- JavaDoc fixes/enhancements

- Fixed erroneous README.md method name reference
- ensured DefaultJwkContext#getName() supports Octet keys as well.

Author: lhazlewood

README.md

@@ -2432,17 +2432,17 @@ String kid = jwk.thumbprint().toString();
 jwk.setId(kid) // Jwks are immutable - there is no `setId` method
 ```
 
-Instead, you may use the `setIdAsThumbprint` methods on the `JwkBuilder` when creating a `Jwk`:
+Instead, you may use the `setIdFromThumbprint` methods on the `JwkBuilder` when creating a `Jwk`:
 
 ```java
 Jwk<?> jwk = Jwks.builder().forKey(aKey)
 
-    .setIdAsThumbprint() // or setIdAsThumbprint(hashAlgorithm)
+    .setIdFromThumbprint() // or setIdFromThumbprint(hashAlgorithm)
 
     .build();
 ```
 
-Calling either `setIdAsThumbprint` method will ensure that calling `jwk.getId()` equals `thumbprint.toString()`
+Calling either `setIdFromThumbprint` method will ensure that calling `jwk.getId()` equals `thumbprint.toString()`
 (which is `Encoders.BASE64URL.encode(thumbprint.toByteArray())`).
 
 <a name="jwk-thumbprint-uri"></a>

api/src/main/java/io/jsonwebtoken/JwtBuilder.java

@@ -525,6 +525,18 @@ public interface JwtBuilder extends ClaimsMutator<JwtBuilder> {
      * <td>4096 &lt;= size <sup>5</sup></td>
      * <td>{@link StandardSecureDigestAlgorithms#RS512 RS512}</td>
      * </tr>
+     * <tr>
+     *     <td><a href="https://docs.oracle.com/en/java/javase/15/docs/api/java.base/java/security/interfaces/EdECKey.html">EdECKey</a><sup>7</sup></td>
+     *     <td><code>instanceof {@link PrivateKey}</code></td>
+     *     <td>256</td>
+     *     <td>{@link StandardSecureDigestAlgorithms#Ed25519 Ed25519}</td>
+     * </tr>
+     * <tr>
+     *     <td><a href="https://docs.oracle.com/en/java/javase/15/docs/api/java.base/java/security/interfaces/EdECKey.html">EdECKey</a><sup>7</sup></td>
+     *     <td><code>instanceof {@link PrivateKey}</code></td>
+     *     <td>456</td>
+     *     <td>{@link StandardSecureDigestAlgorithms#Ed448 Ed448}</td>
+     * </tr>
      * </tbody>
      * </table>
      * <p>Notes:</p>
@@ -553,6 +565,8 @@ public interface JwtBuilder extends ClaimsMutator<JwtBuilder> {
      * {@link StandardSecureDigestAlgorithms#RS512 RS512} algorithms, so we assume an RSA signature algorithm based on the key
      * length to parallel similar decisions in the JWT specification for HMAC and ECDSA signature algorithms.
      * This is not required - just a convenience.</li>
+     * <li><a href="https://docs.oracle.com/en/java/javase/15/docs/api/java.base/java/security/interfaces/EdECKey.html">EdECKey</a>s
+     * require JDK >= 15 or BouncyCastle in the runtime classpath.</li>
      * </ol>
      *
      * <p>This implementation does not use the {@link StandardSecureDigestAlgorithms#PS256 PS256},
@@ -564,13 +578,13 @@ public interface JwtBuilder extends ClaimsMutator<JwtBuilder> {
      * {@link #signWith(Key, SecureDigestAlgorithm)} method instead.</p>
      *
      * <p>Finally, this method will throw an {@link InvalidKeyException} for any key that does not match the
-     * heuristics and requirements documented above, since that inevitably means the Key is either insufficient or
-     * explicitly disallowed by the JWT specification.</p>
+     * heuristics and requirements documented above, since that inevitably means the Key is either insufficient,
+     * unsupported, or explicitly disallowed by the JWT specification.</p>
      *
      * @param key the key to use for signing
      * @return the builder instance for method chaining.
-     * @throws InvalidKeyException if the Key is insufficient or explicitly disallowed by the JWT specification as
-     *                             described above in <em>recommended signature algorithms</em>.
+     * @throws InvalidKeyException if the Key is insufficient, unsupported, or explicitly disallowed by the JWT
+     *                             specification as described above in <em>recommended signature algorithms</em>.
      * @see Jwts#SIG
      * @see #signWith(Key, SecureDigestAlgorithm)
      * @since 0.10.0
@@ -751,7 +765,7 @@ public interface JwtBuilder extends ClaimsMutator<JwtBuilder> {
      * {@code keyAlg} when invoked with the given {@code key}, producing a JWE.
      *
      * <p>This behavior can be illustrated by the following pseudocode, a rough example of what happens during
-     *    {@link #compact() compact}ion:</p>
+     * {@link #compact() compact}ion:</p>
      * <blockquote><pre>
      *     SecretKey encryptionKey = keyAlg.getEncryptionKey(key);           // (1)
      *     byte[] jweCiphertext = enc.encrypt(payloadBytes, encryptionKey);  // (2)</pre></blockquote>

impl/src/main/java/io/jsonwebtoken/impl/security/DefaultJwkContext.java

@@ -126,6 +126,8 @@ public String getName() {
         String value = get(AbstractJwk.KTY);
         if (DefaultSecretJwk.TYPE_VALUE.equals(value)) {
             value = "Secret";
+        } else if (DefaultOctetPublicJwk.TYPE_VALUE.equals(value)) {
+            value = "Octet";
         }
         StringBuilder sb = value != null ? new StringBuilder(value) : new StringBuilder();
         K key = getKey();

impl/src/test/groovy/io/jsonwebtoken/impl/security/DefaultJwkContextTest.groovy

@@ -48,6 +48,22 @@ class DefaultJwkContextTest {
         assertEquals 'Private JWK', ctx.getName()
     }
 
+    @Test
+    void testGetNameWithEdwardsPublicKey() {
+        def ctx = new DefaultJwkContext()
+        ctx.setKey(TestKeys.X448.pair.public)
+        ctx.setType(DefaultOctetPublicJwk.TYPE_VALUE)
+        assertEquals 'Octet Public JWK', ctx.getName()
+    }
+
+    @Test
+    void testGetNameWithEdwardsPrivateKey() {
+        def ctx = new DefaultJwkContext()
+        ctx.setKey(TestKeys.X448.pair.private)
+        ctx.setType(DefaultOctetPublicJwk.TYPE_VALUE)
+        assertEquals 'Octet Private JWK', ctx.getName()
+    }
+
     @Test
     void testGStringPrintsRedactedValues() {
         // DO NOT REMOVE THIS METHOD: IT IS CRITICAL TO ENSURE GROOVY STRINGS DO NOT LEAK SECRET/PRIVATE KEY MATERIAL