@Immutable public class SelfSignedTLSClientAuthentication extends ClientAuthentication
tls_client_auth
which relies on PKI binding.
Implements ClientAuthenticationMethod.SELF_SIGNED_TLS_CLIENT_AUTH
.
Related specifications:
Constructor and Description |
---|
SelfSignedTLSClientAuthentication(ClientID clientID,
SSLSocketFactory sslSocketFactory)
Creates a new self-signed certificate mutual TLS client
authentication.
|
SelfSignedTLSClientAuthentication(ClientID clientID,
X509Certificate x509Certificate)
Creates a new self-signed certificate mutual TLS client
authentication.
|
Modifier and Type | Method and Description |
---|---|
void |
applyTo(HTTPRequest httpRequest)
Applies the authentication to the specified HTTP request by setting
its Authorization header and/or POST entity-body parameters
(according to the implemented client authentication method).
|
X509Certificate |
getClientX509Certificate()
Returns the validated client X.509 certificate from the received
HTTPS request.
|
SSLSocketFactory |
getSSLSocketFactory()
Returns the SSL socket factory to use for an outgoing HTTPS request
and to present the client certificate(s).
|
static SelfSignedTLSClientAuthentication |
parse(HTTPRequest httpRequest)
Parses a self-signed certificate mutual TLS client authentication
from the specified HTTP request.
|
getClientID, getMethod
public SelfSignedTLSClientAuthentication(ClientID clientID, SSLSocketFactory sslSocketFactory)
clientID
- The client identifier. Must not be
null
.sslSocketFactory
- The SSL socket factory to use for the
outgoing HTTPS request and to present the
client certificate(s), null
to use
the default one.public SelfSignedTLSClientAuthentication(ClientID clientID, X509Certificate x509Certificate)
clientID
- The client identifier. Must not be
null
.x509Certificate
- The validated client X.509 certificate from
the received HTTPS request. Must not be
null
.public X509Certificate getClientX509Certificate()
null
for an outgoing
HTTPS request.public static SelfSignedTLSClientAuthentication parse(HTTPRequest httpRequest) throws ParseException
httpRequest
- The HTTP request to parse. Must not be
null
and must include a validated client
X.509 certificate.ParseException
- If the client_id
or client X.509
certificate is missing.public SSLSocketFactory getSSLSocketFactory()
null
to use the default one.public void applyTo(HTTPRequest httpRequest)
ClientAuthentication
applyTo
in class ClientAuthentication
httpRequest
- The HTTP request. Must not be null
.Copyright © 2018 Connect2id Ltd.. All rights reserved.