Package com.clevercloud.biscuit.token
Class Biscuit
- java.lang.Object
-
- com.clevercloud.biscuit.token.UnverifiedBiscuit
-
- com.clevercloud.biscuit.token.Biscuit
-
public class Biscuit extends UnverifiedBiscuit
Biscuit auth token
-
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description Biscuitattenuate(Block block)Generates a new token from an existing one and a new blockBiscuitattenuate(SecureRandom rng, KeyPair keypair, Block block)Generates a new token from an existing one and a new blockAuthorizerauthorizer()Creates a authorizer for this tokenstatic Biscuitbuilder(KeyPair root)Creates a token builderstatic Biscuitbuilder(SecureRandom rng, KeyPair root)Creates a token builderstatic Biscuitbuilder(SecureRandom rng, KeyPair root, SymbolTable symbols)Creates a token builderstatic Biscuitbuilder(SecureRandom rng, KeyPair root, io.vavr.control.Option<Integer> root_key_id, SymbolTable symbols)Creates a token builderBiscuitcopy()static Biscuitfrom_b64(String data, PublicKey root)Deprecated.static Biscuitfrom_b64url(String data, KeyDelegate delegate)Deserializes a Biscuit token from a base64 url (RFC4648_URLSAFE) stringstatic Biscuitfrom_b64url(String data, PublicKey root)Deserializes a Biscuit token from a base64 url (RFC4648_URLSAFE) stringstatic Biscuitfrom_bytes(byte[] data, KeyDelegate delegate)Deserializes a Biscuit token from a byte arraystatic Biscuitfrom_bytes(byte[] data, PublicKey root)Deserializes a Biscuit token from a byte arraystatic Biscuitfrom_bytes_with_symbols(byte[] data, KeyDelegate delegate, SymbolTable symbols)Deserializes a Biscuit token from a byte arraystatic Biscuitfrom_bytes_with_symbols(byte[] data, PublicKey root, SymbolTable symbols)Deserializes a Biscuit token from a byte arraystatic Biscuitmake(SecureRandom rng, KeyPair root, SymbolTable symbols, Block authority)Deprecated.static Biscuitmake(SecureRandom rng, KeyPair root, io.vavr.control.Option<Integer> root_key_id, SymbolTable symbols, Block authority)Creates a tokenStringprint()Prints a token's contentbyte[]serialize()Serializes a token to a byte arrayStringserialize_b64()Deprecated.Stringserialize_b64url()Serializes a token to base 64 url String using RFC4648_URLSAFE-
Methods inherited from class com.clevercloud.biscuit.token.UnverifiedBiscuit
checks, clone, context, create_block, default_symbol_table, from_b64url, from_bytes, from_bytes_with_symbols, revocation_identifiers, root_key_id, verify, verify
-
-
-
-
Method Detail
-
builder
public static Biscuit builder(KeyPair root)
Creates a token builderthis function uses the default symbol table
- Parameters:
root- root private key- Returns:
-
builder
public static Biscuit builder(SecureRandom rng, KeyPair root)
Creates a token builderthis function uses the default symbol table
- Parameters:
rng- random number generatorroot- root private key- Returns:
-
builder
public static Biscuit builder(SecureRandom rng, KeyPair root, io.vavr.control.Option<Integer> root_key_id, SymbolTable symbols)
Creates a token builder- Parameters:
rng- random number generatorroot- root private keysymbols- symbol table- Returns:
-
builder
public static Biscuit builder(SecureRandom rng, KeyPair root, SymbolTable symbols)
Creates a token builder- Parameters:
rng- random number generatorroot- root private keysymbols- symbol table- Returns:
-
make
@Deprecated public static Biscuit make(SecureRandom rng, KeyPair root, SymbolTable symbols, Block authority) throws Error.SymbolTableOverlap, Error.FormatError
Deprecated.Creates a token- Parameters:
rng- random number generatorroot- root private keyauthority- authority block- Returns:
- Throws:
Error.SymbolTableOverlapError.FormatError
-
make
public static Biscuit make(SecureRandom rng, KeyPair root, io.vavr.control.Option<Integer> root_key_id, SymbolTable symbols, Block authority) throws Error.SymbolTableOverlap, Error.FormatError
Creates a token- Parameters:
rng- random number generatorroot- root private keyauthority- authority block- Returns:
- Throws:
Error.SymbolTableOverlapError.FormatError
-
from_b64
@Deprecated public static Biscuit from_b64(String data, PublicKey root) throws NoSuchAlgorithmException, SignatureException, InvalidKeyException, Error
Deprecated.Deserializes a Biscuit token from a hex stringThis checks the signature, but does not verify that the first key is the root key, to allow appending blocks without knowing about the root key.
The root key check is performed in the verify method
This method uses the default symbol table
- Parameters:
data-- Returns:
- Throws:
NoSuchAlgorithmExceptionSignatureExceptionInvalidKeyExceptionError
-
from_b64url
public static Biscuit from_b64url(String data, PublicKey root) throws NoSuchAlgorithmException, SignatureException, InvalidKeyException, Error
Deserializes a Biscuit token from a base64 url (RFC4648_URLSAFE) stringThis checks the signature, but does not verify that the first key is the root key, to allow appending blocks without knowing about the root key.
