Package com.github.ambry.frontend

Interface IdSigningService

  • public interface IdSigningService
    Responsible for providing and verifying blob IDs that are signed with some additional metadata. The implementation should include a secure signature field that prevents other parties from tampering with the ID. The implementation can also choose to encrypt/decrypt the signed ID. The generated signed ID must be URL-safe.

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      java.lang.String getSignedId​(java.lang.String blobId, java.util.Map<java.lang.String,​java.lang.String> metadata)
      Get a signed ID based on the input blob ID and provided metadata.
      boolean isIdSigned​(java.lang.String id)
      Implementations of this method should transparently handle any valid ID prefixes or suffixes (leading slashes, etc.) that may be added by an IdConverter.
      com.github.ambry.utils.Pair<java.lang.String,​java.util.Map<java.lang.String,​java.lang.String>> parseSignedId​(java.lang.String signedId)
      Verify that the signed ID has not been tampered with and extract the blob ID and additional metadata from the signed ID.

    • Method Detail

      • getSignedId

        java.lang.String getSignedId​(java.lang.String blobId,
                             java.util.Map<java.lang.String,​java.lang.String> metadata)
                      throws RestServiceException
        Get a signed ID based on the input blob ID and provided metadata. May not do any checking to ensure that the request is authorized to generate a signed ID.
        Parameters:
        blobId - the blob ID to include in the signed ID.
        metadata - additional parameters to include in the signed ID.
        Returns:
        a URL-safe signed ID.
        Throws:
        RestServiceException - if the signed ID could not be generated.

      • isIdSigned

        boolean isIdSigned​(java.lang.String id)
        Implementations of this method should transparently handle any valid ID prefixes or suffixes (leading slashes, etc.) that may be added by an IdConverter.
        Parameters:
        id - the input ID to check.
        Returns:
        true if the ID is signed. false otherwise

      • parseSignedId

        com.github.ambry.utils.Pair<java.lang.String,​java.util.Map<java.lang.String,​java.lang.String>> parseSignedId​(java.lang.String signedId)
                                                                                                                  throws RestServiceException
        Verify that the signed ID has not been tampered with and extract the blob ID and additional metadata from the signed ID. Implementations of this method should transparently handle any valid ID prefixes or suffixes (leading slashes, etc.) that may be added by an IdConverter.
        Returns:
        a Pair that contains the blob ID and additional metadata parsed from the signed ID.
        Throws:
        RestServiceException - if there are problems verifying or parsing the ID.