Package org.wildfly.security.auth.server
Class IdentityCredentials
- java.lang.Object
-
- org.wildfly.security.auth.server.IdentityCredentials
-
- All Implemented Interfaces:
Iterable<Credential>
,CredentialSource
public abstract class IdentityCredentials extends Object implements Iterable<Credential>, CredentialSource
The public or private credentials retained by an identity, which can be used for authentication forwarding. This credentials set can contain zero or one credential of a given type and algorithm name. If the credential type does not support algorithm names, then the set can contain zero or one credential of that type. The credential set may be iterated; iteration order is not prescribed and may change if the implementation is changed.- Author:
- David M. Lloyd
-
-
Field Summary
Fields Modifier and Type Field Description static IdentityCredentials
NONE
The empty credentials object.
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Deprecated Methods Modifier and Type Method Description <C extends Credential,R>
RapplyToCredential(Class<C> credentialType, String algorithmName, AlgorithmParameterSpec parameterSpec, Function<C,R> function)
Apply the given function to the acquired credential, if it is set and of the given type and algorithm.<C extends Credential,R>
RapplyToCredential(Class<C> credentialType, String algorithmName, Function<C,R> function)
Apply the given function to the acquired credential, if it is set and of the given type and algorithm.<C extends Credential,R>
RapplyToCredential(Class<C> credentialType, Function<C,R> function)
Apply the given function to the acquired credential, if it is set and of the given type.boolean
canVerify(Class<? extends Evidence> evidenceClass, String algorithmName)
Test whether some of the credentials in this set can verify an evidence of given class and algorithm name.boolean
canVerify(Evidence evidence)
Test whether some of the credentials in this set can verify an evidence.boolean
contains(Class<? extends Credential> credentialType)
Determine whether a credential of the given type is present in this set.boolean
contains(Class<? extends Credential> credentialType, String algorithmName)
Determine whether a credential of the given type and algorithm are present in this set.abstract boolean
contains(Class<? extends Credential> credentialType, String algorithmName, AlgorithmParameterSpec parameterSpec)
Determine whether a credential of the given type and algorithm are present in this set.boolean
containsMatching(Credential credential)
Determine whether a credential of the type, algorithm, and parameters of the given credential is present in this set.<C extends Credential>
CgetCredential(Class<C> credentialType)
Acquire a credential of the given type.<C extends Credential>
CgetCredential(Class<C> credentialType, String algorithmName)
Acquire a credential of the given type and algorithm name.abstract <C extends Credential>
CgetCredential(Class<C> credentialType, String algorithmName, AlgorithmParameterSpec parameterSpec)
Acquire a credential of the given type and algorithm name.SupportLevel
getCredentialAcquireSupport(Class<? extends Credential> credentialType)
Determine whether a given credential is definitely obtainable, possibly obtainable, or definitely not obtainable.SupportLevel
getCredentialAcquireSupport(Class<? extends Credential> credentialType, String algorithmName)
Determine whether a given credential is definitely obtainable, possibly obtainable, or definitely not obtainable.SupportLevel
getCredentialAcquireSupport(Class<? extends Credential> credentialType, String algorithmName, AlgorithmParameterSpec parameterSpec)
Determine whether a given credential is definitely obtainable, possibly obtainable, or definitely not obtainable.abstract int
size()
Get the size of this credential set.Spliterator<Credential>
spliterator()
Get aSpliterator
for this credential set.boolean
verify(Supplier<Provider[]> providerSupplier, Evidence evidence)
Verify the given evidence.boolean
verify(Supplier<Provider[]> providerSupplier, Evidence evidence, Charset hashCharset)
Verify the given evidence.boolean
verify(Evidence evidence)
Verify the given evidence.boolean
verify(Evidence evidence, Charset hashCharset)
Deprecated.useverify(Supplier, Evidence, Charset)
insteadabstract IdentityCredentials
with(IdentityCredentials other)
Return a copy of this credential set with the given credential set added to it.abstract IdentityCredentials
withCredential(Credential credential)
Return a copy of this credential set, but with the given credential added to it.IdentityCredentials
without(Class<? extends Credential> credentialType)
Return a copy of this credential set without any credentials of the given type.IdentityCredentials
without(Class<? extends Credential> credentialType, String algorithmName)
Return a copy of this credential set without any credentials of the given type and algorithm name.IdentityCredentials
without(Class<? extends Credential> credentialType, String algorithmName, AlgorithmParameterSpec parameterSpec)
Return a copy of this credential set without any credentials of the given type, algorithm name and parameter spec.<C extends Credential>
IdentityCredentialswithout(Class<C> credentialType, Predicate<? super C> predicate)
Return a copy of this credential set without any credentials of the given type that match the predicate.abstract IdentityCredentials
without(Predicate<? super Credential> predicate)
Return a copy of this credential set without any credentials that match the predicate.IdentityCredentials
withoutMatching(Credential credential)
Return a copy of this credential set without any credentials with a type, algorithm name, and parameters matching that of the given credential.-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.wildfly.security.credential.source.CredentialSource
with
-
-
-
-
Field Detail
-
NONE
public static final IdentityCredentials NONE
The empty credentials object.
