@Immutable public class TLSClientAuthentication extends ClientAuthentication
self_signed_tls_client_auth
which
relies on a self-signed certificate. Implements
ClientAuthenticationMethod.TLS_CLIENT_AUTH
.
Related specifications:
Constructor and Description |
---|
TLSClientAuthentication(ClientID clientID,
SSLSocketFactory sslSocketFactory)
Creates a new PKI mutual TLS client authentication.
|
TLSClientAuthentication(ClientID clientID,
String certSubjectDN)
Creates a new PKI mutual TLS client authentication.
|
Modifier and Type | Method and Description |
---|---|
void |
applyTo(HTTPRequest httpRequest)
Applies the authentication to the specified HTTP request by setting
its Authorization header and/or POST entity-body parameters
(according to the implemented client authentication method).
|
String |
getClientX509CertificateSubjectDN()
Gets the subject DN of the received validated client X.509
certificate.
|
SSLSocketFactory |
getSSLSocketFactory()
Returns the SSL socket factory to use for an outgoing HTTPS request
and to present the client certificate(s).
|
static TLSClientAuthentication |
parse(HTTPRequest httpRequest)
Parses a PKI mutual TLS client authentication from the specified
HTTP request.
|
getClientID, getMethod
public TLSClientAuthentication(ClientID clientID, SSLSocketFactory sslSocketFactory)
clientID
- The client identifier. Must not be
null
.sslSocketFactory
- The SSL socket factory to use for the
outgoing HTTPS request and to present the
client certificate(s), null
to use
the default one.public TLSClientAuthentication(ClientID clientID, String certSubjectDN)
clientID
- The client identifier. Must not be
null
.certSubjectDN
- The subject DN of the received validated client
X.509 certificate. Must not be null
.public String getClientX509CertificateSubjectDN()
public static TLSClientAuthentication parse(HTTPRequest httpRequest) throws ParseException
httpRequest
- The HTTP request to parse. Must not be
null
and must include a validated client
X.509 certificate.ParseException
- If the client_id
or client X.509
certificate is missing.public SSLSocketFactory getSSLSocketFactory()
null
to use the default one.public void applyTo(HTTPRequest httpRequest)
ClientAuthentication
applyTo
in class ClientAuthentication
httpRequest
- The HTTP request. Must not be null
.Copyright © 2018 Connect2id Ltd.. All rights reserved.