Class SDJWT

java.lang.Object
com.authlete.sd.SDJWT
public class SDJWT extends Object
A class that represents SD-JWT.

Instances of this class are immutable. References to Disclosure instances given to the constructor are internally copied and the getDisclosures() method returns the copied list as an unmodifiable list.

Since:
1.2

  • Constructor Details

    • SDJWT

      public SDJWT(String credentialJwt, Collection<Disclosure> disclosures)
      Constructor with a credential JWT and disclosures.
      Parameters:
      credentialJwt - A credential JWT. Must not be null.
      disclosures - Disclosures. May be null.

    • SDJWT

      public SDJWT(String credentialJwt, Collection<Disclosure> disclosures, String bindingJwt)
      Constructor with a credential JWT, disclosures and a binding JWT.
      Parameters:
      credentialJwt - A credential JWT. Must not be null.
      disclosures - Disclosures. May be null.
      bindingJwt - A binding JWT. May be null.

  • Method Details

    • toString

      public String toString()
      Get the string representation of this SD-JWT.

      The returned string has the following format. 

       {Credential-JWT}~{Disclosure1}~...~{DisclosureN}~[{Binding-JWT}]
      Overrides:
      toString in class Object
      Returns:
      The string representation of this SD-JWT.

    • getCredentialJwt

      public String getCredentialJwt()
      Get the credential JWT, which is the JWT placed at the head of SD-JWT.
      Returns:
      The credential JWT.

    • getDisclosures

      public List<Disclosure> getDisclosures()
      Get the list of disclosures.
      Returns:
      The list of disclosures. The returned list is always non-null and unmodifiable.

    • getBindingJwt

      public String getBindingJwt()
      Get the binding JWT, which is the JWT placed optionally at the end of SD-JWT.
      Returns:
      The binding JWT. May be null.

    • getHashAlgorithm

      public String getHashAlgorithm()
      Get the hash algorithm used for the disclosures.

      This method returns the value of the "_sd_alg" claim in the credential JWT. If the claim is not available, "sha-256" (the default hash algorithm) is returned.

      Returns:
      The hash algorithm.
      Since:
      1.5

    • getSDHash

      public String getSDHash()
      Get the SD hash value that can be used as the value of the "sd_hash" claim in a key binding JWT. If this SD-JWT includes a key binding JWT, the value of the "sd_hash" claim in the key binding JWT must match the value returned by this method.

      The input for the hash computation is the serialized form of this SD-JWT, excluding the key binding JWT, which may be appended at the end.

      The algorithm for the hash computation is the same as used for disclosures. This algorithm is provided by the getHashAlgorithm() method.

      The returned value is base64url-encoded as required by the SD-JWT specification.

      Returns:
      The SD hash value computed using the credential JWT and disclosures of this SD-JWT.
      Since:
      1.5

    • parse

      public static SDJWT parse(String input)
      Parse the given string as SD-JWT.

      The expected format of the input string is as follows. 

       {Credential-JWT}~{Disclosure1}~...~{DisclosureN}~[{Binding-JWT}]
      Parameters:
      input - A string representing SD-JWT. If null is given, null is returned.
      Returns:
      An SDJWT instance created as a result of parsing the input string.