diff options
Diffstat (limited to 'eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api')
3 files changed, 79 insertions, 2 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpAddableChainingMetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpAddableChainingMetadataProvider.java new file mode 100644 index 00000000..8e5eb715 --- /dev/null +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpAddableChainingMetadataProvider.java @@ -0,0 +1,22 @@ +package at.gv.egiz.eaaf.modules.pvp2.api.metadata; + +import javax.annotation.Nonnull; + +import at.gv.egiz.eaaf.core.api.IGarbageCollectorProcessing; + +import org.opensaml.saml.metadata.resolver.MetadataResolver; + +public interface IPvpAddableChainingMetadataProvider { + + /** + * Manually add a metadata resolver into a chaining metadata provider. + * <br> + * <b>If the chaining metadata provider also implements + * {@link IGarbageCollectorProcessing} manually added provider + * can be removed by garbage-collector process. This behavior + * depends on chaining metadata-provider implementation. </b> + * + * @param resolver Metadata provider that should be added + */ + void addMetadataResolverIntoChain(@Nonnull MetadataResolver resolver); +} diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataConfigurationFactory.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataConfigurationFactory.java index 0cf7e293..fb1352ce 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataConfigurationFactory.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataConfigurationFactory.java @@ -19,11 +19,11 @@ package at.gv.egiz.eaaf.modules.pvp2.api.metadata; -import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider; +import at.gv.egiz.eaaf.modules.pvp2.api.utils.IPvp2CredentialProvider; public interface IPvpMetadataConfigurationFactory { IPvpMetadataBuilderConfiguration generateMetadataBuilderConfiguration(String authUrl, - AbstractCredentialProvider pvpIdpCredentials); + IPvp2CredentialProvider pvpIdpCredentials); } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/utils/IPvp2CredentialProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/utils/IPvp2CredentialProvider.java new file mode 100644 index 00000000..a564efb2 --- /dev/null +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/utils/IPvp2CredentialProvider.java @@ -0,0 +1,55 @@ +package at.gv.egiz.eaaf.modules.pvp2.api.utils; + +import java.security.cert.X509Certificate; +import java.util.List; + +import javax.annotation.Nonnull; +import javax.annotation.Nullable; + +import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential; +import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException; + +public interface IPvp2CredentialProvider { + + /** + * Get Credentials to sign metadata. + * + * @return Credentials + * @throws CredentialsNotAvailableException In case of a credential error + */ + @Nonnull + EaafX509Credential getMetaDataSigningCredential() throws CredentialsNotAvailableException; + + /** + * Get Credentials to sign SAML2 messages, like AuthnRequest, Response, + * Assertions as some examples. + * + * @return Credentials + * @throws CredentialsNotAvailableException In case of a credential error + */ + @Nonnull + EaafX509Credential getMessageSigningCredential() throws CredentialsNotAvailableException; + + /** + * Get Credentials to encrypt messages, like Assertion as example. + * + * @return Credentials + * @throws CredentialsNotAvailableException In case of a credential error + */ + @Nullable + EaafX509Credential getMessageEncryptionCredential() + throws CredentialsNotAvailableException; + + /** + * Get a List of trusted {@link X509Certificate} that are available in this + * KeyStore. + * + * @return List of trusted {@link X509Certificate}, or an emptry {@link List} if + * no certificates are available + * @throws CredentialsNotAvailableException In case of a KeyStore error + */ + @Nonnull + List<X509Certificate> getTrustedCertificates() + throws CredentialsNotAvailableException; + +}
\ No newline at end of file |