@Immutable public class TLSClientAuthentication extends ClientAuthentication
pub_key_tls_client_auth
which
relies on direct public key binding. Implements
ClientAuthenticationMethod.TLS_CLIENT_AUTH
.
Related specifications:
Constructor and Description |
---|
TLSClientAuthentication(ClientID clientID,
SSLSocketFactory sslSocketFactory)
Creates a new TLS / X.509 certificate client authentication.
|
TLSClientAuthentication(ClientID clientID,
String certSubjectDN,
String certRootDN)
Creates a new TLS / X.509 certificate client authentication.
|
Modifier and Type | Method and Description |
---|---|
void |
applyTo(HTTPRequest httpRequest)
Applies the authentication to the specified HTTP request by setting
its Authorization header and/or POST entity-body parameters
(according to the implemented client authentication method).
|
String |
getClientX509CertificateRootDN()
Gets the root issuer DN of the received validated client X.509
certificate.
|
String |
getClientX509CertificateSubjectDN()
Gets the subject DN of the received validated client X.509
certificate.
|
SSLSocketFactory |
getSSLSocketFactory()
Returns the SSL socket factory to use for an outgoing HTTPS request
and to present the client certificate(s).
|
static TLSClientAuthentication |
parse(HTTPRequest httpRequest)
Parses a TLS / X.509 certificate client authentication from the
specified HTTP request.
|
getClientID, getMethod
public TLSClientAuthentication(ClientID clientID, SSLSocketFactory sslSocketFactory)
clientID
- The client identifier. Must not be
null
.sslSocketFactory
- The SSL socket factory to use for the
outgoing HTTPS request and to present the
client certificate(s), null
to use
the default one.public TLSClientAuthentication(ClientID clientID, String certSubjectDN, String certRootDN)
clientID
- The client identifier. Must not be
null
.certSubjectDN
- The subject DN of the received validated client
X.509 certificate. Must not be null
.certRootDN
- The root issuer DN of the received validated
client X.509 certificate, null
if not
specified.public String getClientX509CertificateSubjectDN()
public String getClientX509CertificateRootDN()
null
if not specified.public static TLSClientAuthentication parse(HTTPRequest httpRequest) throws ParseException
httpRequest
- The HTTP request to parse. Must not be
null
and must include a validated client
X.509 certificate.ParseException
- If the client_id
or client X.509
certificate is missing.public SSLSocketFactory getSSLSocketFactory()
null
to use the default one.public void applyTo(HTTPRequest httpRequest)
ClientAuthentication
applyTo
in class ClientAuthentication
httpRequest
- The HTTP request. Must not be null
.Copyright © 2017 Connect2id Ltd.. All rights reserved.