Class OutboundTargetDefinition
- java.lang.Object
-
- io.helidon.security.providers.httpsign.OutboundTargetDefinition
-
public final class OutboundTargetDefinition extends Object
Configuration of outbound target to sign outgoing requests.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
OutboundTargetDefinition.Builder
Fluent API builder to buildOutboundTargetDefinition
instances.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description String
algorithm()
Algorithm used by this signature.boolean
backwardCompatibleEol()
Whether to use old approach to EOL processing in signed data.static OutboundTargetDefinition.Builder
builder(Config config)
Create a builder from configuration.static OutboundTargetDefinition.Builder
builder(String keyId)
Get a new builder .static OutboundTargetDefinition
create(Config config)
Create an instance from configuration.HttpSignHeader
header()
Header to store signature in.Optional<byte[]>
hmacSharedSecret()
Shared secret for HMAC based algorithms.Optional<KeyConfig>
keyConfig()
Private key configuration for RSA based algorithms.String
keyId()
Key id of this service (will be mapped by target service to validate signature).SignedHeadersConfig
signedHeadersConfig()
Configuration of method to headers to define headers to be signed.TokenHandler
tokenHandler()
When header type is set toHttpSignHeader.CUSTOM
, this handler will be used to create header in outbound request.
-
-
-
Method Detail
-
builder
public static OutboundTargetDefinition.Builder builder(String keyId)
Get a new builder .- Parameters:
keyId
- keyId to send with signature- Returns:
- builder instance
-
builder
public static OutboundTargetDefinition.Builder builder(Config config)
Create a builder from configuration.- Parameters:
config
- configuration located at this target, expects "key-id" to be a child- Returns:
- builder instance
-
create
public static OutboundTargetDefinition create(Config config)
Create an instance from configuration.- Parameters:
config
- configuration located at this outbound key, expects "key-id" to be a child- Returns:
- new instance configured from config
-
keyId
public String keyId()
Key id of this service (will be mapped by target service to validate signature).- Returns:
- key id string (may be an API key, key fingerprint, service name etc.)
-
algorithm
public String algorithm()
Algorithm used by this signature.- Returns:
- algorithm
-
keyConfig
public Optional<KeyConfig> keyConfig()
Private key configuration for RSA based algorithms.- Returns:
- private key location and configuration or empty optional if not configured
-
hmacSharedSecret
public Optional<byte[]> hmacSharedSecret()
Shared secret for HMAC based algorithms.- Returns:
- shared secret or empty optional if not configured
-
header
public HttpSignHeader header()
Header to store signature in.- Returns:
- header type
-
signedHeadersConfig
public SignedHeadersConfig signedHeadersConfig()
Configuration of method to headers to define headers to be signed.The following headers have special handling:
- date - if not present and required, will be added to request
- host - if not present and required, will be added to request from target URI
- (request-target) - as per spec, calculated from method and path
- authorization - if
header()
returnsHttpSignHeader.AUTHORIZATION
it is ignored
- Returns:
- configuration of headers to be signed
-
tokenHandler
public TokenHandler tokenHandler()
When header type is set toHttpSignHeader.CUSTOM
, this handler will be used to create header in outbound request.- Returns:
- token handler
-
backwardCompatibleEol
public boolean backwardCompatibleEol()
Whether to use old approach to EOL processing in signed data. The old approach (pre Helidon 3.0.0) was adding a trailing end of line, which is not aligned with the specification proposal.- Returns:
- whether to use old approach (trailing EOL -
true
), or correct approach (false
รบ
-
-