-
-
Method Detail
-
contains
public final boolean contains(Class<? extends Credential> credentialType)
Determine whether a credential of the given type is present in this set.- Parameters:
credentialType
- the credential type class (must not benull
)- Returns:
true
if a matching credential is contained in this set,false
otherwise
-
getCredentialAcquireSupport
public final SupportLevel getCredentialAcquireSupport(Class<? extends Credential> credentialType, String algorithmName, AlgorithmParameterSpec parameterSpec)
Description copied from interface:CredentialSource
Determine whether a given credential is definitely obtainable, possibly obtainable, or definitely not obtainable.- Specified by:
getCredentialAcquireSupport
in interfaceCredentialSource
- Parameters:
credentialType
- the credential type class (must not benull
)algorithmName
- the algorithm name, ornull
if any algorithm is acceptable or the credential type does not support algorithm namesparameterSpec
- the algorithm parameters to match, ornull
if any parameters are acceptable or the credential type does not support algorithm parameters- Returns:
- the level of support for this credential type (not
null
)
-
getCredentialAcquireSupport
public final SupportLevel getCredentialAcquireSupport(Class<? extends Credential> credentialType, String algorithmName)
Description copied from interface:CredentialSource
Determine whether a given credential is definitely obtainable, possibly obtainable, or definitely not obtainable.- Specified by:
getCredentialAcquireSupport
in interfaceCredentialSource
- Parameters:
credentialType
- the credential type class (must not benull
)algorithmName
- the algorithm name, ornull
if any algorithm is acceptable or the credential type does not support algorithm names- Returns:
- the level of support for this credential type (not
null
)
-
getCredentialAcquireSupport
public final SupportLevel getCredentialAcquireSupport(Class<? extends Credential> credentialType)
Description copied from interface:CredentialSource
Determine whether a given credential is definitely obtainable, possibly obtainable, or definitely not obtainable.- Specified by:
getCredentialAcquireSupport
in interfaceCredentialSource
- Parameters:
credentialType
- the credential type class (must not benull
)- Returns:
- the level of support for this credential type (not
null
)
-
contains
public abstract boolean contains(Class<? extends Credential> credentialType, String algorithmName, AlgorithmParameterSpec parameterSpec)
Determine whether a credential of the given type and algorithm are present in this set.- Parameters:
credentialType
- the credential type class (must not benull
)algorithmName
- the algorithm name, ornull
if any algorithm is acceptable or the credential type does not support algorithm namesparameterSpec
- the parameter specification ornull
if any parameter specification is acceptable- Returns:
true
if a matching credential is contained in this set,false
otherwise
-
contains
public final boolean contains(Class<? extends Credential> credentialType, String algorithmName)
Determine whether a credential of the given type and algorithm are present in this set.- Parameters:
credentialType
- the credential type class (must not benull
)algorithmName
- the algorithm name, ornull
if any algorithm is acceptable or the credential type does not support algorithm names- Returns:
true
if a matching credential is contained in this set,false
otherwise
-
containsMatching
public final boolean containsMatching(Credential credential)
Determine whether a credential of the type, algorithm, and parameters of the given credential is present in this set.- Parameters:
credential
- the credential to check against (must not benull
)- Returns:
true
if a matching credential is contained in this set,false
otherwise
-
getCredential
public final <C extends Credential> C getCredential(Class<C> credentialType)
Acquire a credential of the given type.- Specified by:
getCredential
in interfaceCredentialSource
- Type Parameters:
C
- the credential type- Parameters:
credentialType
- the credential type class (must not benull
)- Returns:
- the credential, or
null
if no such credential exists
-
getCredential
public final <C extends Credential> C getCredential(Class<C> credentialType, String algorithmName)
Acquire a credential of the given type and algorithm name.- Specified by:
