Module io.helidon.security.providers.httpsign
Package io.helidon.security.providers.httpsign

Class SignedHeadersConfig

java.lang.Object
io.helidon.security.providers.httpsign.SignedHeadersConfig
public final class SignedHeadersConfig extends Object
Configuration of required and "if-present" headers to be signed.

Example for configuration based approach: 

 sign-headers: [
  # request may sign headers not specified here - only specify the ones that MUST be signed
  {
      # if method is not defined, then this is the default config
      # MUST be present and signed
      always = ["date"]
  }
  {
      method = "get"
      # MUST be present and signed
      always = ["date", "(request-target)", "host"]
      # MUST be signed IF present
      if-present = ["authorization"]
  }
 ]

  • Field Details

    • REQUEST_TARGET

      public static final String REQUEST_TARGET
      Special header "(request-target)" is used for method and path combination.
      See Also:

  • Method Details

    • create

      public static SignedHeadersConfig create(Config config)
      Load header configuration from config.
      Parameters:
      config - config instance, expecting object array as children
      Returns:
      signed headers configuration loaded from config

    • builder

      public static SignedHeadersConfig.Builder builder()
      Builder to create a new instance.
      Returns:
      new builder

    • headers

      public List<String> headers(String method, Map<String,List<String>> transportHeaders)
      Headers configured for a method with optional headers matched against actual transport headers.
      Parameters:
      method - method (such as GET)
      transportHeaders - actual headers received on the transport
      Returns:
      list of headers that must be signed

    • headers

      public List<String> headers(String method)
      Headers configured for a method.
      Parameters:
      method - method (such as GET)
      Returns:
      list of headers