Package org.wildfly.security.credential.source

Interface CredentialSource

    • Method Detail

      • getCredentialAcquireSupport

        SupportLevel getCredentialAcquireSupport​(Class<? extends Credential> credentialType,
                                         String algorithmName,
                                         AlgorithmParameterSpec parameterSpec)
                                  throws IOException
        Determine whether a given credential is definitely obtainable, possibly obtainable, or definitely not obtainable.
        Parameters:
        credentialType - the credential type class (must not be null)
        algorithmName - the algorithm name, or null if any algorithm is acceptable or the credential type does not support algorithm names
        parameterSpec - the algorithm parameters to match, or null if any parameters are acceptable or the credential type does not support algorithm parameters
        Returns:
        the level of support for this credential type (not null)
        Throws:
        IOException - if the credential source failed to determine the support level

      • getCredentialAcquireSupport

        default SupportLevel getCredentialAcquireSupport​(Class<? extends Credential> credentialType,
                                                 String algorithmName)
                                          throws IOException
        Determine whether a given credential is definitely obtainable, possibly obtainable, or definitely not obtainable.
        Parameters:
        credentialType - the credential type class (must not be null)
        algorithmName - the algorithm name, or null if any algorithm is acceptable or the credential type does not support algorithm names
        Returns:
        the level of support for this credential type (not null)
        Throws:
        IOException - if the credential source failed to determine the support level

      • getCredentialAcquireSupport

        default SupportLevel getCredentialAcquireSupport​(Class<? extends Credential> credentialType)
                                          throws IOException
        Determine whether a given credential is definitely obtainable, possibly obtainable, or definitely not obtainable.
        Parameters:
        credentialType - the credential type class (must not be null)
        Returns:
        the level of support for this credential type (not null)
        Throws:
        IOException - if the credential source failed to determine the support level

      • getCredential

        <C extends Credential> C getCredential​(Class<C> credentialType,
                                       String algorithmName,
                                       AlgorithmParameterSpec parameterSpec)
                                throws IOException
        Acquire a credential of the given type. The credential type is defined by its Class and an optional algorithmName. If the algorithm name is not given, then the query is performed for any algorithm of the given type.
        Type Parameters:
        C - the credential type
        Parameters:
        credentialType - the credential type class (must not be null)
        algorithmName - the algorithm name, or null if any algorithm is acceptable or the credential type does not support algorithm names
        parameterSpec - the algorithm parameters to match, or null if any parameters are acceptable or the credential type does not support algorithm parameters
        Returns:
        the credential, or null if the principal has no credential of that type
        Throws:
        IOException - if the realm is not able to handle requests for any reason
        IllegalStateException - if no authentication has been initiated or authentication is already completed

      • getCredential

        default <C extends Credential> C getCredential​(Class<C> credentialType,
                                               String algorithmName)
                                        throws IOException
        Acquire a credential of the given type. The credential type is defined by its Class and an optional algorithmName. If the algorithm name is not given, then the query is performed for any algorithm of the given type.
        Type Parameters:
        C - the credential type
        Parameters:
        credentialType - the credential type class (must not be null)
        algorithmName - the algorithm name, or null if any algorithm is acceptable or the credential type does not support algorithm names
        Returns:
        the credential, or null if the principal has no credential of that type
        Throws:
        IOException - if the realm is not able to handle requests for any reason
        IllegalStateException - if no authentication has been initiated or authentication is already completed

      • getCredential

        default <C extends Credential> C getCredential​(Class<C> credentialType)
                                        throws IOException
        Acquire a credential of the given type. The credential type is defined by its Class and an optional algorithmName. If the algorithm name is not given, then the query is performed for any algorithm of the given type.
        Type Parameters:
        C - the credential type
        Parameters:
        credentialType - the credential type class (must not be null)
        Returns:
        the credential, or null if the principal has no credential of that type
        Throws:
        IOException - if the realm is not able to handle requests for any reason
        IllegalStateException - if no authentication has been initiated or authentication is already completed