getCredential
in interfaceCredentialSource
- Type Parameters:
C
- the credential type- Parameters:
credentialType
- the credential type class (must not benull
)algorithmName
- the algorithm name, ornull
if any algorithm is acceptable or the credential type does not support algorithm names- Returns:
- the credential, or
null
if no such credential exists
-
getCredential
public abstract <C extends Credential> C getCredential(Class<C> credentialType, String algorithmName, AlgorithmParameterSpec parameterSpec)
Acquire a credential of the given type and algorithm name.- Specified by:
getCredential
in interfaceCredentialSource
- Type Parameters:
C
- the credential type- Parameters:
credentialType
- the credential type class (must not benull
)algorithmName
- the algorithm name, ornull
if any algorithm is acceptable or the credential type does not support algorithm namesparameterSpec
- the parameter specification ornull
if any parameter specification is acceptable- Returns:
- the credential, or
null
if no such credential exists
-
applyToCredential
public final <C extends Credential,R> R applyToCredential(Class<C> credentialType, Function<C,R> function)
Apply the given function to the acquired credential, if it is set and of the given type.- Specified by:
applyToCredential
in interfaceCredentialSource
- Type Parameters:
C
- the credential typeR
- the return type- Parameters:
credentialType
- the credential type class (must not benull
)function
- the function to apply (must not benull
)- Returns:
- the result of the function, or
null
if the criteria are not met
-
applyToCredential
public final <C extends Credential,R> R applyToCredential(Class<C> credentialType, String algorithmName, Function<C,R> function)
Apply the given function to the acquired credential, if it is set and of the given type and algorithm.- Specified by:
applyToCredential
in interfaceCredentialSource
- Type Parameters:
C
- the credential typeR
- the return type- Parameters:
credentialType
- the credential type class (must not benull
)algorithmName
- the algorithm namefunction
- the function to apply (must not benull
)- Returns:
- the result of the function, or
null
if the criteria are not met
-
applyToCredential
public <C extends Credential,R> R applyToCredential(Class<C> credentialType, String algorithmName, AlgorithmParameterSpec parameterSpec, Function<C,R> function)
Apply the given function to the acquired credential, if it is set and of the given type and algorithm.- Specified by:
applyToCredential
in interfaceCredentialSource
- Type Parameters:
C
- the credential typeR
- the return type- Parameters:
credentialType
- the credential type class (must not benull
)algorithmName
- the algorithm namefunction
- the function to apply (must not benull
)parameterSpec
- the parameter specification ornull
if any parameter specification is acceptable- Returns:
- the result of the function, or
null
if the criteria are not met
-
withCredential
public abstract IdentityCredentials withCredential(Credential credential)
Return a copy of this credential set, but with the given credential added to it.- Parameters:
credential
- the credential to append (must not benull
)- Returns:
- the new credential set (not
null
)
-
with
public abstract IdentityCredentials with(IdentityCredentials other)
Return a copy of this credential set with the given credential set added to it.- Parameters:
other
- the credential set to append (must not benull
)- Returns:
- the new credential set (not
null
)
-
withoutMatching
public IdentityCredentials withoutMatching(Credential credential)
Return a copy of this credential set without any credentials with a type, algorithm name, and parameters matching that of the given credential. If the credential type, algorithm name, and parameters are not found in this set, return this instance.- Parameters:
credential
- the credential to match against (must not benull
)- Returns:
- the new credential set (not
null
)
-
without
public final IdentityCredentials without(Class<? extends Credential> credentialType)
Return a copy of this credential set without any credentials of the given type. If the credential type is not found in this set, return this instance.- Specified by:
without
in interfaceCredentialSource
- Parameters:
credentialType
- the credential type to remove (must not benull