The root key check is performed in the verify method
This method uses the default symbol table
- Parameters:
data-- Returns:
- Biscuit
- Throws:
NoSuchAlgorithmExceptionSignatureExceptionInvalidKeyExceptionError
-
from_b64url
public static Biscuit from_b64url(String data, KeyDelegate delegate) throws NoSuchAlgorithmException, SignatureException, InvalidKeyException, Error
Deserializes a Biscuit token from a base64 url (RFC4648_URLSAFE) stringThis checks the signature, but does not verify that the first key is the root key, to allow appending blocks without knowing about the root key.
The root key check is performed in the verify method
This method uses the default symbol table
- Parameters:
data-- Returns:
- Biscuit
- Throws:
NoSuchAlgorithmExceptionSignatureExceptionInvalidKeyExceptionError
-
from_bytes
public static Biscuit from_bytes(byte[] data, PublicKey root) throws NoSuchAlgorithmException, SignatureException, InvalidKeyException, Error
Deserializes a Biscuit token from a byte arrayThis checks the signature, but does not verify that the first key is the root key, to allow appending blocks without knowing about the root key.
The root key check is performed in the verify method
This method uses the default symbol table
- Parameters:
data-- Returns:
- Throws:
NoSuchAlgorithmExceptionSignatureExceptionInvalidKeyExceptionError
-
from_bytes
public static Biscuit from_bytes(byte[] data, KeyDelegate delegate) throws NoSuchAlgorithmException, SignatureException, InvalidKeyException, Error
Deserializes a Biscuit token from a byte arrayThis checks the signature, but does not verify that the first key is the root key, to allow appending blocks without knowing about the root key.
The root key check is performed in the verify method
This method uses the default symbol table
- Parameters:
data-- Returns:
- Throws:
NoSuchAlgorithmExceptionSignatureExceptionInvalidKeyExceptionError
-
from_bytes_with_symbols
public static Biscuit from_bytes_with_symbols(byte[] data, PublicKey root, SymbolTable symbols) throws NoSuchAlgorithmException, SignatureException, InvalidKeyException, Error
Deserializes a Biscuit token from a byte arrayThis checks the signature, but does not verify that the first key is the root key, to allow appending blocks without knowing about the root key.
The root key check is performed in the verify method
- Parameters:
data-- Returns:
- Throws:
NoSuchAlgorithmExceptionSignatureExceptionInvalidKeyExceptionError
-
from_bytes_with_symbols
public static Biscuit from_bytes_with_symbols(byte[] data, KeyDelegate delegate, SymbolTable symbols) throws NoSuchAlgorithmException, SignatureException, InvalidKeyException, Error
Deserializes a Biscuit token from a byte arrayThis checks the signature, but does not verify that the first key is the root key, to allow appending blocks without knowing about the root key.
The root key check is performed in the verify method
- Parameters:
data-- Returns:
- Throws:
NoSuchAlgorithmExceptionSignatureExceptionInvalidKeyExceptionError
-
authorizer
public Authorizer authorizer() throws Error.FailedLogic
Creates a authorizer for this tokenThis function checks that the root key is the one we expect
- Returns:
- Throws:
Error.FailedLogic
-
serialize
public byte[] serialize() throws Error.FormatError.SerializationErrorSerializes a token to a byte array- Overrides:
serializein classUnverifiedBiscuit- Returns:
- Throws:
Error.FormatError.SerializationError
-
serialize_b64
@Deprecated public String serialize_b64() throws Error.FormatError.SerializationError
Deprecated.Serializes a token to a base 64 String- Returns:
- Throws:
Error.FormatError.SerializationError
-
serialize_b64url
public String serialize_b64url() throws Error.FormatError.SerializationError
Serializes a token to base 64 url String using RFC4648_URLSAFE- Overrides:
serialize_b64urlin classUnverifiedBiscuit- Returns:
- String
- Throws:
Error.FormatError.SerializationError
-
attenuate
public Biscuit attenuate(Block block) throws Error
Generates a new token from an existing one and a new block- Overrides:
attenuatein classUnverifiedBiscuit- Parameters:
block- new block (should be generated from a Block builder)- Returns:
- Throws:
Error
-
attenuate
public Biscuit attenuate(SecureRandom rng, KeyPair keypair, Block block) throws Error
Generates a new token from an existing one and a new block- Overrides:
attenuatein classUnverifiedBiscuit- Parameters:
rng- random number generatorkeypair- ephemeral key pairblock- new block (should be generated from a Block builder)- Returns:
- Throws:
Error
-
print
public String print()
Prints a token's content- Overrides:
printin classUnverifiedBiscuit
-
copy
public Biscuit copy() throws Error
- Overrides:
copyin classUnverifiedBiscuit- Throws:
Error
-
-