summaryrefslogtreecommitdiff
path: root/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api
diff options
context:
space:
mode:
Diffstat (limited to 'eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api')
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpAddableChainingMetadataProvider.java22
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataConfigurationFactory.java4
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/utils/IPvp2CredentialProvider.java55
3 files changed, 79 insertions, 2 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpAddableChainingMetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpAddableChainingMetadataProvider.java
new file mode 100644
index 00000000..8e5eb715
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpAddableChainingMetadataProvider.java
@@ -0,0 +1,22 @@
+package at.gv.egiz.eaaf.modules.pvp2.api.metadata;
+
+import javax.annotation.Nonnull;
+
+import at.gv.egiz.eaaf.core.api.IGarbageCollectorProcessing;
+
+import org.opensaml.saml.metadata.resolver.MetadataResolver;
+
+public interface IPvpAddableChainingMetadataProvider {
+
+ /**
+ * Manually add a metadata resolver into a chaining metadata provider.
+ * <br>
+ * <b>If the chaining metadata provider also implements
+ * {@link IGarbageCollectorProcessing} manually added provider
+ * can be removed by garbage-collector process. This behavior
+ * depends on chaining metadata-provider implementation. </b>
+ *
+ * @param resolver Metadata provider that should be added
+ */
+ void addMetadataResolverIntoChain(@Nonnull MetadataResolver resolver);
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataConfigurationFactory.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataConfigurationFactory.java
index 0cf7e293..fb1352ce 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataConfigurationFactory.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataConfigurationFactory.java
@@ -19,11 +19,11 @@
package at.gv.egiz.eaaf.modules.pvp2.api.metadata;
-import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider;
+import at.gv.egiz.eaaf.modules.pvp2.api.utils.IPvp2CredentialProvider;
public interface IPvpMetadataConfigurationFactory {
IPvpMetadataBuilderConfiguration generateMetadataBuilderConfiguration(String authUrl,
- AbstractCredentialProvider pvpIdpCredentials);
+ IPvp2CredentialProvider pvpIdpCredentials);
}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/utils/IPvp2CredentialProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/utils/IPvp2CredentialProvider.java
new file mode 100644
index 00000000..a564efb2
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/utils/IPvp2CredentialProvider.java
@@ -0,0 +1,55 @@
+package at.gv.egiz.eaaf.modules.pvp2.api.utils;
+
+import java.security.cert.X509Certificate;
+import java.util.List;
+
+import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
+
+import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
+
+public interface IPvp2CredentialProvider {
+
+ /**
+ * Get Credentials to sign metadata.
+ *
+ * @return Credentials
+ * @throws CredentialsNotAvailableException In case of a credential error
+ */
+ @Nonnull
+ EaafX509Credential getMetaDataSigningCredential() throws CredentialsNotAvailableException;
+
+ /**
+ * Get Credentials to sign SAML2 messages, like AuthnRequest, Response,
+ * Assertions as some examples.
+ *
+ * @return Credentials
+ * @throws CredentialsNotAvailableException In case of a credential error
+ */
+ @Nonnull
+ EaafX509Credential getMessageSigningCredential() throws CredentialsNotAvailableException;
+
+ /**
+ * Get Credentials to encrypt messages, like Assertion as example.
+ *
+ * @return Credentials
+ * @throws CredentialsNotAvailableException In case of a credential error
+ */
+ @Nullable
+ EaafX509Credential getMessageEncryptionCredential()
+ throws CredentialsNotAvailableException;
+
+ /**
+ * Get a List of trusted {@link X509Certificate} that are available in this
+ * KeyStore.
+ *
+ * @return List of trusted {@link X509Certificate}, or an emptry {@link List} if
+ * no certificates are available
+ * @throws CredentialsNotAvailableException In case of a KeyStore error
+ */
+ @Nonnull
+ List<X509Certificate> getTrustedCertificates()
+ throws CredentialsNotAvailableException;
+
+} \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-18 17:28:40 +0000