Package io.helidon.security.providers.httpsign

Class OutboundTargetDefinition

java.lang.Object

io.helidon.security.providers.httpsign.OutboundTargetDefinition

public final class OutboundTargetDefinition
extends Object

Configuration of outbound target to sign outgoing requests.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	OutboundTargetDefinition.Builder Fluent API builder to build OutboundTargetDefinition instances.

Method Summary

Modifier and Type	Method and Description
String	algorithm() Algorithm used by this signature.
static OutboundTargetDefinition.Builder	builder(Config config) Create a builder from configuration.
static OutboundTargetDefinition.Builder	builder(String keyId) Get a new builder .
static OutboundTargetDefinition	create(Config config) Create an instance from configuration.
HttpSignHeader	header() Header to store signature in.
Optional<byte[]>	hmacSharedSecret() Shared secret for HMAC based algorithms.
Optional<KeyConfig>	keyConfig() Private key configuration for RSA based algorithms.
String	keyId() Key id of this service (will be mapped by target service to validate signature).
SignedHeadersConfig	signedHeadersConfig() Configuration of method to headers to define headers to be signed.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

builder

public static OutboundTargetDefinition.Builder builder(String keyId)

Get a new builder .

Parameters:

keyId - keyId to send with signature

Returns:

builder instance

builder

public static OutboundTargetDefinition.Builder builder(Config config)

Create a builder from configuration.

Parameters:

config - configuration located at this target, expects "key-id" to be a child

Returns:

builder instance

create

public static OutboundTargetDefinition create(Config config)

Create an instance from configuration.

Parameters:

config - configuration located at this outbound key, expects "key-id" to be a child

Returns:

new instance configured from config

keyId

public String keyId()

Key id of this service (will be mapped by target service to validate signature).

Returns:

key id string (may be an API key, key fingerprint, service name etc.)

algorithm

public String algorithm()

Algorithm used by this signature.

Returns:

algorithm

keyConfig

public Optional<KeyConfig> keyConfig()

Private key configuration for RSA based algorithms.

Returns:

private key location and configuration or empty optional if not configured

hmacSharedSecret

public Optional<byte[]> hmacSharedSecret()

Shared secret for HMAC based algorithms.

Returns:

shared secret or empty optional if not configured

header

public HttpSignHeader header()

Header to store signature in.

Returns:

header type

signedHeadersConfig

public SignedHeadersConfig signedHeadersConfig()

Configuration of method to headers to define headers to be signed.

The following headers have special handling:

• date - if not present and required, will be added to request
• host - if not present and required, will be added to request from target URI
• (request-target) - as per spec, calculated from method and path
• authorization - if header() returns HttpSignHeader.AUTHORIZATION it is ignored

Returns:

configuration of headers to be signed