)- Returns:
- the new credential set (not
null
)
-
without
public final IdentityCredentials without(Class<? extends Credential> credentialType, String algorithmName)
Return a copy of this credential set without any credentials of the given type and algorithm name. If the credential type and algorithm name is not found in this set, return this instance.- Specified by:
without
in interfaceCredentialSource
- Parameters:
credentialType
- the credential type to remove (must not benull
)algorithmName
- the algorithm name to remove, ornull
to match any algorithm name- Returns:
- the new credential set (not
null
)
-
without
public IdentityCredentials without(Class<? extends Credential> credentialType, String algorithmName, AlgorithmParameterSpec parameterSpec)
Return a copy of this credential set without any credentials of the given type, algorithm name and parameter spec. If the credential type and algorithm name is not found in this set, return this instance.- Specified by:
without
in interfaceCredentialSource
- Parameters:
credentialType
- the credential type to remove (must not benull
)algorithmName
- the algorithm name to remove, ornull
to match any algorithm nameparameterSpec
- the parameter spec to remove, ornull
to match any parameter spec- Returns:
- the new credential set (not
null
)
-
without
public abstract IdentityCredentials without(Predicate<? super Credential> predicate)
Return a copy of this credential set without any credentials that match the predicate. If no credentials match the predicate, return this instance.- Parameters:
predicate
- the predicate to test (must not benull
)- Returns:
- the new credential set (not
null
)
-
without
public final <C extends Credential> IdentityCredentials without(Class<C> credentialType, Predicate<? super C> predicate)
Return a copy of this credential set without any credentials of the given type that match the predicate. If no credentials match the predicate, return this instance.- Type Parameters:
C
- the credential type- Parameters:
credentialType
- the credential type classpredicate
- the predicate to test (must not benull
)- Returns:
- the new credential set (not
null
)
-
spliterator
public Spliterator<Credential> spliterator()
Get aSpliterator
for this credential set.- Specified by:
spliterator
in interfaceIterable<Credential>
- Returns:
- the spliterator (not
null
)
-
canVerify
public boolean canVerify(Class<? extends Evidence> evidenceClass, String algorithmName)
Test whether some of the credentials in this set can verify an evidence of given class and algorithm name.- Parameters:
evidenceClass
- the class of the evidence (must not benull
)algorithmName
- the algorithm name (may benull
if the type of evidence does not support algorithm names)- Returns:
true
if the evidence can be verified
-
canVerify
public boolean canVerify(Evidence evidence)
Test whether some of the credentials in this set can verify an evidence.- Parameters:
evidence
- the evidence (must not benull
)- Returns:
true
if the evidence can be verified
-
verify
public boolean verify(Evidence evidence)
Verify the given evidence.- Parameters:
evidence
- the evidence to verify (must not benull
)- Returns:
true
if the evidence is verified,false
otherwise
-
verify
public boolean verify(Supplier<Provider[]> providerSupplier, Evidence evidence)
Verify the given evidence.- Parameters:
providerSupplier
- the provider supplier to use for verification purposes (must not benull
)evidence
- the evidence to verify (must not benull
)- Returns:
true
if the evidence is verified,false
otherwise
-
verify
@Deprecated public boolean verify(Evidence evidence, Charset hashCharset)
Deprecated.useverify(Supplier, Evidence, Charset)
insteadVerify the given evidence.- Parameters:
evidence
- the evidence to verify (must not benull
)- Returns:
true
if the evidence is verified,false
otherwise
-
verify
public boolean verify(Supplier<Provider[]> providerSupplier, Evidence evidence, Charset hashCharset)
Verify the given evidence.- Parameters:
providerSupplier
- the provider supplier to use for verification purposes (must not benull
)evidence
- the evidence to verify (must not benull
)- Returns:
true
if the evidence is verified,false
otherwise
-
size
public abstract int size()
Get the size of this credential set.- Returns:
- the size of this credential set
-
-