Module io.helidon.security.providers.httpsign
Package io.helidon.security.providers.httpsign

Class InboundClientDefinition.Builder

java.lang.Object
io.helidon.security.providers.httpsign.InboundClientDefinition.Builder
All Implemented Interfaces:
Builder<InboundClientDefinition.Builder,InboundClientDefinition>, Supplier<InboundClientDefinition>
Enclosing class:
InboundClientDefinition
public static final class InboundClientDefinition.Builder extends Object implements Builder<InboundClientDefinition.Builder,InboundClientDefinition>
Fluent API builder to create a new instance of InboundClientDefinition. Use build() to create the instance.

  • Method Details

    • principalName

      public InboundClientDefinition.Builder principalName(String name)
      The principal name of the client, defaults to keyId if not configured.
      Parameters:
      name - name of security principal
      Returns:
      updated builder instance

    • keyId

      public InboundClientDefinition.Builder keyId(String keyId)
      The key id of this client to map to this signature validation configuration.
      Parameters:
      keyId - key id as provided in inbound signature
      Returns:
      updated builder instance

    • subjectType

      public InboundClientDefinition.Builder subjectType(SubjectType type)
      The type of principal we have authenticated (either user or service, defaults to service).
      Parameters:
      type - principal type
      Returns:
      updated builder instance

    • algorithm

      public InboundClientDefinition.Builder algorithm(String algorithm)
      Algorithm of signature used by this client. Currently supported:
      • rsa-sha256 - asymmetric based on public/private keys
      • hmac-sha256 - symmetric based on a shared secret
      Parameters:
      algorithm - algorithm used
      Returns:
      updated builder instance

    • publicKeyConfig

      public InboundClientDefinition.Builder publicKeyConfig(io.helidon.common.pki.Keys keyConfig)
      For algorithms based on public/private key (such as rsa-sha256), this provides access to the public key of the client.
      Parameters:
      keyConfig - keys configured to access a public key to validate signature
      Returns:
      updated builder instance

    • hmacSecret

      public InboundClientDefinition.Builder hmacSecret(byte[] secret)
      For hmac-sha256 algorithm, this provides access to a secret shared with the client.
      Parameters:
      secret - shared secret to validate signature
      Returns:
      updated builder instance

    • hmacSecret

      public InboundClientDefinition.Builder hmacSecret(String secret)
      Helper method to configure a password-like secret (instead of byte based hmacSecret(byte[]). The password is transformed to bytes with StandardCharsets.UTF_8 charset.
      Parameters:
      secret - shared secret to validate signature
      Returns:
      updated builder instance

    • build

      public InboundClientDefinition build()
      Description copied from interface: Builder
      Build the instance from this builder.
      Specified by:
      build in interface Builder<InboundClientDefinition.Builder,InboundClientDefinition>
      Returns:
      instance of the built type

    • config

      public InboundClientDefinition.Builder config(Config config)
      Create a builder instance from configuration.
      Parameters:
      config - config instance
      Returns:
      builder instance initialized from config