V1_5
"RSA-OAEP", Encryption with RSAES-OAEP


Output parameters:

LocalPrivate - The Local Private JWKS to which the RSA private key will be added. If it does not already exist it will be created.

Local Public - The Local Public JWKS to which the RSA public key will be added. If it does not already exist it will be created.
classmethod AddX509(Alg As %String, X509 As %SYS.X509Credentials, ByRef LocalPrivate As %String, ByRef Public As %String) as %Status
This method adds the RSA keys contained in a %SYS.X509Credentials object to JSON Web Key Sets (JWKS).

Input parameters:

Alg - The algorithm with which the keys are intended for use.
Supported options for signature:
"RS256", RSASSA-PKCS1-V1_5 using SHA-256
"RS384", RSASSA-PKCS1-V1_5 using SHA-384
"RS512", RSASSA-PKCS1-V1_5 using SHA-512
Supported options for key encryption:
"RSA1_5", Encryption with RSAES-PKCS1-V1_5
"RSA-OAEP", Encryption with RSAES-OAEP


Output parameters:

If the %SYS.X509Credentials object PrivateKey property is set:

LocalPrivate - The Local Private JWKS to which the RSA private key will be added. If it does not already exist it will be created.

Public - The Local Public JWKS to which the RSA public key will be added. If it does not already exist it will be created.

If the %SYS.X509Credentials object PrivateKey property is null:

Public - The Remote Public JWKS to which the RSA public key will be added. If it does not already exist it will be created.

Inherited Members

Inherited Methods

FeedbackOpens in a new tab