      • applyToCredential

        default <C extends Credential,​R> R applyToCredential​(Class<C> credentialType,
                                                           Function<C,​R> function)
                                                    throws IOException
        Apply the given function to the acquired credential, if it is set and of the given type.
        Type Parameters:
        C - the credential type
        R - the return type
        Parameters:
        credentialType - the credential type class (must not be null)
        function - the function to apply (must not be null)
        Returns:
        the result of the function, or null if the criteria are not met
        Throws:
        IOException - if the realm is not able to handle requests for any reason
        IllegalStateException - if no authentication has been initiated or authentication is already completed

      • applyToCredential

        default <C extends Credential,​R> R applyToCredential​(Class<C> credentialType,
                                                           String algorithmName,
                                                           Function<C,​R> function)
                                                    throws IOException
        Apply the given function to the acquired credential, if it is set and of the given type and algorithm.
        Type Parameters:
        C - the credential type
        R - the return type
        Parameters:
        credentialType - the credential type class (must not be null)
        algorithmName - the algorithm name
        function - the function to apply (must not be null)
        Returns:
        the result of the function, or null if the criteria are not met
        Throws:
        IOException - if the realm is not able to handle requests for any reason
        IllegalStateException - if no authentication has been initiated or authentication is already completed

      • applyToCredential

        default <C extends Credential,​R> R applyToCredential​(Class<C> credentialType,
                                                           String algorithmName,
                                                           AlgorithmParameterSpec parameterSpec,
                                                           Function<C,​R> function)
                                                    throws IOException
        Apply the given function to the acquired credential, if it is set and of the given type and algorithm with the given parameters.
        Type Parameters:
        C - the credential type
        R - the return type
        Parameters:
        credentialType - the credential type class (must not be null)
        algorithmName - the algorithm name
        parameterSpec - the parameter specification or null if any parameter specification is acceptable
        function - the function to apply (must not be null)
        Returns:
        the result of the function, or null if the criteria are not met
        Throws:
        IOException - if the realm is not able to handle requests for any reason
        IllegalStateException - if no authentication has been initiated or authentication is already completed

      • with

        default CredentialSource with​(CredentialSource other)
        Aggregate this credential source with another.
        Parameters:
        other - the other credential source (must not be null)
        Returns:
        the aggregated credential source (not null)

      • without

        default CredentialSource without​(Class<? extends Credential> credentialType)
        Get a derived credential source which excludes credentials of the given type.
        Parameters:
        credentialType - the credential type to exclude (must not be null)
        Returns:
        the derived credential source (not null)

      • without

        default CredentialSource without​(Class<? extends Credential> credentialType,
                                 String algorithmName)
        Get a derived credential source which excludes credentials of the given type and optional algorithm.
        Parameters:
        credentialType - the credential type to exclude (must not be null)
        algorithmName - the algorithm name to exclude, or null to exclude all algorithms (or for credential types which do not use algorithms)
        Returns:
        the derived credential source (not null)

      • without

        default CredentialSource without​(Class<? extends Credential> credentialType,
                                 String algorithmName,
                                 AlgorithmParameterSpec parameterSpec)
        Get a derived credential source which excludes credentials of the given type and optional algorithm.
        Parameters:
        credentialType - the credential type to exclude (must not be null)
        algorithmName - the algorithm name to exclude, or null to exclude all algorithms (or for credential types which do not use algorithms)
        parameterSpec - the parameter specification or null if any parameter specification is acceptable
        Returns:
        the derived credential source (not null)

      • fromSecurityFactory

        static CredentialSource fromSecurityFactory​(SecurityFactory<? extends Credential> credentialFactory)
        Get a credential source from the given security factory. The factory is queried on each request. If the value should be cached after the first request, use OneTimeSecurityFactory.
        Parameters:
        credentialFactory - the credential factory (must not be null)
        Returns:
        the credential source (not null)