Class DpopHeaderGenerator

java.lang.Object

software.amazon.awssdk.services.signin.internal.DpopHeaderGenerator

@SdkInternalApi
public final class DpopHeaderGenerator
extends Object

Utilities that implement rfc9449 - OAuth 2.0 Demonstrating Proof of Possession (DPoP)

Method Summary

Modifier and Type	Method	Description
static String	generateDPoPProofHeader(DpopIdentity dpopIdentity, String endpoint, String httpMethod, long epochSeconds, String uuid)	Construct a rfc9449 - OAuth 2.0 Demonstrating Proof of Possession (DPoP) header.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

generateDPoPProofHeader

public static String generateDPoPProofHeader(DpopIdentity dpopIdentity,
 String endpoint,
 String httpMethod,
 long epochSeconds,
 String uuid)

Construct a rfc9449 - OAuth 2.0 Demonstrating Proof of Possession (DPoP) header. The DPoP HTTP header must be a signed JWT (RFC 7519: JSON Web Token), which includes a JWK (RFC 7517: JSON Web Key). For reference, see:

• RFC 9449 - OAuth 2.0 Demonstrating Proof of Possession (DPoP)
• RFC 7519 - JSON Web Token (JWT)
• RFC 7517 - JSON Web Key (JWK)

Parameters:

dpopIdentity - - DpopIdentity containing ECPrivateKey and ECPublicKey

endpoint - - The HTTP target URI (Section 7.1 of [RFC9110]) of the request to which the JWT is attached, without query and fragment parts

httpMethod - - the HTTP method of the request (eg: POST).

epochSeconds - - creation time of the JWT in epoch seconds.

uuid - - Unique identifier for the DPoP proof JWT - should be a UUID4 string.

Returns:

DPoP header value