Module io.helidon.security.providers.httpsign
Package io.helidon.security.providers.httpsign

Class OutboundTargetDefinition

java.lang.Object
io.helidon.security.providers.httpsign.OutboundTargetDefinition
public final class OutboundTargetDefinition extends Object
Configuration of outbound target to sign outgoing requests.

  • Method Details

    • builder

      public static OutboundTargetDefinition.Builder builder(String keyId)
      Get a new builder .
      Parameters:
      keyId - keyId to send with signature
      Returns:
      builder instance

    • builder

      public static OutboundTargetDefinition.Builder builder(Config config)
      Create a builder from configuration.
      Parameters:
      config - configuration located at this target, expects "key-id" to be a child
      Returns:
      builder instance

    • create

      public static OutboundTargetDefinition create(Config config)
      Create an instance from configuration.
      Parameters:
      config - configuration located at this outbound key, expects "key-id" to be a child
      Returns:
      new instance configured from config

    • keyId

      public String keyId()
      Key id of this service (will be mapped by target service to validate signature).
      Returns:
      key id string (may be an API key, key fingerprint, service name etc.)

    • algorithm

      public String algorithm()
      Algorithm used by this signature.
      Returns:
      algorithm

    • keyConfig

      public Optional<Keys> keyConfig()
      Private key configuration for RSA based algorithms.
      Returns:
      private key location and configuration or empty optional if not configured

    • hmacSharedSecret

      public Optional<byte[]> hmacSharedSecret()
      Shared secret for HMAC based algorithms.
      Returns:
      shared secret or empty optional if not configured

    • header

      public HttpSignHeader header()
      Header to store signature in.
      Returns:
      header type

    • signedHeadersConfig

      public SignedHeadersConfig signedHeadersConfig()
      Configuration of method to headers to define headers to be signed.

      The following headers have special handling:

      • date - if not present and required, will be added to request
      • host - if not present and required, will be added to request from target URI
      • (request-target) - as per spec, calculated from method and path
      • authorization - if header() returns HttpSignHeader.AUTHORIZATION it is ignored
      Returns:
      configuration of headers to be signed

    • tokenHandler

      public TokenHandler tokenHandler()
      When header type is set to HttpSignHeader.CUSTOM, this handler will be used to create header in outbound request.
      Returns:
      token handler

    • backwardCompatibleEol

      public boolean backwardCompatibleEol()
      Whether to use old approach to EOL processing in signed data. The old approach (pre Helidon 3.0.0) was adding a trailing end of line, which is not aligned with the specification proposal.
      Returns:
      whether to use old approach (trailing EOL - true), or correct approach (falseรบ