Package com.authlete.common.dto

Class CredentialIssuerJwksResponse

  • All Implemented Interfaces:
    Serializable
    public class CredentialIssuerJwksResponse
extends ApiResponse
    Response from Authlete's /vci/jwks API.

    The Authlete API is supposed to be used from within the implementation of the JWK Set document endpoint of the credential issuer.

    Authlete's /vci/jwks API returns JSON which can be mapped to this class. The credential issuer implementation should retrieve the value of the action response parameter from the API response and take the following steps according to the value.

    OK

    When the value of the action response parameter is OK, it means that Authlete could prepare the JWK Set document successfully.

    In this case, the implementation of the JWK Set document endpoint of the credential issuer should return an HTTP response with the HTTP status code "200 OK" and the content type "application/json". The message body of the response has been prepared by Authlete's /vci/jwks API and it is available as the responseContent response parameter.

    The implementation of the JWK Set document endpoint can construct an HTTP response by doing like below. 

     200 OK
 Content-Type: application/json
 (Other HTTP headers)

 (the value of the responseContent response parameter)

    NOT_FOUND

    When the value of the action response parameter is NOT_FOUND, it means that the service configuration has not enabled the feature of Verifiable Credentials and so the JWK Set document endpoint should not be accessed.

    In this case, the implementation of the JWK Set document endpoint of the credential issuer should return an HTTP response with the HTTP status code "404 Not Found" and the content type "application/json". The message body (= error information in the JSON format) of the response has been prepared by Authlete's /vci/jwks API and it is available as the responseContent response parameter.

    The implementation of the JWK Set document endpoint can construct an HTTP response by doing like below. 

     404 Not Found
 Content-Type: application/json
 (Other HTTP headers)

 (the value of the responseContent response parameter)

    INTERNAL_SERVER_ERROR

    When the value of the action response parameter is INTERNAL_SERVER_ERROR, it means that an unexpected error has occurred on Authlete side or the service has not been set up properly yet.

    In this case, a simple implementation of the JWK Set document endpoint would return an HTTP response with the HTTP status code "500 Internal Server Error" and the content type "application/json". The message body (= error information in the JSON format) of the response has been prepared by Authlete's /vci/jwks API and it is available as the responseContent response parameter.

    Such simple implementation of the JWK Set document endpoint can construct an HTTP response by doing like below. 

     500 Internal Server Error
 Content-Type: application/json
 (Other HTTP headers)

 (the value of the responseContent response parameter)

    However, in real commercial deployments, it is rare for a credential issuer to return "500 Internal Server Error" when it encounters an unexpected internal error. It's up to implementations of credential issuers what they actually return in the case of internal server error.

    Since:
    3.72, Authlete 3.0
    See Also:
    OpenID for Verifiable Credential Issuance, Serialized Form

    • Constructor Detail

      • CredentialIssuerJwksResponse

        public CredentialIssuerJwksResponse()

    • Method Detail

      • getAction

        public CredentialIssuerJwksResponse.Action getAction()
        Get the next action that the implementation of the credential issuer's JWK Set document endpoint should take after getting a response from Authlete's /vci/jwks API.
        Returns:
        The next action.

      • setAction

        public CredentialIssuerJwksResponse setAction​(CredentialIssuerJwksResponse.Action action)
        Set the next action that the implementation of the credential issuer's JWK Set document endpoint should take after getting a response from Authlete's /vci/jwks API.
        Parameters:
        action - The next action.
        Returns:
        this object.

      • getResponseContent

        public String getResponseContent()
        Get the content of the response that should be returned from the JWK Set document endpoint.

        In the successful case (when the action parameter in the response from the /vci/jwks API is OK), the content of this parameter is the JWK Set document of the credential issuer (Service.credentialJwks) that contains public keys only. The JWK Set document does not contain private parts of the keys.

        In other error cases, the content of this parameter is a JSON that contains information about the error.

        Returns:
        The content of the response that should be returned from the JWK Set document endpoint.

      • setResponseContent

        public CredentialIssuerJwksResponse setResponseContent​(String content)
        Set the content of the response that should be returned from the JWK Set document endpoint.

        In the successful case (when the action parameter in the response from the /vci/jwks API is OK), the content of this parameter is the JWK Set document of the credential issuer (Service.credentialJwks) that contains public keys only. The JWK Set document does not contain private parts of the keys.

        In other error cases, the content of this parameter is a JSON that contains information about the error.

        Parameters:
        content - The content of the response that should be returned from the JWK Set document endpoint.
        Returns:
        this object.